IETF Logo Mail Archive

Re: [regext] Robert Wilton's Discuss on draft-ietf-regext-rdap-reverse-search-24: (with DISCUSS and COMMENT)

Mario Loffredo <mario.loffredo@iit.cnr.it> Thu, 24 August 2023 13:52 UTC

Return-Path: <mario.loffredo@iit.cnr.it>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A964DC131954; Thu, 24 Aug 2023 06:52:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDdqCXsCyKBV; Thu, 24 Aug 2023 06:52:39 -0700 (PDT)
Received: from mx5.iit.cnr.it (mx5.iit.cnr.it [146.48.58.12]) by ietfa.amsl.com (Postfix) with ESMTP id 19413C131813; Thu, 24 Aug 2023 06:52:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx5.iit.cnr.it (Postfix) with ESMTP id EABAEC030C; Thu, 24 Aug 2023 15:52:34 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mx5.iit.cnr.it
Received: from mx5.iit.cnr.it ([127.0.0.1]) by localhost (mx5.iit.cnr.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P6iAmkWfxLJS; Thu, 24 Aug 2023 15:52:30 +0200 (CEST)
X-Relay-Autenticated: yes
Content-Type: multipart/alternative; boundary="------------nBNdGZkNB8UvILBa5huUvaPj"
Message-ID: <65900c44-9a1d-0aaa-196f-5323ebc88119@iit.cnr.it>
Date: Thu, 24 Aug 2023 15:48:17 +0200
Mime-Version: 1.0
To: Robert Wilton <rwilton@cisco.com>, The IESG <iesg@ietf.org>
Cc: draft-ietf-regext-rdap-reverse-search@ietf.org, regext-chairs@ietf.org, regext@ietf.org, tomh@apnic.net
References: <169279601849.28214.1438749064615727794@ietfa.amsl.com>
From: Mario Loffredo <mario.loffredo@iit.cnr.it>
In-Reply-To: <169279601849.28214.1438749064615727794@ietfa.amsl.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/8OiJsNn3Tp95X24JLpNioQ0NWhM>
Subject: Re: [regext] Robert Wilton's Discuss on draft-ietf-regext-rdap-reverse-search-24: (with DISCUSS and COMMENT)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Aug 2023 13:52:43 -0000

Hi Robert,

thanks a lot for your review.

Please find my comments inline.

Il 23/08/2023 15:06, Robert Wilton via Datatracker ha scritto:
> Robert Wilton has entered the following ballot position for
> draft-ietf-regext-rdap-reverse-search-24: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer tohttps://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/  
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
>
>
> Hi,
>
> Flagging part of the IANA considerations as a DISCUSS, but I think that this
> should be easy to resolve:
>
> (1) p 11, sec 12.2.1.  Creation of the RDAP Reverse Search Registries
>
>     These registries follow the Specification Required process as defined
>     in Section 4.5 of [RFC8126].
>
>     The designated expert should prevent collisions and confirm that
>     suitable documentation, as described in Section 4.6 of [RFC8126], is
>     available to ensure interoperability.  References are not limited
>     only to RFCs and simple definitions could be described in the
>     registries themselves.
>
> I'm not sure that "simple definitions could be described in the registries
> themselves" is consistent with the "Specification Required" policy chosen above.

[ML] You are right. I'll change that sentence as in the following:

    References are not limited
    only to RFCs but can also locate document published outside of the RFC path, including informal
    documentation.

Does it work for you ?

>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> [I support John's discuss on normative references.]
>
> I also have some other comments that you may wish to consider:
>
> (2) p 14, sec 12.2.4.2.  Initial Content
>
>        +==========+==================================================+
>        | Property | Property Path                                    |
>        +==========+==================================================+
>        | fn       | $.entities[*].vcardArray[1][?(@[0]=='fn')][3]    |
>        +----------+--------------------------------------------------+
>        | handle   | $.entities[*].handle                             |
>        +----------+--------------------------------------------------+
>        | email    | $.entities[*].vcardArray[1][?(@[0]=='email')][3] |
>        +----------+--------------------------------------------------+
>        | role     | $.entities[*].roles                              |
>        +----------+--------------------------------------------------+
>
> Would it be helpful for this table to include the "Description" and "Reference"
> properties?

