IETF Logo Mail Archive

Re: [regext] Opsdir last call review of draft-ietf-regext-rdap-reverse-search-24

Tim Chown <Tim.Chown@jisc.ac.uk> Fri, 25 August 2023 09:17 UTC

Return-Path: <Tim.Chown@jisc.ac.uk>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B992C151063; Fri, 25 Aug 2023 02:17:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id No9bMwPgsh8n; Fri, 25 Aug 2023 02:17:53 -0700 (PDT)
Received: from EUR02-DB5-obe.outbound.protection.outlook.com (mail-db5eur02on2076.outbound.protection.outlook.com [40.107.249.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D109EC14CE45; Fri, 25 Aug 2023 02:17:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IhHUw/RxIOg+KgvM+zn02Ml3miWVLonTEKfDnNIjX5wzk7NZUF2mkD6KPe5SdJPL9XXpoefhEn86ZJu8WwR6RZV2fUpQBAxbWVmtQhW49IbHAk57dZ25Atc1hS2MmhnI8xL3nmM7obdh0h0AI/l/jiqEMm5smz6xvUOrYmHi81wUQ2aHBIeT7grFbsnlQ4QZrMWz7h97sEaLXZDHncKsTew5aYO54rNJddiMrJ0Lf5W1uzSH4bGNlzhcKbHrDzi1PGtYHCUapBAxAwGAtKbmr7kTTemaOALr7ioYVYneqchZKP1fTD3XSRfKTY374KG6/Wb7D64xdAlrq3/hIsDzxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6VPmAGQ2ZuwE8RMNJSQL4adAMWxv1VBmce4GwIQMXAo=; b=RH+Cejkqc+4Lze37PzZXJVq6G/E2KHcV/EtXVy+CWPZ8MMTyitF++2HFOwjQd+T6ZOoKp3XCp5gOu3YGUh/cI0dT9fRO1lNoIwuWkT5SvyTZlyPBdYfM/aYE48uIMeLkqnML+RjFQpxPgU/BTZgYUYQd1Qd5KSyivL21BncVFQEj0Pa6qebd3qduhe7zKqlNgVM/yAM2z4emMxPRBCJX7q+iIfpntJ3qVP/lCU3RLpga1uKXUoyx8p3FB5q07WRVrLAc6FjBVepcWlgIgJaQgQjC+2n+d01HtE9ypCEidECyFlVgrVt66RNLIULSsdeAfyCV3SS3uwiXgvMicu9rPw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6VPmAGQ2ZuwE8RMNJSQL4adAMWxv1VBmce4GwIQMXAo=; b=QsMVWE+89dHF0YjTLOfR45nj/IeK7kdIdKsKermtsg8ognrsLiXetnY2uJ9sj3ZQcZjt4j53eYt530NEqPhhFy4iI2odaAXpiOLsMmZfznGfe0OfRRN5SanmbJa0P2WnD1Tgtim5yd1HXUWhoeQWLa7Caa9iO8TQJd6KRwRruRE=
Received: from DB9PR07MB7771.eurprd07.prod.outlook.com (2603:10a6:10:2a6::15) by DU2PR07MB9508.eurprd07.prod.outlook.com (2603:10a6:10:490::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.27; Fri, 25 Aug 2023 09:17:47 +0000
Received: from DB9PR07MB7771.eurprd07.prod.outlook.com ([fe80::d1e0:cf61:302:a4f7]) by DB9PR07MB7771.eurprd07.prod.outlook.com ([fe80::d1e0:cf61:302:a4f7%6]) with mapi id 15.20.6699.027; Fri, 25 Aug 2023 09:17:47 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: Mario Loffredo <mario.loffredo@iit.cnr.it>
