Re: [regext] draft-ietf-regext-rdap-redacted Support for Redaction by Replacement Value Method
"Hollenbeck, Scott" <shollenbeck@verisign.com> Fri, 25 March 2022 16:05 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 351E83A106F
for <regext@ietfa.amsl.com>; Fri, 25 Mar 2022 09:05:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id xrwMxZvZWIpA for <regext@ietfa.amsl.com>;
Fri, 25 Mar 2022 09:05:44 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id C7F433A0F64
for <regext@ietf.org>; Fri, 25 Mar 2022 09:05:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=verisign.com; l=21340; q=dns/txt; s=VRSN; t=1648224345;
h=from:to:subject:date:message-id:references:in-reply-to:
mime-version; bh=CPgml0xl6AXWm4BQM2G5t5l0Lqa0/I/wYbeF3pTO20U=;
b=mW3nnaXhbeYXGxfP6piX2uRrg4dFHofU6GtQNgGs9w1qx3zXo1rk2xt8
Z4+3uleX2TrlTWoEw6vlM2Yhi2ggioOIJcK3miih+0KHKAHo15tOubbWR
zdYbX3SLspoWYyjRe6GfdwOf+2w69jO+stdgtPsnb4rOC3yYQMw7UwrWw
mGeFaA5qT2ei9umXhm8dr0ksXMCS+ptariSxeYWXzri5kwyg4dJfwC/M4
c5NIOeq9zm8Ih0ZTsmcM+ivn2MR7ulVAdC6uJmwGoXeiY4vGghT5T9FPF
Y2qOPEA4tyLolBwcHaRRzcjETZgLsWLuPAwbslcr2AFR0Y3Zbk4nxE1np g==;
IronPort-Data: A9a23:FtiO7KlskO8eoxOgdmOQxIvo5gyzJ0RdPkR7XQ2eYbSJt16W5oE+e
lBvADTXbaqKYmPrO4chWDmFhUNV7JaGndRiTgtv/ixnRnhG+ZCaCdqVdkqrMXrCfpySERM5v
sgXM4eecp8/RCTW9kfzP7LqpiUmjPjZTbGsVb6s1kydJONBYH5JZUVLx7dg3uaE+OSEPj5hm
e8eguWGYFH0hmYkaTxKsa7ToR0/4Pio5GtD5AVmPv5B4wWFniVMXMMUKJ/qIiqjSOG4PAIaq
8UvbV2d1jmEl/v4Ior9yt4XSqCOK1LrFVDmZkB+AsBOuTAf4H1qukoHHKBEMx0P0G/Ux4oZJ
Ohl7vRcdy94ZsUgp8xAC3G0IwkmVUGR0OaaSZQXmZX7I3zuKxMA8d03ZK0FFdRwFtJMPI173
adwxAbhzvy0r7neLLqTEoGAj+x9dJW7ZNt3VntIlVk1Bt5+KXzPrjmjCXa1E17ci+gXdcsya
fb1ZhJAcFP5WT9/FW4vL75vl/uwj2vfSRdx/Qf9SaofuwA/zSRb6p60D/z4SoTTA9temVyA4
GvKuXrjGRdcP9uaodaH2iv0wLaQxmWiBdlUSO3QGv1C2TV/wkQICBoSUVa9q/SyiWagVsheM
E0b/Gwlqq1aGEmDF4WiDkDm/y/sUhg0C+RTLtU/slG0xK/vyVyLPnA0XzcQZ4lz3CMxbXlwv
rOTpPvrCjtytLHAFSqD+62VtjK9P24eKmoqaSoNVwBD4tT/rsc0lB2nZsxuH6OlkvX0FC3+h
TeQo0ADa647h9QNjrq98ECf2ne3uIKPSw8uow/QGGi/6Fo/epS+Ycqj7l2zAet8Ebt1h2Kp5
BAs8/VyJshXZX1RvERhmNkwIYw=
IronPort-HdrOrdr: A9a23:lFBa8KqZiLhMJ37AffmMPRAaV5oeeYIsimQD101hICG9Kvbo8v
xG785rsSMc6QxhIE3I9urgBEDtexnhHNtOkOss1NSZLXLbUQmTTL2KhLGKq1bd8m/Fh41gPM
xbH5SWfeefMbEMt6nHCWeDfurIi+P3l5xAzd2uqUuFYzsaEp1d0w==
X-IronPort-AV: E=Sophos;i="5.90,209,1643673600";
d="png'150?scan'150,208,217,150";a="14795679"
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by
BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.1.2375.24; Fri, 25 Mar 2022 12:05:41 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) by
BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) with mapi id 15.01.2375.024;
Fri, 25 Mar 2022 12:05:41 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "jgould=40verisign.com@dmarc.ietf.org"
<jgould=40verisign.com@dmarc.ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: draft-ietf-regext-rdap-redacted Support for Redaction by
Replacement Value Method
Thread-Index: AQHYQF2WLWRprBKlM0yuiWLai1jQCqzQP/Aw
Date: Fri, 25 Mar 2022 16:05:41 +0000
Message-ID: <9195cc43da614fa08cf604130fbee520@verisign.com>
References: <20D6877F-EB15-4BF4-8F25-3235CD4C0BCD@verisign.com>
In-Reply-To: <20D6877F-EB15-4BF4-8F25-3235CD4C0BCD@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: multipart/related;
boundary="----=_NextPart_000_000F_01D84040.A57E92D0"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/AsRASZ--2iMa11eg6LV2sDgRwOw>
Subject: Re: [regext] draft-ietf-regext-rdap-redacted Support for Redaction
by Replacement Value Method
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>,
<mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>,
<mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Mar 2022 16:05:49 -0000
Sorry to be pedantic, but the requirement doesn’t describe a form of redaction. It describes replacement. “Redaction by Replacement” is commonly implemented by obscuring sensitive information with a phrase like “[sensitive information removed]”. As long as the draft makes it clear that text being used to obscure the original value is a real, usable replacement value, then I’d be OK with option 1. Scott From: regext <regext-bounces@ietf.org> On Behalf Of Gould, James Sent: Friday, March 25, 2022 11:33 AM To: regext@ietf.org Subject: [EXTERNAL] [regext] draft-ietf-regext-rdap-redacted Support for Redaction by Replacement Value Method Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. There was discussion in the ICANN RDAP working group associated with the requirement for the “Registrar MUST publish an email address or a link to a web form for the email value to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address”, based on the IRT.Draft Registration Data Policy (OneDoc). The question for the REGEXT working group is whether replacing a value with another value (e.g., anonymized email) is a form of redaction that needs to be supported in draft-ietf-regext-rdap-redacted. This was discussed with the editors of draft-ietf-regext-rdap-redacted, and we feel this is a form of redaction. Assuming that the first question is yes, replacing a value in the RDAP response is a form of redaction, then there were three options discussed to handle it: 1. Add a third redaction method to section 3 of draft-ietf-regext-rdap-redacted, with the name “Redaction by Replacement Value Method” and with the “method” value “replacementValue” to identify a field that had its value replaced. The concrete example is the use of the anonymized email value. 2. Extend #1 by making the redaction methods extensible with the definition of another JSON Values Registry type value of “redacted method”. The three redaction method type values of “removal” for Redaction by Removal Method, “emptyValue” for Redaction by Empty Value Method, and “replacementValue” for the new Redaction by Replacement Value Method would be initially registered. 3. Rescope draft-ietf-regext-rdap-redacted to cover special handling of RDAP response fields, where redaction is one form of special handling. An IANA registry would define an extensible set of special handling types. In discussing this with the editors of draft-ietf-regext-rdap-redacted, we feel that option #1 (Add a third redaction method) is the best option. We feel that option #1 addresses the concrete issue without unneeded complexity and is flexible enough to address other forms of replacement redaction, such as the use of a privacy proxy that is not the legal contact. The second question for the REGEXT working group is which option is desired to support redaction by replacement. Thanks, -- JG James Gould Fellow Engineer <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> jgould@Verisign.com 703-948-3271 12061 Bluemont Way Reston, VA 20190 <http://secure-web.cisco.com/1WaisAhHTeg_0GXO0q00hzr10xwgagziMFrgLD6rV10RyiYA--TaCNaqcBUe_xu5jrDNNl55BCz8VmhtcPIVOsOkfqA8cmkvQE0UnstlTRosd14TgH20CpSqIwfU7BoPoDXgUo6Iz9XS6eI_d1BL7yzjReuyU2T2BIA7Cw437Bl3dZg8eII3jEmw7AZb2T-vpYQ8MuvSUCKj_dlPZqjbd4hmBHBmTtLs4OHbM0tfBio5tX_TTeFdqoVeSMwDba9H6/http%3A%2F%2Fverisigninc.com%2F> Verisign.com
- [regext] draft-ietf-regext-rdap-redacted Support … Gould, James
- Re: [regext] draft-ietf-regext-rdap-redacted Supp… Hollenbeck, Scott