--- 1/draft-ietf-regext-rdap-redacted-04.txt 2022-05-10 08:13:35.146466840 -0700 +++ 2/draft-ietf-regext-rdap-redacted-05.txt 2022-05-10 08:13:35.214468551 -0700 @@ -1,21 +1,21 @@ Network Working Group J.G. Gould Internet-Draft D.S. Smith Intended status: Standards Track VeriSign, Inc. -Expires: 3 November 2022 J.K. Kolker +Expires: 9 November 2022 J.K. Kolker R.C. Carney GoDaddy Inc. - 2 May 2022 + 8 May 2022 Redacted Fields in the Registration Data Access Protocol (RDAP) Response - draft-ietf-regext-rdap-redacted-04 + draft-ietf-regext-rdap-redacted-05 Abstract This document describes an RDAP extension for explicitly identifying redacted RDAP response fields, using JSONPath as the default expression language. Status of This Memo This Internet-Draft is submitted in full conformance with the @@ -24,21 +24,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on 3 November 2022. + This Internet-Draft will expire on 9 November 2022. Copyright Notice Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights @@ -67,21 +67,22 @@ 8. Security Considerations . . . . . . . . . . . . . . . . . . . 32 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 10.1. Informative References . . . . . . . . . . . . . . . . . 32 10.2. Normative References . . . . . . . . . . . . . . . . . . 33 Appendix A. Change History . . . . . . . . . . . . . . . . . . . 34 A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 34 A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 35 A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 35 A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 35 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 35 + A.5. Change from 04 to 05 . . . . . . . . . . . . . . . . . . 36 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 1. Introduction This document describes an RDAP extension for explicitly identifying redacted RDAP response fields, using JSONPath as the default expression language. A redacted RDAP field is one that has data removed from the RDAP response due to the lack of client privilege to receive the field. This extension can be used to identify redacted RDAP fields in any RDAP object class, as defined in [RFC9083], or RDAP fields defined in RDAP extensions. Because an RDAP response may @@ -306,32 +307,32 @@ ] Figure 7: Redacted Email using Replacement Value a "related" links member to a web form 4. Redacted RDAP Response 4.1. RDAP Conformance RDAP responses that contain values described in this document MUST indicate conformance with this specification by including an - rdapConformance ([RFC9083]) value of "redacted_level_0.2". The - "redacted" extension identifier, used as the prefix of the - rdapConformance value, is described in Section 6.1. + "rdapConformance" ([RFC9083]) value of "redacted_level_0_3". The + "redacted_level_0_3" extension identifier is described in + Section 6.1. - Example rdapConformance member with the redacted extension: + Example "rdapConformance" member with the redacted extension: "rdapConformance": [ "rdap_level_0", - "redacted_level_0.2" + "redacted_level_0_3" ] - Figure 8: rdapConformance with Redacted Extension + Figure 8: "rdapConformance" with Redacted Extension 4.2. "redacted" Member The "redacted" member MUST be added to the RDAP response when there are redacted fields. The "redacted" member is included as a member of the object class in a lookup response, such as the object classes defined in [RFC9083], and as a member of the object instances in a search response, such as the object instances defined in [RFC9083]. The "redacted" member contains an array of redacted objects with the following child members: @@ -767,21 +768,21 @@ ] } Figure 9: Unredacted RDAP Lookup Response Example redacted version of an RDAP lookup response: { "rdapConformance": [ "rdap_level_0", - "redacted_level_0.2" + "redacted_level_0_3" ], "objectClassName": "domain", "ldhName": "example.com", "secureDNS": { "delegationSigned": false }, "notices": [ { "title": "Terms of Use", "description": [ @@ -1229,21 +1230,21 @@ ] } Figure 11: Unredacted RDAP Search Response Example redacted version of an RDAP search response: { "rdapConformance": [ "rdap_level_0", - "redacted_level_0.2" + "redacted_level_0_3" ], "domainSearchResults":[ { "objectClassName": "domain", "ldhName": "example1.com", "links":[ { "value":"https://example.com/rdap/domain/example1.com", "rel":"self", "href":"https://example.com/rdap/domain/example1.com", @@ -1370,26 +1371,34 @@ 9. RDAP extensions should define any special JSONPath considerations required to identify redacted RDAP fields if these considerations are insufficient. 6. IANA Considerations 6.1. RDAP Extensions Registry IANA is requested to register the following value in the RDAP Extensions Registry: + Extension identifier: redacted_level_0_3 + Registry operator: Any + Published specification: This document. + Contact: IESG + Intended usage: This extension identifier is used for an + "rdapConformance" value when returning the "redacted" member in + the JSON response. + Extension identifier: redacted Registry operator: Any Published specification: This document. Contact: IESG - Intended usage: This extension identifies the redacted fields in an - RDAP response. + Intended usage: This extension prefix identifier is used for the + "redacted" member returned in the JSON response. 6.2. JSON Values Registry Section 10.2 of [RFC9083] defines the JSON Values Registry with pre- defined Type field values and the use of the "Expert Review" policy defined in [RFC8126]. Two new JSON Values Registry Type field values are used to register pre-defined redacted name and reason values: "redacted name": Redacted name being registered. The registered redacted name is referenced using the "type" field of the @@ -1590,30 +1600,42 @@ implementation by Mario Loffredo. 4. Added use of numbered figures for easy reference for JSON Values Registry registrations. 5. Updated the example unredacted and redacted lookup responses to include the "objectClassName" and "handle" members. 6. Changed RFC7482 and RFC7483 references to RFC9082 and RFC9083, respectively. A.4. Change from 03 to 04 - 1. Changed the exstension identifier to be "redacted" instead of a + 1. Changed the extension identifier to be "redacted" instead of a versioned value, which will be leveraged for both the rdapConformance value and the JSON Values. + 2. Changed the RDAP Conformance to be "redaced_level_0.2", which leveraged the extension identifier as a prefix along with "_level_" and a pointed version number. The version number will become "1.0" once the draft passes WGLC. 3. Added the Redaction by Replacement Value Method. +A.5. Change from 04 to 05 + + 1. Update the RDAP Extensions Registry entries to include the + identifier that is used for the RDAP conformance value and to + include the "redacted" prefix indentifier to use for the JSON + response member. + 2. Changed the RDAP Conformance to be "redacted_level_0_3", which is + registered in the RDAP Extensions Registry. The RDAP Conformance + value will become "redacted_level_1" once the draft passes WGLC. + Authors' Addresses + James Gould VeriSign, Inc. 12061 Bluemont Way Reston, VA 20190 United States of America Email: jgould@verisign.com URI: http://www.verisigninc.com David Smith VeriSign, Inc.