Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-rdap-partial-response-13: (with DISCUSS and COMMENT)

Mario Loffredo <> Thu, 10 September 2020 17:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3A1293A0E97; Thu, 10 Sep 2020 10:03:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.847
X-Spam-Status: No, score=-2.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.948, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hhHpuzmiYOSP; Thu, 10 Sep 2020 10:03:23 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5A2C03A0E8C; Thu, 10 Sep 2020 10:03:22 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 085EFB8046D; Thu, 10 Sep 2020 19:03:21 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TahL_9ztccRL; Thu, 10 Sep 2020 19:03:17 +0200 (CEST)
Received: from [] ( []) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id B3E05B80466; Thu, 10 Sep 2020 19:03:17 +0200 (CEST)
To: Benjamin Kaduk <>, The IESG <>
Cc:,,, Jasdip Singh <>
References: <>
From: Mario Loffredo <>
Message-ID: <>
Date: Thu, 10 Sep 2020 19:00:06 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: it
Archived-At: <>
Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-rdap-partial-response-13: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 10 Sep 2020 17:03:27 -0000

Hi Benjamin,

thanks a lot for your review. Please find my comments inline.

Il 09/09/2020 20:47, Benjamin Kaduk via Datatracker ha scritto:
> Benjamin Kaduk has entered the following ballot position for
> draft-ietf-regext-rdap-partial-response-13: Discuss
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to
> for more information about IESG DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> As was the case for Murray, I'm unconvinced that I have understood what
> Section 3 intended to convey.  However, I am balloting Discuss because
> my current best understanding is for a statement that seems inconsistent
> with my understanding of how the partial response mechanism works.  In
> particular, how would the topmost objects be returned according to
> different field sets, if there's only a single query parameter and (I
> assume) all topmost objects are the results of the same single query?
Perhaps I didn't make myself clear. Obviously, all the objects reutrned 
by a server in response to a search are provided according the same 
field set. What the Secion 3 aims to convey is that servers are free to 
represent relationships between the parent objects and child objects in 
the field sets as they want. For example, an RDAP profile could defne a  
"brief" field set for the response to a /domains search that don't 
include any information about the nameservers. Instead, in another RDAP 
profile the "brief" field set for the response to a /domains search 
could return the same information about the namservers as returned by 
the "brief" field set defined for the response to a /nameservers search.

Therefore, the list of fields of a short response to a /nameservers 
search couldn't be the same as the list of fields for each nameserver 
included in a short response to a /domains search.

Obviously, to achieve the largest interoperability, it's logical to 
expect that the policy about how to represent the information about 
relationships should be quite similar in the various RDAP profiles. But 
this is something out of the scope of the document.

Hope this make the rationale of Section 3 more clear.



> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> Thanks to the shepherd for noting that the examples have been through
> JSONLint!
> Abstract
>     The Registration Data Access Protocol (RDAP) does not include
>     capabilities to request partial responses.  Servers will only return
>     full responses that include all of the information that a client is
>     authorized to receive.  A partial response capability that limits the
> [There is perhaps some stylistic question of whether to describe the
> present state in the present tense vs. saying something like "prior to
> the mechanism defined in this document" or "as specified in [RFC7483".]
> Section 1
>     Currently, RDAP does not provide a client with any way to request a
>     partial response.  Servers can only provide the client with a full
> nit: will this age well?
> Section 2
>     The path segment defined in this section is an OPTIONAL extension of
>     search path segments defined in [RFC7482].  This document defines an
> It's not entirely clear to me in what sense it's accurate to say that
> this section "defines" a path segment.  (Perhaps RDAP path segments
> diverge from normal HTTP and generic URI path segments in this sense?)
> My current understanding is that we are defining an optional query
> parameter in the purest URI sense, which does not require a new path
> segment in the URI sense.
>     full response (Figure 1).  The field sets supported by a server are
>     usually described in out-of-band documents (e.g.  RDAP profile)
> nit: comma (and only one space) after "e.g.".
> Section 2.1
>     responses about the available field sets.  Such information is
>     collected in a new data structure named "subsetting_metadata"
>     containing the following properties:
> I assume this is a JSON datastructure, specifically?
>     o  "availableFieldSets": "AvailableFieldSet[]" (OPTIONAL) an array of
>        objects, with each element describing an available field set.
>        Members are:
>        *  "name": "String" (REQUIRED) the field set name;
>        *  "default": "Boolean" (REQUIRED) whether the field set is
>           applied by default;
> Is it allowed to have more than one entry in the array set
> "default":true?
>        *  "links": "Link[]" (OPTIONAL) an array of links as described in
>           [RFC8288] containing the query string that applies the field
>           set.
> I suggest giving an example or a bit more detail as to exactly what
> structure/format is expected here; 8288 has a fair bit of meat to it.
> Ah, but this is covered in Section 2.1.2, so maybe just a
> forward-reference is enough.  It would be good (either here or there) to
> give some indication as to which of "value"/"rel"/"href"/"title"/"type"
> are required/optional, though.
> Section 4
>     o  "id": the server provides only the key field: "handle" for
>        entities, "ldhName" for domains and nameservers.  If a returned
>        domain or nameserver is an Internationalized Domain Name (IDN)
>        [RFC5890], then the "unicodeName" field MUST be included in the
> nit: I suggest "also" or "additionally be included".
>     The "objectClassName" field is implicitly included in each of the
>     above field sets.  RDAP providers SHOULD include a "self" link in
>     each field set.  RDAP providers MAY also add any property providing
>     service information.
> Just to check my understanding: the "property" that might also be added
> here is a "field" that would be included in a given field set and
> corresponding query response?  (I don't know if "property" has
> RDAP-specific connotations that make it a better word to use here.)
> (nit?) I'm also not entirely sure that 'include a "self" link in each
> field set' is pedantically correct, as opposed to 'include a "links"
> field indicating the "self" link relationship'.
> Section 8
> I suppose it's always possible that by using a narrow field set a client
> would not get back some important piece of information, e.g., a modifier
> that restricts the scope of applicability of some information.  It seems
> fairly obvious that the onus for knowing what fields are possible and
> avoiding this scenario falls on the client, though perhaps it is worth
> also giving some guidance to the server to take this into consideration
> while defining field sets.
>     Servers can also define different result limits according to the
>     available field sets, so a more flexible truncation strategy can be
> I'm not entirely sure I am understanding this correctly -- is it just
> saying (roughly) "when using the 'id' field set it's safe to use much
> larger page size than for the 'full' field set"?  (I didn't find a
> specific definition of "result limits" in RFCs 7482 or 7483.)
>     implemented.  The new query parameter presented in this document
>     provides RDAP operators with a way to implement a server that reduces
>     inefficiency risks.
> Perhaps it's worth mentioning that in the face of unupdated clients
> these potential gains are not actually realized.
> Section 9.1
> The one place we cite RFC 7481 does not seem to itself be a normative
> usage (though I can imagine that one does need to read it in order to
> build a complete system).
> Appendix A
>     Looking at the implementation experiences of partial response, two
>     approaches are observed:
> Looking at context from later in the suggestion suggests that this
> survey was not restricted to RDAP partial response, which might be worth
> mentioning.
>     o  The request of some fields might not match the client's access and
>        authorization levels.  Clients might request unauthorized fields
>        and servers should define a strategy for responding, such as
>        always returning an error response or returning a response that
> nit: I think this is more of "servers have to" than "servers should"
> (even though this strategy might just be "do whatever the existing code
> happens to do").
> Appendix A.1
>     o  Relevant entity object information is included in a jCard, but
>        such information cannot be easily selected because it is split
>        into the items of a jagged array;
> nit: I didn't find "jagged array" used in either RFC 7483 or RFC 7095;
> is is relationship to jCard specified somewhere else?
>     The latter approach seems to facilitate RDAP interoperability.
>     Servers can define basic field sets which, if known to clients, can
>     increase the probability of obtaining a valid response.  The usage of
> nit: the "latter approach" seems to be an artifact of some text moves,
> as there isn't a recent comparison of two approaches in this section.
> ("Latter approach" also appears in the following paragraph.)
Dr. Mario Loffredo
Systems and Technological Development Unit
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Mobile: +39.3462122240