Re: [regext] Request WGLC for draft-ietf-regext-rdap-redacted
Mario Loffredo <mario.loffredo@iit.cnr.it> Sat, 10 December 2022 08:31 UTC
Return-Path: <mario.loffredo@iit.cnr.it>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80CBFC14F740 for <regext@ietfa.amsl.com>; Sat, 10 Dec 2022 00:31:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.796
X-Spam-Level:
X-Spam-Status: No, score=-1.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KYecNAio-cgT for <regext@ietfa.amsl.com>; Sat, 10 Dec 2022 00:31:21 -0800 (PST)
Received: from mx5.iit.cnr.it (mx5.iit.cnr.it [146.48.58.12]) by ietfa.amsl.com (Postfix) with ESMTP id 88421C14F732 for <regext@ietf.org>; Sat, 10 Dec 2022 00:31:19 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx5.iit.cnr.it (Postfix) with ESMTP id 8B27EC0498; Sat, 10 Dec 2022 09:31:17 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mx5.iit.cnr.it
Received: from mx5.iit.cnr.it ([127.0.0.1]) by localhost (mx5.iit.cnr.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f3d-wXDqek3h; Sat, 10 Dec 2022 09:31:12 +0100 (CET)
Received: from [192.168.16.66] (sa.nic.it [192.12.193.247]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by mx5.iit.cnr.it (Postfix) with ESMTPSA id CD17FC013F; Sat, 10 Dec 2022 09:31:12 +0100 (CET)
Content-Type: multipart/alternative; boundary="------------fc0jctKINyD6MH4MicD9xjp0"
Message-ID: <4c73ca57-94a0-1e80-90ff-8d981235cf12@iit.cnr.it>
Date: Sat, 10 Dec 2022 09:28:09 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.1
To: "Gould, James" <jgould=40verisign.com@dmarc.ietf.org>, "regext@ietf.org" <regext@ietf.org>
References: <E457EA77-2204-4611-B4E8-29969E01ED01@verisign.com>
From: Mario Loffredo <mario.loffredo@iit.cnr.it>
In-Reply-To: <E457EA77-2204-4611-B4E8-29969E01ED01@verisign.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/OjfLBl8pPXsya25IlTXYAJibKbQ>
Subject: Re: [regext] Request WGLC for draft-ietf-regext-rdap-redacted
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Dec 2022 08:31:25 -0000
Hi James, please find my comments below. Il 09/12/2022 19:15, Gould, James ha scritto: > > Mario, > > Sorry for the delay in responding to your feedback. Thanks for the > feedback and below are the responses to it. > > -- > > JG > > > > > *James Gould > *Fellow Engineer > jgould@Verisign.com > <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> > > 703-948-3271 > 12061 Bluemont Way > Reston, VA 20190 > > Verisign.com <http://verisigninc.com/> > > *From: *Mario Loffredo <mario.loffredo@iit.cnr.it> > *Date: *Tuesday, November 15, 2022 at 9:05 AM > *To: *James Gould <jgould@verisign.com>, "regext@ietf.org" > <regext@ietf.org> > *Subject: *[EXTERNAL] Re: [regext] Request WGLC for > draft-ietf-regext-rdap-redacted > > Hi James, > > some comments from my side: > > 1) With reference to the following sentence in section 3.2: > > such as "" for a jCard [RFC7095] Text ("text") property or null for non-Text ("text") properties. > > it seems to me that RFC7095 doesn't include a clear statement in that > sense. > > Some VCard types (i.e. text, uri, language-tag, utc-offset, and all > date type variants) are mapped to JSON strings, other VCard types are > mapped to other JSON primitive types (i.e number, boolean). > > Given that, apart from "fn" that is a required "text" property, a > JSON string can be either null or empty. > > For sure, the use of the empty string makes more sense for "text" > values, but null value is not clearly prohibited for the other VCard > properties mapped to JSON strings. > > JG – Yes, the other jCard properties may be mapped to a JSON string, > but they include additional string format requirements that would not > be met with the use of an empty string. The reference to the Text > (“text”) property does not apply to the other jCard properties that > map to a JSON string, so the redaction is handled with the use of a > null value. > > 2) WIth regard to redaction by replacement method, should the example > in Fig.7 be updated as in the following: > > OLD > > "redacted": [ > { > "name": { > "type": "Registrant Email" > }, > "path":"$.entities[?