[regext] Re: WGLC: draft-ietf-regext-rdap-rir-search-09
Tom Harrison <tomh@apnic.net> Tue, 16 July 2024 12:18 UTC
Return-Path: <tomh@apnic.net>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3251C151532 for <regext@ietfa.amsl.com>; Tue, 16 Jul 2024 05:18:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_HTML_ATTACH=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id joxUOuIEgulx for <regext@ietfa.amsl.com>; Tue, 16 Jul 2024 05:17:58 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01on2126.outbound.protection.outlook.com [40.107.107.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91FD8C151998 for <regext@ietf.org>; Tue, 16 Jul 2024 05:17:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gK9RqfEiAQAeJmyWh5VVF/oBltRdpY8jv+dcPDF8JxvdL4DVF8mxI2DGwUuo3s3x6PeDuoOKDKeAKilMI9usMiWGCxcZNS/nXfY979biofieafueTBC9SLK6eD3ytWdt3pe+576jrsHu2h8qa0AQ92cUPsYauEz0+1PUtmj9L69tfNLuDDYwKWR3+UDuZujG8/t/GZ+SsZuE+jRN5c2FN9hrSXbABiZFX7v0bVS0MG/X69nGeWyXsf3PjNEcBwTiP9HwY1zvJPote+7uz3ijpgtqmBx8Hle1nALFFtdLZnk1FVcIENmqMolGZI/2ddskX/VDdMZLQI6s2eiFnsbmJg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=szsdrFYFHDliesaKWVfweDWiVi55ReAGPFyZ3JBOaHs=; b=itShsiyuxW5a/1UzYZeXCL4E1uyHQjw88cZ2mfqcCiwMGGMi/eom6KJ+kjjzXh4T3ZLU7Xnn0yuHyYEkNkNhWhGacivEOrbhU5VIeEiDrS+E1CRNJmQYStIDQhCdQe8uOkGLxsgn7LuxU6vynlTzGPZTuUaviI6luJWqqP8dURrmAYx8OpZf26JPP3RZztkiOeKiphrINcnp4k/f5qrPQf9PwIcpl7gnxusrbU4RpIk5hnleybCPiFg0JPIg6cVsN1itSjoHl3OSitBxVvNFrEPTgK0Q8ChcbljDnuaiBVFCPJLpTvZWsnFtCr2SWekX+rDw1vBiD1X4/NCMxX9Rjg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=szsdrFYFHDliesaKWVfweDWiVi55ReAGPFyZ3JBOaHs=; b=Fz/fYXTi7XnaSUWuzWby8Al353aLJP7RF6UVo3G2ubEcGyAI7rpibMxclG3c2m4kymjuI3I/kum7hTwKpRU4mA4RYTA1TapWItkX9BPkziJGF9bZajpoF1GTpN888u2p0sTqeM6s9A/U0nzwZz3ZtiECuCiFwKbCJDs8d1STGKw=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
Received: from SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:273::5) by SY4P282MB3892.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:194::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7762.29; Tue, 16 Jul 2024 12:17:52 +0000
Received: from SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM ([fe80::8ec3:ea17:ca08:65b5]) by SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM ([fe80::8ec3:ea17:ca08:65b5%7]) with mapi id 15.20.7762.027; Tue, 16 Jul 2024 12:17:52 +0000
Date: Tue, 16 Jul 2024 22:17:50 +1000
From: Tom Harrison <tomh@apnic.net>
To: "Hollenbeck, Scott" <shollenbeck=40verisign.com@dmarc.ietf.org>
Message-ID: <ZpZk7udFeUPufwPM@TomH-498551.lan>
Mail-Followup-To: "Hollenbeck, Scott" <shollenbeck=40verisign.com@dmarc.ietf.org>, "galvin@elistx.com" <galvin@elistx.com>, "regext@ietf.org" <regext@ietf.org>
References: <AF4A27B5-84A4-4CDC-A3DF-0538B2E17D75@elistx.com> <fe904076b26746dea5c81b3a2d0955f6@verisign.com>
Content-Type: multipart/mixed; boundary="EYvWa/gZiApa8hQU"
Content-Disposition: inline
In-Reply-To: <fe904076b26746dea5c81b3a2d0955f6@verisign.com>
X-ClientProxiedBy: SY5PR01CA0108.ausprd01.prod.outlook.com (2603:10c6:10:246::22) To SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:273::5)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SY7P282MB4761:EE_|SY4P282MB3892:EE_
