IETF Logo Mail Archive

Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)

"Gould, James" <jgould@verisign.com> Tue, 19 July 2022 13:43 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 328B1C18871E for <regext@ietfa.amsl.com>; Tue, 19 Jul 2022 06:43:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.809
X-Spam-Level:
X-Spam-Status: No, score=-2.809 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ELhv5qYKNoHD for <regext@ietfa.amsl.com>; Tue, 19 Jul 2022 06:43:35 -0700 (PDT)
Received: from mail6.verisign.com (mail6.verisign.com [69.58.187.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B165C18871F for <regext@ietf.org>; Tue, 19 Jul 2022 06:43:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=6290; q=dns/txt; s=VRSN; t=1658238216; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=3L1PXamiuxqNr97d75gyx2+KHaZOWxpdnRRkjbJL33E=; b=FgYaV9XSvRlPC5EVh12KtodL9cMguGyqAt7Zemp85xRhptlKhgOkDAYh akuz9p+EpM2tNTAeki8SXHZmquDSVRvgMseiTJTtOcn7OG/bo3T5r75vm yQlpGq1KuONgtj7tI4Zh8ChCbxNWqFqYEaRvlOleh+L+jr9qIC8/RZE+x JHcZ96+CJ5zRh+PzQS8Y1bRGu64AVyAVYSZP0ywt0h4B7DVQ+ejjRnsZm R/GYfQAYhNDEfl4TMNvDhL7JjQqbXXBEFdzxTzycn56f4H8piL7+4d3En jb0zkov5bdx5uEliYAhEMrSh7UBU2Sh9luoslhgIKUangci+jg650vR+4 Q==;
IronPort-Data: A9a23:0Dgw+qIqCq3BCCm3FE+Rh5QlxSXFcZb7ZxGr2PjKsXjdYENSgjEGn GYXXziBaK7YNmageIh+YYW0pEwG6paAm4VjQVZorCE8RH908seUXt7xwmUcnc+xBpaaEB84t ZV2hv3odp1coqr0/0/1WlTZQP0VOZigHtIQMsadUsxKbVIiGX1JZS5LwbZj2NY32InhWWthh PupyyHhEA79s9JLGj9Mg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJp8tuSH I4v+pnipz+EoE19Yj+Suu2TnkUiGtY+NCDQ0iYGA/DKbhJq/kTe2Y5jXBYQhNs+Z5xkULmdx f0U3aFcRzvFMYXGgelBVyVYKxtHIKIZ3b3mHyW+o866mhiun3vEm52CDWkcB6tBxcBaMTkUs +ITLyoVKBmPwfys27T9Qe5p7ighBJCzetpA4Tc5kGqfUadOrZPrGs0m4fda0zAtgsxmA/vEZ tEYZjwpZxPFC/FKEg5KV8hlwrz17pX5Wx5S8mCuuIYe2lHewQAh4qa1K9/lY9PfEK25mW7d/ Aoq5V/RCxcWJfSf2SDD72nErurGhyL8HoYVGrOi+/JtqFyS2ioYDgdQVEfTieO0hUOuR/peJ lAavC00osAPGFeDRMP7BgK+rW7c5FsHRcAWFuwhrQuKjKDO5V/fGHIfSHhKb9lOWNIKeAHGH 2Shx7vBbQGDepXMIZ5B3t94dQ+PBBU=
IronPort-HdrOrdr: A9a23:8U+vfa6jMwmEl3wcMwPXwBXXdLJyesId70hD6qkXc20xTiX4rb HNoB1173/JYVoqNk3I+uruBEDoexq1yXcf2/hzAV7NZmjbkVrtAo1k4ZDr3jHsXwbvn9Qw6Y 5QN4xzEsf5A1Q/r8rriTPTL/8QhP2K6rqhi+ub9WpqVg0CUcxdxh10ERmWCXd7QwR6BZ40fa D22vZ6
X-IronPort-AV: E=Sophos;i="5.92,284,1650945600"; d="scan'208";a="15723635"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.28; Tue, 19 Jul 2022 09:43:33 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2375.028; Tue, 19 Jul 2022 09:43:33 -0400
From: "Gould, James" <jgould@verisign.com>
To: "andy@hxr.us" <andy@hxr.us>
CC: "Hollenbeck, Scott" <shollenbeck@verisign.com>, "mario.loffredo@iit.cnr.it" <mario.loffredo@iit.cnr.it>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Re: Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)
Thread-Index: AQHYm3WKADABad1vEkWNP5HNNxWtcQ==
Date: Tue, 19 Jul 2022 13:43:33 +0000
Message-ID: <2E9792EF-26A1-41D1-AAFB-87792F9976D7@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.62.22061100
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <982538F8399C6E46B4FA32C9B7913E0B@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/RW9kCpSv9rvpH450qa-DBMsLUCE>
Subject: Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2022 13:43:40 -0000