CC: "ops-dir@ietf.org" <ops-dir@ietf.org>, "draft-ietf-regext-rdap-reverse-search.all@ietf.org" <draft-ietf-regext-rdap-reverse-search.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Opsdir last call review of draft-ietf-regext-rdap-reverse-search-24
Thread-Index: AQHZ1NZHx6c/0hu9WUmQnEO9wF4IM6/5GPOAgACW6wCAARBvgA==
Date: Fri, 25 Aug 2023 09:17:47 +0000
Message-ID: <AA211F36-C93D-4C82-BA81-8E06D3D2B173@jisc.ac.uk>
References: <169264247133.43828.10929947874541147757@ietfa.amsl.com> <66da6a1a-c2b0-d9d5-64e5-adda1f2b811d@iit.cnr.it> <E284095D-3B32-4F10-859A-F1420477AB47@jisc.ac.uk> <1eb0d434-e756-898f-59af-c518e2d3a6fa@iit.cnr.it>
In-Reply-To: <1eb0d434-e756-898f-59af-c518e2d3a6fa@iit.cnr.it>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3731.700.6)
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jisc.ac.uk;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR07MB7771:EE_|DU2PR07MB9508:EE_
x-ms-office365-filtering-correlation-id: f4cc6b25-8d4d-430e-e376-08dba54c25f6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vnvfm5mZu7sswWSp89olY3DaA+pu1Ebtocp+sHpQhY/zGkD/pKiBggePZNYQJeWPtE5jC+xJrkLnayyk3JKpGf8OtYsdmHIxTyCQXNgHF7HsonuBDDozIqr1aZgDM+oM8tyPq19asFYnY0apoMJqHAl7qyPOmifJn8UouBQB9gQeQ18AKeoXYvcr2hNekh3btc4M9NAHhcb4R4E8L7j6nplkzjJ1HwTScOpKqR3M07eMARqz/sItOC/hGU+AW31pxbz7lsKUXs6/dVaTfFeCkth2m4slraUsHeNo3Uz+v1NBTMQ2u/zhvVCNS+GF1oeYHJwprL57tkGdQKf0EB8aIF8OX3sgeewu+rZEX9p+DW24/pe5yB9rc+EoI19Cd0iSk9fgJHliymv3azF1M1Jy8sq3gF5Rup0ejc0bTx6RI8Xx1MP3/VpIW41+8G/Bb9YH0pl8OLOYDppbnzNjQS0Eg0LXdwSY0g3WCti/AFoFSwNKhJ17eF1sUcm0norKqtJVLeX4GPzGR9Z+XsA49FiGFkovoh7kPsN+Gx2fS8US1rgTwqHDEzKiq+qWi0OkftugsRNIop0fiPQQ2pIXOyHQhIrWtpkWPcEij9vNGgsbI+1O1b+nq/RVlnq7ueKLl2w+k5MElGyxLuItiTi1HtDQlrJLPe6F2/LQAPrd81v/7hL2EIaUs3CTSwb2f8dOPDaui/l7APYZvnxrs+Ghrwtd8w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR07MB7771.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(396003)(39850400004)(376002)(346002)(136003)(1800799009)(186009)(451199024)(66899024)(122000001)(2616005)(71200400001)(53546011)(316002)(6916009)(6506007)(6512007)(5660300002)(86362001)(41300700001)(6486002)(36756003)(91956017)(66946007)(66556008)(66476007)(76116006)(54906003)(64756008)(66446008)(33656002)(786003)(38070700005)(38100700002)(83380400001)(166002)(478600001)(12101799020)(966005)(8676002)(4326008)(2906002)(8936002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: