Re: [regext] Fwd: New Version Notification for draft-ietf-regext-rdap-reverse-search-16.txt
Mario Loffredo <mario.loffredo@iit.cnr.it> Mon, 28 November 2022 18:22 UTC
Return-Path: <mario.loffredo@iit.cnr.it>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D3FAC1526E3 for <regext@ietfa.amsl.com>; Mon, 28 Nov 2022 10:22:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nd1DzOkLM2cm for <regext@ietfa.amsl.com>; Mon, 28 Nov 2022 10:22:29 -0800 (PST)
Received: from iit.cnr.it (mx4.iit.cnr.it [146.48.58.11]) by ietfa.amsl.com (Postfix) with ESMTP id 7F3A7C14F606 for <regext@ietf.org>; Mon, 28 Nov 2022 10:22:28 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx4.iit.cnr.it (Postfix) with ESMTP id D13C7B80A60; Mon, 28 Nov 2022 19:22:26 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mx4.iit.cnr.it
Received: from iit.cnr.it ([127.0.0.1]) by localhost (mx4.iit.cnr.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FGmtxTdI7_Hf; Mon, 28 Nov 2022 19:22:23 +0100 (CET)
Received: from [192.168.16.66] (sa.nic.it [192.12.193.247]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by mx4.iit.cnr.it (Postfix) with ESMTPSA id 21973B8024F; Mon, 28 Nov 2022 19:22:23 +0100 (CET)
Message-ID: <470775a9-7e6f-031f-7d98-de4b611f7b81@iit.cnr.it>
Date: Mon, 28 Nov 2022 19:19:20 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0
To: "regext@ietf.org" <regext@ietf.org>, "pawel.kowalik@ionos.com" <pawel.kowalik@ionos.com>
References: <166904400845.63178.12808486915076028699@ietfa.amsl.com> <3cf24684-e89c-2565-e2ae-be797359ebc4@iit.cnr.it> <Y3zH8UtSf4QMwHU5@TomH-802418> <3d566ca4-999e-4e72-e8f1-2e9dd65d2440@iit.cnr.it> <Y39njQxonjw4vw21@TomH-802418> <85c931a7-7800-6f57-6eed-5115fc1d448c@iit.cnr.it> <Y4Pbb2exb8B34eXc@TomH-802418>
From: Mario Loffredo <mario.loffredo@iit.cnr.it>
In-Reply-To: <Y4Pbb2exb8B34eXc@TomH-802418>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/G2l7oOcKdg7OlW2xUBTKBG364Y8>
Subject: Re: [regext] Fwd: New Version Notification for draft-ietf-regext-rdap-reverse-search-16.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2022 18:22:33 -0000
Hi Tom, please find my comments below prefixed with ML3. Il 27/11/2022 22:49, Tom Harrison ha scritto: > Hi Mario, > > On Fri, Nov 25, 2022 at 02:18:35PM +0100, Mario Loffredo wrote: >> Il 24/11/2022 13:46, Tom Harrison ha scritto: >>> This is the part I (still) don't follow, sorry. The fact that the >>> label is a JSON value in the "reverse_search_properties" member of >>> the help response does not mean that the label needs to be >>> registered in the "RDAP JSON Values" registry, as best I can tell. >> [ML2] Per my understanding of the introduction of RFC8126, any >> constant defined in a protocol should be registered. >> >> Since the "reverse_search_properties" member includes some >> pre-defined JSON values, they can be added to the "RDAP JSON Values" >> registry. >> >> Many protocols make use of points of extensibility that use >> constants to identify various protocol parameters. To ensure >> that the values in these fields do not have conflicting uses and >> to promote interoperability, their allocations are often >> coordinated by a central record keeper. > Thanks, this was the part I was missing. > >>>> The content of "reverse_search_properties" member disambiguates >>>> the meaning of that labels in the context of the reverse search >>>> queries a server supports, e.g. an RDAP server could provide >>>> >>>> "domains/reverse_search/entity?handle" rather than >>>> "nameservers/reverse_search/entity?handle" or both of them. >>>> >>>> That said, I admit that the description of the "handle" entry as >>>> presented in the document is tailored on the "entity" as related >>>> resource type so, if there is consensus on this way to go, I'll >>>> make it more generic. >>> I don't see how the entry could be made more generic with respect >>> to the related resource type. Even the current descriptions are >>> arguably too broad, since they do not limit the searchable object >>> type to one of domains, nameservers, or entities (being the three >>> searchable object types mentioned in section 2) but could e.g. be >>> read as applying to IP networks and ASNs as well. A separate >>> registry would fix this problem. [ML3] I don't have any objection to opt for a separate registry. Provided that there is no concern on using a separate registry from other WG members, I'll come up with a new proposal on the mailing list shortly. >> [ML2] I would simply remove the reference to the "entity" object >> class as in the following: >> >> OLD >> >> When the related resource type in a reverse search query is >> "entity", it signals that the RDAP server supports the reverse >> search based on the "fn"property of an entity associated with the >> selected searchable resource type >> >> NEW >> >> It signals that the RDAP server supports the reverse search based on >> the "fn"property of the given resource type associated with the >> given searchable resource type >> >> As I wrote in my previous mail, the reverse search property maps a >> property of the related resource type in a reverse search query. The >> searchable resource type is just needed to specify which reverse >> query an RDAP operator is willing to support but this information is >> included in the "reverse_search_properties" help response extension. >> >> This approach would minimize the number entries compared to those >> required for a registry including all the variables in the reverse >> search query model. >> >> In fact, having defined four reverse search properties and based on >> the fact that the object class entity is associated to any RFC9083 >> object class, the pre-defined entries of a possible "Reverse Search >> Properties" registry should be the following: >> >> (domains|nameservers|entities) - entity - handle >> >> (domains|nameservers|entities) - entity - fn >> >> (domains|nameservers|entities) - entity - email >> >> (domains|nameservers|entities) - entity - role >> >> domains - nameserver - handle >> >> Applying reverse search to ips and autnums searchable resource types >> without declaring additional properties would add no entry to "RDAP >> JSON Values" registry instead of eight additional entries in the >> "Reverse Search Properties" registry. > My main