X-MS-Office365-Filtering-Correlation-Id: a799073f-2e9f-4d8b-2cd4-08dca5915076
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016|2613699012;
X-Microsoft-Antispam-Message-Info: lUF1bGd0aTn4RjPmCbDCTPKl7kvlNWzliDXkeGZgUXEz+onsaDAYVPY85SimSWjjNtZbvH+gWoLxPcYYKKBaz0qZt5oLcIDFkWyDv5ut4QyDNBdYK8J+EaZuLv/XMTSk8/WJgjaqdWfWCynNIWfBkA/1FZPECIH8LOWKFuiZdGzXKXJDl2b3Wptblw2wXlpjR6wBujT/Q4pzJdJ77QgQtBIQqbgSchfcYSULRDq8q7mE/IHoGp5jj/2ioGVImD9cVjeQTbSNyKqpH+JjYY4sS8dvmnYwckjVTYg6IP+rbJrji0m/s7IYLTDWxvNtWBssoClCoEY/5547ltLX6jBEIwCEN3hWy96NlD/c5Upn6h8kxomMeHCnF7q2H7C4IF0qRwIb6Yqr3ka3dUoFNUb4NbpjTAeudqowG9jMRRls+Iw4S3bHAsOUqzmLhuXyFOVTpTanRxgQDSmnILASb07kP4ilHkL3HLkaMCvQ1R9VulNQmv522SvFDHr2FbEpT5ZdZbp8jRN4LzYMhPBV6jGpiu+x4Vb4/5Wowol6xzTmieOeze1oaCsfkNnp6fytk5UTDcWhMcj1e2ma8p4gY9lDfCzEu3jIaJqEM2LyXYH38/qOc/ze+xFCScXl7987VAEm+xZ1KRgxm2somhOjqGlzoH80GyDs0k4pwVhERHvM6+eKKAAE+N0NU1MH7Ww+RDdkHUQJWAX0CcjtuZJ4OHAQgoyLnSac3A+F2M1TS1ZWm6llvzciSXA1YXcxDFMEgPJwfdumJ3Htrf/pPxwiCV+35+CJC5vLbb45N+btzCHNjaevuKaJ0iwnE9KCV6QexIyCf3Ag396ZXzUEgnnIIS8mVegfgSny3Mn4RkV7qPCkX46M+neIA6I38yODBDD399VghqAr0viVkRs8xeyXmkHawCal2aoRr99TIvNet09WfbmWWh0IYbJ33H1kIhCu8NGznWyrDTYa/D+2r1UBkA93q/Z+74dTA4xM4libbfJ0HPauc9ljiIcDdVz6/AVyLyZoKlJge8XJhxHlfTZGBfX/891gizbeMSa/pUp7oZqdgBBQW7Vvin2gQzPGvF/gQgcLz6dRrOPeVe9S2Gz31y0KzPLPfNicx3GTO9r98dSZdDTj8J5QPlf4kH/xUToCIldy2hk6L+or5z6XBE2EPHlhVc+XyqVMt5WeocG7WwbbGm0cPP+uEjY2I0ltZvX/4+bbBkg7fP0k5HIbjjkvksqT4r2JoNAqPfm1D0/7pjxLdZLGu6ix6Qu9SiHoyEIpxqKjzDslEf21QRK3EVmPpFAHbzkoST1Eer8DmB/8YGhnie8=
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(2613699012);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: hi+zyUYBirlZLRrMO3bvJTviVM3+MnJllz3WadEwndIXRxiypwALf3N16it2i04RhYvtKHu1hf2CPZAOQ1HiIJSRjKxD9z69DD0UFAGjYfuHH8bUmvPtT4Mk509RYUWkKKVAxlzEGf2SNBxxHZ4wSm18nZPQ7OwxGtJzkKab9k7hjh547Kcd65sl0KQ2I9MAePGAnntJHrb5yDoAz75QPh/D0dG+MChFWQ2wg5SvtoGzjTjCM1qYd5h+82dcnXvAhO43J1QA58ga4Swi01Ewt+8XtZ95ZTwWos+3FwhFLk3QmgiUGeynzZz96koGkUBc+fWG4TvfbO4h63hIGSm+5Mw4aLUKa/Rx2QDurrR+vKSvYczfrAHyM+bB4siBDjnSHLmDG4+eO09pQpShcrTYvHKsjILk7UeAx7BQ+C0fXsBvoL8z3mVrpPLXqlac+Raciy1OnDmgxkmA6/kwIE40bP5MoYhs3wk2TYNtf7wPc0m2s3Ni0oIVkLD34utlThtXircuJo38+ZRG/xrAPXxsITPy8PaLhf9bKSh+eDz90JHfKivNAs1W8ibhbrkXsi+c6a+G9F9LGA9MzBmjqHXncPWv8XRmMbPyO1xPM0exFggqA5sIwz0iQ+2YMD3D509rn5jA1zBaiAZpJOTsbP7cUC0PaL5xGBz5Z24nSj27ywfwi1oKi6/bq6erIMRH1Y5YRDWU0qAVDt+VihfsKW5reKK2Kc0CVdFqE4Vyy5GI8w9iOImnq/fSsDY0ytWptrcTmFgyMXRUdxF8alB4/OpD/PGxBgST6BxTM0IXcuWz8iHZ6uGivf9/PTnz1uCpZCuFb2Pmq8fLgh09/lgn9ji7YElRatbT67uWGH2nWlJNBDGeBDID/O5/pEKdxo82mQxVGQa5ObCbcCb9z1CA9IRApM8cA0aP+KKt7OLTbYGso90doEApU0eS1oJSBP0DUp2u8YufQXPfPF4ApaKCekxjVx7ccdXfaqVWNUDJJBFRDZwIMpVlMbNm4JwYBgB9N5KZGvbC+zrh+S32lYL6rs4BEQdkRr7zHfkDmzY0lUPTcLPyLV1QWW0m2L2MdOx3F8aUpUsep/deoIWnaCGUkY4EHIgYBf3WiycXW11GzVEi5Tgt1Dm5CIpB/jsfceU0Rk67LjBZ9RPzU3hO+tJKBO6gbOgln07r7ZnM5OnCaOJcVZyqADp558PElUOkj0//NFf8RfZuuhy1MaNt+G7tzI9aOBGKEO1CrNX9o7hOtXMDfU4lRvCXxkazOp6xvIzB9UnYo9bYqPBp9Rb7jUO/aUaPcuFL+AQmbu1c1M/xVsDKBU6Rv1S1hqxT5ITqrpsyNSw07fU0L5dVIP541x6X3XgLSAATWD//JNm1rLMD9KXfgcC+RRw2n+vu6/seQ6c7fDzKnt+H6mGbT7vQQuSuw3yEtMzrx2UZGKNyFirAKLA8b9XNhad+idtpltiRSrpfcCjVLtP3HI+g6Y/x/0TFFR3HXvVsjc37rPCkYzAKlwm1tdtitDTMfRgKBjBkUjkMbuLwFv0d4nPS/7/x9VpHK76X//x+XRBxXM08KZP32r3SVxwL32xRDvxRip/plG1JvC5aZ/vEeNYQIGynWta7QmecjbFc4Y7hqigX+hn48mmR7PymHGJFOfZ0b4nhyfSQ7iOE