eH5iT2Q5pIR7H5v9HQuouQW2cZFAfq01siemzW5BpOLkGbiOoGIZ3aCgyW48JGnJCxJ3IIpi5w6btYm2HrdGymhVRkVQF7WeyGStX+sK5Wy1ft+s7oj1I6pXzYQHor2wsBIRd7w0DfIQ4nAi2vi5iV4dGQi875BnNnKNX48XaskGePKd4/VG3ItxPKXxfWav6t7YFEinhsg+gnKoRj5v73FxYIx7fkKz+V3fgx+DjFwWga73hMU2BwNwigCAHqhLX1QZBBU6Qaum4DJNXbOaU0yoxIm27RbclB39MNlT0Ei/kmdWOztRy59rcpZ6UO/A6rch5jj/PJe3Pi082Ts/L2Va/T4S/fXYjkJC1OBtLy8KB1ivl4J6005Xtw0ad3DnFfLVYa6mRxmlJOrWxmtk3WEP01ofWnlljDBflVX4dU2wqvyP6HZiatiUp3Onke8K5uBeVYHHvwVJVxD8lvV1tSFgwpTbiemxr3RNCzkSKA0wNm/M9c21Qg4oMkzBLW0JkJkFB0edAolZSAe78Xvyw2mUsN0BjjBYn8G/2Edgx9rmV5sFmN79PRMXc5JE89JBPz5ZysMN8170D6Piz/Zufd9rf0wWEj9kWbSmFNmwbK576XWDG7agl9Pjzju6DuJLUH/b5q+A80hMafBx8kvTKszeBQXMElmhoRhdYH4EsBDDZBk1CN/M8eX3KdlTC27CUsTCGZNkcXWxkkaFzB3hrLuGcmS3pJBeySYFkHsp3efRkaxtt44uPa1Dz2dWEpCv3H6O+nDdE2Dqoe4SbAO9jI8fq5q5M9adYJ1xzORF8c6KRH0pKH+wAy8WUhmx16w+hxSiAUv6ohduqhd2dBmzMYEEicCVnSwqRHE6Zr0lpgCgHkH6+fkN86t4t0wog5DfPJ7EASQ50tJWnpP7lteSCR2fozpXUj9WaZT1ajiOVprGS79ZVsSlxAZbpg6sBOkn6j7M12O3gm+RXCakuKPspTNkKHDTSEkeg+F8emctj4wxVWrCcLj6EO+I07eJARwdugS1WPft3Y4NhQH1WhOXBM93YVOg00qYF7SCas0Oa4glhA19HPx7OzxzD/AMeTUQQYIooOIkIiT/QDYf5iLnvLDLB5QQkBAVjxCr7NMyEZROJLVAk+FoXXxnRSJj2Pz5W2kFjqbp8bGUNS1N6V0BfHqFzpPgVyWh9LaJgHY1vjNs+q4GPI1qCDs/WJZKstz/bPY/r/h7MqvAB+BgGzODSyhfawxTutijuS4ReZxHXkqGTh/8d7mXxqidNIdJQi2c6Y3J766PkntSkYGHygsZheouJoqxVCLQtZxPrkwB7zZI0lQpUvR0Vu9nyr7BbK6hV7Q+VTxcz6+AGYJH3PWSIFSOhYdEMa0buiVVCy+olSU4TZmKDTfi92+IF572eot0/IZ5iBUiC48vCbWbnfJ0ebAMW51wT9A4qTqxa+9hlaID8pclT7z5esVz9uWnxjO4hf5nTi5rieeIfG2zsaTbbtXQZuBVaaWITQj8ufatHBLyn8lvZ2mxrQQDdaYkcaJEdBUeL+4qZZVY0WcK4rsq4wFbwRWlbEl11QJN+Gd1NrK2CFmzcwngt39OqpqTChYevtH4JvPV9Qy2CE7sIvUW1Q==
Content-Type: multipart/alternative; boundary="_000_AA211F36C93D4C82BA818E06D3D2B173jiscacuk_"
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR07MB7771.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f4cc6b25-8d4d-430e-e376-08dba54c25f6
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Aug 2023 09:17:47.5939 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vlo+ZB/nfGUtHCurIUnU6MKnH/qkGcgdyWGq+kTrEe6uVuSckc1ZCniFePil4NU69wcqpvYhqTJyA8qiQKcT4A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2PR07MB9508
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/JZWZxOf-Y2fwe5Zy3lfqzvNzEzM>
Subject: Re: [regext] Opsdir last call review of draft-ietf-regext-rdap-reverse-search-24
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Aug 2023 09:17:59 -0000