concern here is that the reverse search document defines > behaviour for searchable object types that contain an 'entities' > member which is a list of entity-type objects, with the further > requirement that the 'fn' and 'email' searches only work correctly for > entity-type objects containing vCards (i.e. they won't work for > entity-type objects containing JSContact records). Defining the > registry property generically runs the risk of server implementors > adding reverse search properties for other object types (searchable or > related), without properly defining the behaviour for those searches. > Using the existing registry is fine (IMHO) if the text limits the > search to the cases considered by this document. (That does mean that > it's not possible to register more than one reverse search for a given > name, but maybe that's not a serious problem in practice, given that > implementors can just choose another name if necessary.) > >>> But there's no way to prevent collisions from happening, if custom >>> reverse search properties are supported. If server S1 uses a >>> custom reverse search property named P, and server S2 then >>> registers with IANA a property with the same name, then there will >>> be a collision between the two names. It won't necessarily be >>> possible for S2 to confirm that P hasn't previously been used. >> [ML2] Even now there is no real way to prevent collisions since >> extension identifiers and JSON values are normally used for long >> before they are registered. >> >> Currently, only when an extension is considered stable, the related >> identifier is registered. >> >> Think that preventing RDAP operators to provide temporary reverse >> search properties is incompatible with registries'policy of >> releasing features on test platforms for a limited period before >> running them in the live environment. > I can see the argument here, but the document doesn't say e.g. "custom > properties may only be used temporarily, or for testing purposes", so > it doesn't prevent two servers from having two custom properties with > the same name and different behaviour, each of which is intended to be > used long-term (i.e. neither server intends to register the property, > for whatever reason). If support for custom properties is omitted > from the document, then a server wanting to support a new reverse > search property temporarily or for testing can still do that, but the > lack of in-protocol support for that makes it clear that it's not > meant to be a long-term solution. [ML3] Would like to reach the largest consensus on this point too. Therefore, my proposal is to rearrange the "reverse_search_properties" extension by removing "type" and keeping "links" anyway. The "links" member could be used to provide additional information about unregistered properties. Would it work for you? Best, Mario >>>> With regard to the meaning of your last sentence, I need a >>>> clarification. Are you meaning that inconsistencies come up >>>> because, for example, the "email" reverse search property maps the >>>> same JSON value but identified through two different JSONPaths in >>>> the RDAP response ? >>> I don't think it would be open to a server to do this under the >>> current document, because the JSONPath to "email" is defined in the >>> document itself. An example scenario where inconsistency could occur: >>> >>> - S1, S2, and S3 implement support for JSContact. >>> - S1 decides to add a custom reverse search property called "name", >>> for matching a JSContact "name" (per 2.2.1 of that document), by >>> looking at the "given" and "surname" name components for the >>> JSContact "name". >>> - S2 also adds a custom reverse search property called "name", but >>> instead matches against the JSContact "fullName". >>> - S3 also adds a custom reverse search property called "name", in the >>> same manner as S2, but if a jCard is retrieved, it falls back to >>> using the same logic as that for an "fn" reverse search per the >>> current document. >> I still think that custom properties are useful for the reasons above. >> >> On the other hand, their possible misuse should be ruled somehow. >> >> Here in the following a possible statement limiting the scope of custom >> properties: >> >> "A custom reverse search property MUST NOT collide with a registered reverse >> search property and MUST NOT match an RDAP property, or any of its variants, >> matched by a registered reverse search property." >> >> Being JSContact fullName a variant of jCard fn, both S2 and S3 can't define >> "name" as a custom property. > I still don't see how the document can require that a custom reverse > search property not collide with registered reverse search properties > as to its name or the members that it refers to, because the person > registering a new reverse seach property is not guaranteed to be aware > of all existing custom reverse search properties. The fact that a > given field is a 'variant' of another may not be obvious to > implementors, either. If any new reverse search that isn't covered by > the existing document has to be defined in an extension, then these > problems go away. > > -Tom > > _______________________________________________ > regext mailing list > regext@ietf.org > https://www.ietf.org/mailman/listinfo/regext -- Dott. Mario Loffredo Technological Unit “Digital Innovation” Institute of Informatics and Telematics (IIT) National Research Council (CNR) via G. Moruzzi 1, I-56124 PISA, Italy Phone: +39.0503153497 Web: http://www.iit.cnr.it/mario.loffredo
- [regext] Fwd: New Version Notification for draft-… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Tom Harrison
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Tom Harrison
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Tom Harrison
- Re: [regext] Fwd: New Version Notification for dr… Pawel Kowalik
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Pawel Kowalik
- Re: [regext] Fwd: New Version Notification for dr… Tom Harrison
- Re: [regext] Fwd: New Version Notification for dr… Jasdip Singh
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Mario Loffredo
- Re: [regext] Fwd: New Version Notification for dr… Pawel Kowalik
- Re: [regext] Fwd: New Version Notification for dr… Andrew Newton