draft-ietf-regext-rdap-redacted-04.txt   draft-ietf-regext-rdap-redacted-05.txt 
Network Working Group J.G. Gould Network Working Group J.G. Gould
Internet-Draft D.S. Smith Internet-Draft D.S. Smith
Intended status: Standards Track VeriSign, Inc. Intended status: Standards Track VeriSign, Inc.
Expires: 3 November 2022 J.K. Kolker Expires: 9 November 2022 J.K. Kolker
R.C. Carney R.C. Carney
GoDaddy Inc. GoDaddy Inc.
2 May 2022 8 May 2022
Redacted Fields in the Registration Data Access Protocol (RDAP) Response Redacted Fields in the Registration Data Access Protocol (RDAP) Response
draft-ietf-regext-rdap-redacted-04 draft-ietf-regext-rdap-redacted-05
Abstract Abstract
This document describes an RDAP extension for explicitly identifying This document describes an RDAP extension for explicitly identifying
redacted RDAP response fields, using JSONPath as the default redacted RDAP response fields, using JSONPath as the default
expression language. expression language.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 3 November 2022. This Internet-Draft will expire on 9 November 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 32 skipping to change at page 2, line 32
8. Security Considerations . . . . . . . . . . . . . . . . . . . 32 8. Security Considerations . . . . . . . . . . . . . . . . . . . 32
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 32
10.1. Informative References . . . . . . . . . . . . . . . . . 32 10.1. Informative References . . . . . . . . . . . . . . . . . 32
10.2. Normative References . . . . . . . . . . . . . . . . . . 33 10.2. Normative References . . . . . . . . . . . . . . . . . . 33
Appendix A. Change History . . . . . . . . . . . . . . . . . . . 34 Appendix A. Change History . . . . . . . . . . . . . . . . . . . 34
A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 34 A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 34
A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 35 A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 35
A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 35 A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 35
A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 35 A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 35
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 35 A.5. Change from 04 to 05 . . . . . . . . . . . . . . . . . . 36
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36
1. Introduction 1. Introduction
This document describes an RDAP extension for explicitly identifying This document describes an RDAP extension for explicitly identifying
redacted RDAP response fields, using JSONPath as the default redacted RDAP response fields, using JSONPath as the default
expression language. A redacted RDAP field is one that has data expression language. A redacted RDAP field is one that has data
removed from the RDAP response due to the lack of client privilege to removed from the RDAP response due to the lack of client privilege to
receive the field. This extension can be used to identify redacted receive the field. This extension can be used to identify redacted
RDAP fields in any RDAP object class, as defined in [RFC9083], or RDAP fields in any RDAP object class, as defined in [RFC9083], or
RDAP fields defined in RDAP extensions. Because an RDAP response may RDAP fields defined in RDAP extensions. Because an RDAP response may
skipping to change at page 8, line 13 skipping to change at page 8, line 13
] ]
Figure 7: Redacted Email using Replacement Value a "related" Figure 7: Redacted Email using Replacement Value a "related"
links member to a web form links member to a web form
4. Redacted RDAP Response 4. Redacted RDAP Response
4.1. RDAP Conformance 4.1. RDAP Conformance
RDAP responses that contain values described in this document MUST RDAP responses that contain values described in this document MUST
indicate conformance with this specification by including an indicate conformance with this specification by including an
rdapConformance ([RFC9083]) value of "redacted_level_0.2". The "rdapConformance" ([RFC9083]) value of "redacted_level_0_3". The
"redacted" extension identifier, used as the prefix of the "redacted_level_0_3" extension identifier is described in
rdapConformance value, is described in Section 6.1. Section 6.1.
Example rdapConformance member with the redacted extension: Example "rdapConformance" member with the redacted extension:
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted_level_0.2" "redacted_level_0_3"
] ]
Figure 8: rdapConformance with Redacted Extension Figure 8: "rdapConformance" with Redacted Extension
4.2. "redacted" Member 4.2. "redacted" Member
The "redacted" member MUST be added to the RDAP response when there The "redacted" member MUST be added to the RDAP response when there
are redacted fields. The "redacted" member is included as a member are redacted fields. The "redacted" member is included as a member
of the object class in a lookup response, such as the object classes of the object class in a lookup response, such as the object classes
defined in [RFC9083], and as a member of the object instances in a defined in [RFC9083], and as a member of the object instances in a
search response, such as the object instances defined in [RFC9083]. search response, such as the object instances defined in [RFC9083].