Andy,

Thanks for your response.  My feedback is embedded below.

-- 
 
JG



James Gould
Fellow Engineer
jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/>

On 7/18/22, 4:02 PM, "Andrew Newton" <andy@hxr.us> wrote:

    On Fri, Jul 15, 2022 at 8:13 AM Gould, James <jgould@verisign.com> wrote:
    >

    >
    > In the case of Approach B and C, the values registered in the RDAP Extension Registry guarantee uniqueness, and the RDAP Conformance value has the sole responsibility of signaling the version of the extension without cascading down to the extension elements.  I prefer the flexibility of Approach C, but Approach B will work.  One side effect of Approach C is that we still need to support the registration of fully versioned identifiers to capture policy signaling, such as the case of the RDAP Profile identifiers "icann_rdap_response_profile_0" and "icann_rdap_technical_implementation_guide_0".
    >

    I don't know if I fully understand the difference between approaches B
    & C, but policy signalling seems important. My preference is not to
    break that.

JG - The difference between Approach B and C is the coupling between the RDAP Conformance value and the extension elements, where Approach B uses the registered prefix value for the versioned RDAP Conformance value ("redacted" registered prefix and the RDAP Conformance value "redacted_level_X" defined within the specification).  Approach C decouples them and supports the registration of the versioned RDAP Conformance identifier ("redacted_level_X" registered for the specification version and the registration of one or more prefixes defined within the specification, such as "redacted").  The versioned RDAP Conformance is associated with hinting the specification supported by the server, where there is no hard requirement to couple the RDAP Conformance value with the prefixes defined within the specification.  Approach A couples the RDAP Conformance value with the prefix value used for the extension elements.  Both Approach B and C support version signaling only in the RDAP Conformance value and allow the extension elements to be unchanged with version changes.  

    For adding on to an existing extension, one approach might be to list
    the new sub-members separately. For example, "exampleNicV1" is created
    and listed in the rdapConformance. So for example:

    {
         "rdapConformance" : [ "rdap_level_0", "exampleNicV1"],
         "exampleNicV1_foo": {
              "bar": "buz"
         }
         ....
    }

    Now, an addition is desired, so "exampleNicV1_modA" is created:

    {
         "rdapConformance" : [ "rdap_level_0", "exampleNicV1", "exampleNicV1_modA"],
         "exampleNicV1_foo": {
              "bar": "buz",
              "exampleNicV1_modA_bar": "bazz",
         }
         ....
    }

JG - This is defining a new mechanism for auto-discovery.  My recommendation is to separate auto-discovery capabilities from the hinting provided by the RDAP Conformance values, where the RDAP Conformance values are only used for signaling the specification versions supported by the server.  I have experience with attempting to provide an auto-discovery capability in EPP with the Registry Mapping (https://datatracker.ietf.org/doc/html/draft-gould-carney-regext-registry), which was very ambitious for EPP and I believe will be very ambitious and more complex then you may think for RDAP.     

    This works because "Clients of these JSON responses SHOULD ignore
    unrecognized JSON members in responses." (Section 2.1 of RFC 9083).

JG - This issue that we're tackling is how to not break clients when introducing a new version of an extension, where new unrecognized JSON members SHOULD be ignored but removing existing members with a version change can certainly cause an issue for the client.  A server can't introduce a backward compatible enhancement without forcing all clients to change and the server may have no visibility into what the client supports since there may be no client-side version signaling available.  An example is draft-ietf-regext-rdap-redacted, which only extends the response members of the response.  Approach B and C mitigate the interoperability risk by only embedding the version into the RDAP Conformance value.  What is the advantage of embedding the version into the prefix in Approach A for the client?       

    -andy

v2.23.0 | Report a Bug | By Email