(@.roles[0]=='registrant')]. <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='email')][3]> > vcardArray[1][?(@[0]=='email')][3]" <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='email')][3]>, > "replacementPath":"$.entities[?(@.roles[0]=='registrant')]. <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='contact-uri')][3]> > vcardArray[1][?(@[0]=='contact-uri')][3]" <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='contact-uri')][3]>, > "pathLang": "jsonpath", > "method": "replacementValue", > } > ] > > NEW > > "redacted": [ > { > "name": { > "type": "Registrant Email" > }, > "path":"$.entities[?(@.roles[0]=='registrant')]. <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='email')]> > vcardArray[1][?(@[0]=='email')]" <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='email')]>, > "replacementPath":"$.entities[?(@.roles[0]=='registrant')]. <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='contact-uri')]> > vcardArray[1][?(@[0]=='contact-uri')]" <mailto:$.entities[?(@.roles[0]=='registrant')].vcardArray[1][?(@[0]=='contact-uri')]>, > "pathLang": "jsonpath", > "method": "replacementValue", > } > ] > > Based on the example in Fig.6, the "email" property instead of the > "email" value is replaced. > > JG – Yes, I agree that the “email” property instead of the “email” > value is replaced. This will be addressed in > draft-ietf-regext-rdap-redacted-10. > > 3) Would rephrase the following sentence in section 4.2 > > OLD > > The "redacted" member contains an array of redacted > objects with the following child members > > NEW > > The "redacted" member contains an array of > objects with the following child members > > The objects in the "redacted" array are not redacted but rather the > response fields represented by those objects. > > JG – This will be updated in draft-ietf-regext-rdap-redacted-10. > > 4) Wonder if section 6.2 should include an entry for pathLang. > > JG – Yes, based on the feedback from Pawel Kowalik, the “redacted > expression language” type will be added with an initial registration > of the “jsonpath” value for the JSON Values Registry. > > 5) A last feedback about JSONPath Considerations: > > 5.a) Is it allowed to use wildcard in JSONPath? Think it could be > useful especially when the same redaction rule is applied to each > result of a search response. > > For example, if a registry policy consists in redacting all the domain > handles, the "redacted" content could simply be: > > "redacted": [ > { > "name": { > "type": "Registry Domain ID" > }, > "path": "$.domainSearchResults[*].handle", > "pathLang": "jsonpath", > "method": "removal", > "reason": { > "type": "Server policy" > } > } > ] > > JG – Actually for searches the “redacted” member can be included on a > per-object basis, since the redaction may be different per object. > Attempting to define crosscutting redaction definitions for all > objects included in the search seems like something the server could > do, but I don’t believe it should be encouraged. > > 5.b) I consider this a corner case so feel free to ignore it ;-) > > The VCard label property (as well as the JSContact fullAddress > property) is usually derived from the postal address information. > > When the postal address is partially redacted, what should be the > label value and the related redaction method? > > If you think it's worth managing this case, I would suggest a > conservative solution: the label property should be omitted and the > redaction method should be "removal". > > JG – The rule is if the property can be and is removed due to > redaction, then it is omitted, and the redaction method should be > “removal”. I’m not sure if this fully answers your feedback, so > please let me know with an example if it doesn’t. > [ML] As I wrote in my previous mail, maybe it's not worth addressing this case. In general, it is connected with the redaction of vCard elements, namely the FN property and the LABEL parameter of the ADR property, that are generated by formatting their