The "redacted" member contains an array of redacted objects with the The "redacted" member contains an array of redacted objects with the
following child members: following child members:
skipping to change at page 17, line 42 skipping to change at page 17, line 42
] ]
} }
Figure 9: Unredacted RDAP Lookup Response Figure 9: Unredacted RDAP Lookup Response
Example redacted version of an RDAP lookup response: Example redacted version of an RDAP lookup response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted_level_0.2" "redacted_level_0_3"
], ],
"objectClassName": "domain", "objectClassName": "domain",
"ldhName": "example.com", "ldhName": "example.com",
"secureDNS": { "secureDNS": {
"delegationSigned": false "delegationSigned": false
}, },
"notices": [ "notices": [
{ {
"title": "Terms of Use", "title": "Terms of Use",
"description": [ "description": [
skipping to change at page 28, line 10 skipping to change at page 28, line 10
] ]
} }
Figure 11: Unredacted RDAP Search Response Figure 11: Unredacted RDAP Search Response
Example redacted version of an RDAP search response: Example redacted version of an RDAP search response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted_level_0.2" "redacted_level_0_3"
], ],
"domainSearchResults":[ "domainSearchResults":[
{ {
"objectClassName": "domain", "objectClassName": "domain",
"ldhName": "example1.com", "ldhName": "example1.com",
"links":[ "links":[
{ {
"value":"https://example.com/rdap/domain/example1.com", "value":"https://example.com/rdap/domain/example1.com",
"rel":"self", "rel":"self",
"href":"https://example.com/rdap/domain/example1.com", "href":"https://example.com/rdap/domain/example1.com",
skipping to change at page 31, line 9 skipping to change at page 31, line 9
9. RDAP extensions should define any special JSONPath considerations 9. RDAP extensions should define any special JSONPath considerations
required to identify redacted RDAP fields if these considerations required to identify redacted RDAP fields if these considerations
are insufficient. are insufficient.
6. IANA Considerations 6. IANA Considerations
6.1. RDAP Extensions Registry 6.1. RDAP Extensions Registry
IANA is requested to register the following value in the RDAP IANA is requested to register the following value in the RDAP
Extensions Registry: Extensions Registry:
Extension identifier: redacted_level_0_3
Registry operator: Any
Published specification: This document.
Contact: IESG <iesg@ietf.org>
Intended usage: This extension identifier is used for an
"rdapConformance" value when returning the "redacted" member in
the JSON response.
Extension identifier: redacted Extension identifier: redacted
Registry operator: Any Registry operator: Any
Published specification: This document. Published specification: This document.
Contact: IESG <iesg@ietf.org> Contact: IESG <iesg@ietf.org>
Intended usage: This extension identifies the redacted fields in an Intended usage: This extension prefix identifier is used for the
RDAP response. "redacted" member returned in the JSON response.
6.2. JSON Values Registry 6.2. JSON Values Registry
Section 10.2 of [RFC9083] defines the JSON Values Registry with pre- Section 10.2 of [RFC9083] defines the JSON Values Registry with pre-
defined Type field values and the use of the "Expert Review" policy defined Type field values and the use of the "Expert Review" policy
defined in [RFC8126]. Two new JSON Values Registry Type field values defined in [RFC8126]. Two new JSON Values Registry Type field values
are used to register pre-defined redacted name and reason values: are used to register pre-defined redacted name and reason values:
"redacted name": Redacted name being registered. The registered "redacted name": Redacted name being registered. The registered
redacted name is referenced using the "type" field of the redacted name is referenced using the "type" field of the
skipping to change at page 35, line 40 skipping to change at page 35, line 48
implementation by Mario Loffredo. implementation by Mario Loffredo.
4. Added use of numbered figures for easy reference for JSON Values 4. Added use of numbered figures for easy reference for JSON Values
Registry registrations. Registry registrations.
5. Updated the example unredacted and redacted lookup responses to 5. Updated the example unredacted and redacted lookup responses to
include the "objectClassName" and "handle" members. include the "objectClassName" and "handle" members.
6. Changed RFC7482 and RFC7483 references to RFC9082 and RFC9083, 6. Changed RFC7482 and RFC7483 references to RFC9082 and RFC9083,
respectively. respectively.
A.4. Change from 03 to 04 A.4. Change from 03 to 04
1. Changed the exstension identifier to be "redacted" instead of a 1. Changed the extension identifier to be "redacted" instead of a
versioned value, which will be leveraged for both the versioned value, which will be leveraged for both the
rdapConformance value and the JSON Values. rdapConformance value and the JSON Values.
2. Changed the RDAP Conformance to be "redaced_level_0.2", which 2. Changed the RDAP Conformance to be "redaced_level_0.2", which
leveraged the extension identifier as a prefix along with leveraged the extension identifier as a prefix along with
"_level_" and a pointed version number. The version number will "_level_" and a pointed version number. The version number will
become "1.0" once the draft passes WGLC. become "1.0" once the draft passes WGLC.
3. Added the Redaction by Replacement Value Method. 3. Added the Redaction by Replacement Value Method.
A.5. Change from 04 to 05
1. Update the RDAP Extensions Registry entries to include the
identifier that is used for the RDAP conformance value and to
include the "redacted" prefix indentifier to use for the JSON
response member.
2. Changed the RDAP Conformance to be "redacted_level_0_3", which is
registered in the RDAP Extensions Registry. The RDAP Conformance
value will become "redacted_level_1" once the draft passes WGLC.
Authors' Addresses Authors' Addresses
James Gould James Gould
VeriSign, Inc. VeriSign, Inc.
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
United States of America United States of America
Email: jgould@verisign.com Email: jgould@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
David Smith David Smith
VeriSign, Inc. VeriSign, Inc.
 End of changes. 17 change blocks. 
16 lines changed or deleted 37 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/