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: a799073f-2e9f-4d8b-2cd4-08dca5915076
X-MS-Exchange-CrossTenant-AuthSource: SY7P282MB4761.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jul 2024 12:17:52.0096 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: N8AvyxjzqWj8jZMTrA0J65pFM7ZpQraWbDw2nuyDrs7eN7YkLwZJsXS0yiNH9Rx+
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4P282MB3892
Message-ID-Hash: C7FCZRIFOI2YBM74EFPXM4EJB2KULLIK
X-Message-ID-Hash: C7FCZRIFOI2YBM74EFPXM4EJB2KULLIK
X-MailFrom: tomh@apnic.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-regext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "galvin@elistx.com" <galvin@elistx.com>, "regext@ietf.org" <regext@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [regext] Re: WGLC: draft-ietf-regext-rdap-rir-search-09
List-Id: Registration Protocols Extensions Working Group <regext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/4GJqV8NNgtI5k0sy9d5cgz-wN94>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Owner: <mailto:regext-owner@ietf.org>
List-Post: <mailto:regext@ietf.org>
List-Subscribe: <mailto:regext-join@ietf.org>
List-Unsubscribe: <mailto:regext-leave@ietf.org>
Hi Scott, On Mon, Jul 15, 2024 at 05:19:07PM +0000, Hollenbeck, Scott wrote: > A few small things: > > The last call notice refers to the draft as "considered for > publication as a Best Current Practice". The draft describes itself > as a Standards Track candidate. I believe that's just an error in > the last call notice. > > [I-D.ietf-regext-rdap-reverse-search] is now RFC 9536. > > I'd like to see something more in the Security Considerations > section that specifically notes how search functionality increases > the risk of disclosing information that wasn't explicitly requested. > We have this text in RFC 9082: > > "Search functionality also increases the privacy risk of disclosing > object relationships that might not otherwise be obvious. For > example, a search that returns IDN variants [RFC6927] that do not > explicitly match a client-provided search pattern can disclose > information about registered domain names that might not be > otherwise available. Implementers need to consider the policy and > privacy implications of returning information that was not > explicitly requested." > > Maybe just note that the Security Considerations described in RFC > 9082 also apply here. Thanks, updates have been applied per the above (see attached for the current diff from -09). -Tom
- [regext] WGLC: draft-ietf-regext-rdap-rir-search-… James Galvin
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… Hollenbeck, Scott
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… Tom Harrison
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… Andrew Newton (andy)
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… Tom Harrison
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… James Galvin
- [regext] Re: WGLC: draft-ietf-regext-rdap-rir-sea… Mario Loffredo