Hi,

On 24 Aug 2023, at 18:02, Mario Loffredo <mario.loffredo@iit.cnr.it> wrote:

You don't often get email from mario.loffredo@iit.cnr.it. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>

Hi Tim,

again my responses below.

Il 24/08/2023 10:02, Tim Chown ha scritto:
Hi,

On 22 Aug 2023, at 10:50, Mario Loffredo <mario.loffredo@iit.cnr.it><mailto:mario.loffredo@iit.cnr.it> wrote:


Hi Tim,

thanks a lot for your review.

Please find my comments inline

I’ll answer the privacy point in response to Andy’s email.

Il 21/08/2023 20:27, Tim Chown via Datatracker ha scritto:

Reviewer: Tim Chown
Review result: Not Ready


It seems the text in paragraph 3 of the Introduction is saying it’s not an
issue as RDAP search queries already exist. But looking at related RFCs I see
examples where specific controls (rate limiting, response codes for too many
queries, etc) are described. So I think the concern is clear, rather the text
should state that controls can be implemented, or indeed SHOULD be, later in
the document.

[ML] The concern is about RDAP searches in general, not specifically about the reverse searches.

In addition, the reverse search is not new in RDAP. RFC 9082 defines queries to search for domains starting for a detail of the associated name servers.

I would assume one aspect of the concern is the larger volume of queries that is likely to follow, and in particular efforts to recover potential PII (whether it is actually available or not).  So both a general higher volume of queries, but also a level of additional ‘harvesting’ activity. I think that’s where some text could be added, and covered by similar protections as described for existing queries.

[ML] The largest volume of queries will likely be towards the public endpoints of the RDAP services.  In general, the endpoints protected by authorization mechanisms, as reverse searches are expected to be,  are not accessed frequently.

But if protected and public resources coexist in the same service, this may result in increasing the risk of attacks to the protected resources and decreasing the efficiency of the service for accredited users.

One solution is to dedicate a specific path segment to the authenticated endpoints (e.g. https://example.com/rdap/auth/... instead of https://example.com/rdap/...).

It permits:

- to easily implement the support for authentication/authorization since, for example,  most known OpenID implementations offers some kind of software adapters protecting a given path (or all the paths starting with a given prefix);

- to configure a proxy routing the requests to two different backend servers, one serving the anonymous requests to public endpoints and one serving the authenticated requests to the protected endpoints, and eventually adding to the latter server some security services provided by other protocol layers such as certificates and IP whitelisting.

Does the considerations above address your remark ?

Those comments are certainly helpful. I think the IESG reviewers may like to see them, but I can’t speak for them.  As an area reviewer I look to flag issues that they may appreciate being drawn to the area AD’s attention, but sometimes they’re fine with it as is.

Should I add them to the Implementation Considerations section ?

You could. If it’s deemed too much detail it can be removed later.

This document just aims to describe a formal query model addressing every kind of reverse search based on the relationships between the RDAP objects.

RFC 8977 and RFC 8982 already provide guidance to implementers on how to make searches more sustainable for both clients and servers but, obviously, RDAP providers can implement additional measures

with the same purpose.

That said, Section 10 already includes text recommending to use techniques speeding up the data retrieval and mitigating the risks of performance degradation.

Hence, IMO, it already addresses your remark.

The text further into the document helps, but the text I the Intro ignores this; it should forward point to that.

[ML]  Does it work for you if I add text in the Introduction section stating that the implementation of a reverse search feature might request additional effort in processing the queries and making them sustainable for the server (see Implementation Considerations) and improving the security level (see Security Considerations) ?

Some forward pointer, e.g., “as discussed in Section xxx”, would be helpful.  As it is I feel as a new reader to the document that the issue is being a little bit waved away without clear rationale or recommendations.

Finally, related, I welcome the details of implementations in the draft, but I
note they are ‘alpha’ state. I’m curious as to their potential progression, and
what testing at any scale may have bene done.


[ML] At .it, we have implemented only the reverse search based on domain-entity relationship and it's unaccessible to public users.

Presently it's available to registrar users under the conditions explained in my first comment and we plan to make it available to authorities soon.

ARIN and APNIC have described in draft-ietf-regext-rdap-rir-search<https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-rir-search/> a potential usage of the reverse search in their own RDAP servers.

OK, thanks.

This seems to boil down to a solution that is technically fine, from my level of knowledge of RDAP, but where the use cases need to be considered by the IESG in their evaluation.

[ML] The possible use cases are reported in the Introduction section.

Thanks,
Tim



Best,

Mario


Tim


Best,

Mario

Best wishes,
Tim




--
Dott. Mario Loffredo
Senior Technologist
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web: http://www.iit.cnr.it/mario.loffredo


--
Dott. Mario Loffredo
Senior Technologist
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web: http://www.iit.cnr.it/mario.loffredo

v2.23.0 | Report a Bug | By Email