[ML] Do you mean the "Description" and "Reference" related to the 
specific mapping for the reverse search property or those related to the 
reverse search property ?

In the latter case they are already included in Table 2 and Table 1 
respectively.

In the first case, they are missing and must be first added to the "RDAP 
Reverse Search Mapping Registry".

Since there might be specifications proposing a diffierent maping for an 
existing reverse search property it sounds reasonable to me to add both 
of them.

>
> Minor level comments:
>
> (3) p 3, sec 1.  Introduction
>
>     The protocol described in this specification aims to extend the RDAP
>     query capabilities and response to enable reverse search based on the
>     relationships defined in RDAP between an object class for search and
>     a related object class.  The reverse search based on the domain-
>     entity relationship is treated as a particular case of such a generic
>     model.
>
> This introduction text seems to immediately jump into a defense as to why it is
> okay to standardize this functionality in an RDAP extension.  This is okay, but
> I wonder whether it wouldn't be better if the introduction only included the
> last paragraph (i.e., that is stating what extension is defined in this
> document), and the rest of the text was moved into a "Background" subsection of
> the introduction.

[ML]  Sounds reasonable to me. Then, the new Introduction section should 
be arranged as into the following:

1. Introduction

The protocol described in this specification aims to extend the RDAP
    query capabilities and response to enable reverse search based on the
    relationships defined in RDAP between an object class for search and
    a related object class.  The reverse search based on the domain-
    entity relationship is treated as a particular case of such a generic
    model.

1.1 Background

    Reverse Whois is a service provided by many web applications that
    allows users to find domain names owned by an individual or a company
    starting from the owner's details, such as name and email.  Even if
    it has been considered useful for some legal purposes (e.g.
    uncovering trademark infringements, detecting cybercrimes), its
    availability as a standardized Whois capability has been objected to
    for two main reasons, which now don't seem to conflict with an RDAP
    implementation.
.....
.....
.....

    Currently, RDAP does not provide any means for a client to search for
    the collection of domains associated with an entity [RFC9082].  A
    query (lookup or search) on domains can return the array of entities
    related to a domain with different roles (registrant, registrar,
    administrative, technical, reseller, etc.), but the reverse operation
    is not allowed.  Only reverse searches to find the collection of
    domains related to a nameserver (ldhName or ip) can be requested.
    Since an entity can be in relationship with any RDAP object
    [RFC9083], the availability of a reverse search as largely intended
    can be common to all the object classes allowed for search.  Through
    a further step of generalization, the meaning of reverse search in
    the RDAP context can be extended to include any query for retrieving
    all the objects in relationship with another matching a given search
    pattern.

Can you please confirm that it would work for you ?

>
> (4) p 7, sec 8.  Reverse Searches Based on Entity Details
>
>     Reverse search property:  fn
>     RDAP member path:  $.entities[*].vcardArray[1][?(@[0]=='fn')][3]
>     Reference:  Section 6.2.1 of [RFC6350]
>
> A minor issue, but it wasn't immediately obvious to me what 'fn' is - I
> initially presumed that it meant function, so I was wondering if some more text
> would be helpful here, and/or perhaps in the IANA registry that you are
> creating.

[ML] FN is a property of the vCard format [RFC6350] representing the 
contact name. The JSON format for the vCard data, namely jCard 
[RFC7095],  is used in RDAP responses [RFC9083] to represent contact 
information (see the member "vcardArray" in the JSONPath expression)

jCard specification states that the property names should be in lowercase.

The name 'fn' is also used in RDAP as query parameter for seacrhing 
contacts by name [RFC9082].

Besides being well-known to RDAP operators, think that the value of the 
"Description" field in the "RDAP Reverse Search" registry makes it clear 
enough the meaning of the "fn" reverse search property.


Best,

Mario

>
> Regards,
> Rob
>
>
>
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext

-- 
Dott. Mario Loffredo
Senior Technologist
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web:http://www.iit.cnr.it/mario.loffredo

v2.23.0 | Report a Bug | By Email