structured counterparts. If the structured components get partially redacted by the emptyValue redaction method, what redaction method should I use to redact the formatted versions? Here in the following an example clarifying my question. Before redaction: [ "adr", {"label": "Suite 1236\n4321 Rue Somewhere\nQuebec\QC\G1V 2M2\Canada"}, "text", [ "", "Suite 1236", "4321 Rue Somewhere", "Quebec", "QC", "G1V 2M2", "Canada" ] ] After redaction: 1) [ "adr", {"label": "QC\nCanada"}, "text", [ "", "", "", "", "QC", "", "Canada" ] ] 2) [ "adr", {}, "text", [ "", "", "", "", "QC", "", "Canada" ] ] Since the specification doesn't allow the server to signal that a value has been partially redacted, and I don't see the need to add another redaction method only for this corner case, my proposal was simply the following: "those properties that are generated from other properties that can be partially redacted must be redacted by using the removal method" (Solution 2) Best, Mario > Hope it could be helpful. > > Best, > > Mario > > Il 10/11/2022 19:38, Gould, James ha scritto: > > This is a formal request to start the WGLC for > draft-ietf-regext-rdap-redacted. There is a normative reference > to draft-ietf-jsonpath-base, which has a JSONPath working group > November milestone. draft-ietf-jsonpath-base looks stable and can > progress in parallel with draft-ietf-regext-rdap-redacted. > > Thanks, > > -- > > JG > > > > > *James Gould > *Fellow Engineer > jgould@Verisign.com > <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> > > 703-948-3271 > 12061 Bluemont Way > Reston, VA 20190 > > Verisign.com > <http://secure-web.cisco.com/1jBgmRGLp97BwyI56ZY6E2KnhXLBn_CyaRjxVZ7GqU5nP4VoGbDmOFaSadTLrZ8OaIMWwNr4CLXsVIYNhnH4Z3c6przEWV0581stOfOtCDYyVb1U8iX-OaeglUaY6UIjRbRsoaAcqnx12w7uDgnjrwnhLrtSCH3NQK20VhpKXQbAofvo4jOJsx4cHjD5sxmv-xKgfyjXZgr7oOpxU9z41XgH02hJZZTYbogCf05948JANuWS0T4DojwwmNtmQHoN9UjVqPRqZKAn7gbjnO0xXK3ZDaxx9N9iz65hy3ZqIgQYHxdSLk5KUHbNvQydrwCxd/http%3A%2F%2Fverisigninc.com%2F> > > > > _______________________________________________ > > regext mailing list > > regext@ietf.org > > https://www.ietf.org/mailman/listinfo/regext <https://secure-web.cisco.com/1QZXPKZg0yOi5FGPtQR9fKFNSa-mIVnC7WC4ALwt1eRfK3-ypZSt6_2xY-hSaVmgzAytTYYHcnL4rCXxWO2UpEtkMlh-OegPiK5nrIShRzg2hBlREYZPS41o1IwIWcM7UZPGQ-FxQBxkkf8fRsG27ZJPh6SN4Npz5Nx0eTyp0BNyD27_AEHQOQGphegY8qsrmx-Wjd9q7Csh129rmKkvKVxpZzed_u_8Pwyn4g4DN11Ns2RGRyh6-ymPx7BK5CxqUGI6OovchjtlylImbPICIi7KiCZMvnjcPCyn_ZDbQbxVQpIu6ikjianxcAM8RpdtD/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext> > > -- > Dott. Mario Loffredo > Technological Unit “Digital Innovation” > Institute of Informatics and Telematics (IIT) > National Research Council (CNR) > via G. Moruzzi 1, I-56124 PISA, Italy > Phone: +39.0503153497 > Web:http://www.iit.cnr.it/mario.loffredo <http://secure-web.cisco.com/139AqdF7WT3CdxSSc0UPSoDgA0gl9_QwVKklekryCslll0JvKfIWV4X16QAKacmsRBjPmY6-F04c28s5zpz2HwT6ki7ON7XQHsnRXipvn3m1NoGxfR9XMNRGTtoSlaoXahD0z-bP-mSUPsraAy5ewotwaYuTsKuafF8T5HN8JqEL4pqYsq1WAdl8WS_bHigbb8mVKIhqTDuRazKzVCpoByy52N_M-Hf8megqz4jAbIU_D7CgzVTQH7GQXldLgfms9L0ugpZtQ0bewrH_9DBeNO0aiY2BRkZ8adIM_8V-TsGl3qCbgdfLzBl6RNTz79GpF/http%3A%2F%2Fwww.iit.cnr.it%2Fmario.loffredo> > > _______________________________________________ > regext mailing list > regext@ietf.org > https://www.ietf.org/mailman/listinfo/regext -- Dott. Mario Loffredo Technological Unit “Digital Innovation” Institute of Informatics and Telematics (IIT) National Research Council (CNR) via G. Moruzzi 1, I-56124 PISA, Italy Phone: +39.0503153497 Web:http://www.iit.cnr.it/mario.loffredo
- [regext] Request WGLC for draft-ietf-regext-rdap-… Gould, James
- Re: [regext] Request WGLC for draft-ietf-regext-r… Mario Loffredo
- Re: [regext] Request WGLC for draft-ietf-regext-r… James Galvin
- Re: [regext] Request WGLC for draft-ietf-regext-r… Gould, James
- Re: [regext] Request WGLC for draft-ietf-regext-r… Mario Loffredo
- Re: [regext] Request WGLC for draft-ietf-regext-r… Gould, James
- Re: [regext] Request WGLC for draft-ietf-regext-r… Mario Loffredo