[regext] Re: Review of draft-ietf-regext-rdap-versioning, draft-ietf-regext-rdap-x-media-type, and draft-ietf-regext-rdap-extensions
James Galvin <galvin@elistx.com> Mon, 22 July 2024 17:21 UTC
Return-Path: <galvin@elistx.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB447C1CAF4A for <regext@ietfa.amsl.com>; Mon, 22 Jul 2024 10:21:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=elistx-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id abEpI4jkmkhx for <regext@ietfa.amsl.com>; Mon, 22 Jul 2024 10:21:25 -0700 (PDT)
Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76145C1D4A90 for <regext@ietf.org>; Mon, 22 Jul 2024 10:21:25 -0700 (PDT)
Received: by mail-pj1-x1033.google.com with SMTP id 98e67ed59e1d1-2cd2f89825fso1063631a91.1 for <regext@ietf.org>; Mon, 22 Jul 2024 10:21:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=elistx-com.20230601.gappssmtp.com; s=20230601; t=1721668885; x=1722273685; darn=ietf.org; h=embedded-html:mime-version:references:in-reply-to:message-id:date :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=rEvLuIP0s4xCAIXPpatfLdd98CikpWWeaEQcWh04uqo=; b=LRMYYTUi9GWFjZYxQ1wa/jQgveJ7fZtPsWg8TRgbHYX536qA12yW5jgQBdvcKiNhhB aOuSB8TbOCIppOjrvmTrX3pkR08KbNsRa+SMdfvk97UIN0L7am+PlIZILjUm09WGGyxF nQA+cusDY4gomvYnJSvbb8+g6a8cDdSlmZDig46gdQUII1OdddRbW7f2PXiKVMYUTCcB crh4rGKF5gpMBDQd7/Sf/0OoAZpYgXFht0fn0aVqqsRXGa9fLQhaU/40SJDhdB9ZlEVm YsKzxeHpwKK1nam74gDL0FVyYIyjDPOwQl1BgHARFh+NBDdTAqpWmpmxuwQ0WMeMEmGo wTVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721668885; x=1722273685; h=embedded-html:mime-version:references:in-reply-to:message-id:date :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=rEvLuIP0s4xCAIXPpatfLdd98CikpWWeaEQcWh04uqo=; b=qhiS+R9pXvs8kqX0irC3GvcSK3d7ksZ9CGO7dCSLaeALi2O/FFzQLZ01NFCWG+cmTY 8xCve95BePW9zLaP0r1sSA/+s0PLPTdfRWbWlpfwrHQcgEjapkPcRgHIlit5ee4gQkGR aPu8BLLxOMDnFJKDRE/a+LCUZxxaLLcnqbwEg4Z6IfWldQTwT87uG6yDeh77DES38SPY GzPOs7TKwTtmBV5CbmGR0IU0DP87Uu6cNmlI5htzYBuE7rs07bHKeRn0uW9zlPNcJzgx 8l9NUIi/waIDkhNUtIoEYeMUEoQUfL83Hd/VP9t2BNob/LnrwS1DIC1JirGq8aVJEBL9 iHgg==
X-Gm-Message-State: AOJu0YxCNxYpCW2Nis+y3Q6vaCx4K9dM/ZPb15js1qmlJ7JzdQvAq2Fr muZ/X+dRj1Sw61Uh+dDX5AC9D5oirEVbMshsL/0AT8o9XlpDZBDuOw5rr3SlJ/VXbfycnrwiscY L7fCP5g==
X-Google-Smtp-Source: AGHT+IH0X9cDPyVHZYlKh8i3VynQ0AYUYIuyuUhwRmgg8DGla/4CmRjP1jT6NAc16kNrOvXfwS1MBg==
X-Received: by 2002:a17:90a:ea81:b0:2c4:dcf6:2130 with SMTP id 98e67ed59e1d1-2cd161b02c4mr4736609a91.32.1721668884485; Mon, 22 Jul 2024 10:21:24 -0700 (PDT)
Received: from [172.20.0.193] ([173.214.130.139]) by smtp.googlemail.com with ESMTPSA id 98e67ed59e1d1-2ccf7b2d5e2sm7263063a91.7.2024.07.22.10.21.23 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Jul 2024 10:21:23 -0700 (PDT)
From: James Galvin <galvin@elistx.com>
To: "Gould, James" <jgould=40verisign.com@dmarc.ietf.org>
Date: Mon, 22 Jul 2024 10:21:23 -0700
X-Mailer: MailMate (1.14r5937)
Message-ID: <BCF9324F-F9DC-4493-BF48-DA0B14591EFB@elistx.com>
In-Reply-To: <3F7C7147-048B-4E8E-85DE-C5C886F08140@verisign.com>
References: <3F7C7147-048B-4E8E-85DE-C5C886F08140@verisign.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_E9283E85-3781-46F9-9B4B-E3FEDAE697E1_="
Embedded-HTML: [{"plain":[629,8375],"uuid":"7CC6BE1E-A5C0-406F-8312-B8E2C5FEB061"}]
Message-ID-Hash: X4U3BVKDID3PYJKS2PGBNAFS3PO6U3G6
X-Message-ID-Hash: X4U3BVKDID3PYJKS2PGBNAFS3PO6U3G6
X-MailFrom: galvin@elistx.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-regext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: regext@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [regext] Re: Review of draft-ietf-regext-rdap-versioning, draft-ietf-regext-rdap-x-media-type, and draft-ietf-regext-rdap-extensions
List-Id: Registration Protocols Extensions Working Group <regext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/ZmAQKOAwhPo9oeJnbJfPMj8e0vE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Owner: <mailto:regext-owner@ietf.org>
List-Post: <mailto:regext@ietf.org>
List-Subscribe: <mailto:regext-join@ietf.org>
List-Unsubscribe: <mailto:regext-leave@ietf.org>
Speaking as co-Chair: Thank you Jim for these detailed comments. For the working group, the question that will be before us in the discussion on Wednesday, which was also before us at IETF119, is what problem are we trying to solve? The second order question, which was also before us at IETF119, is what is the relationship between these documents. Jim’s note is a pretty deep consideration of that second question. Please come prepared on Wednesday to discuss the first question. There will be Chair slides later today with more details. Thanks, Jim co-Chair REGEXT On 22 Jul 2024, at 7:59, Gould, James wrote: > Hi, > > I did a detailed review of the three drafts > draft-ietf-regext-rdap-versioning, > draft-ietf-regext-rdap-x-media-type, and > draft-ietf-regext-rdap-extensions for alignment. The following are my > findings: > > > 1. draft-ietf-regext-rdap-versioning includes support for > draft-ietf-regext-rdap-x-media-type and the “versioning” query > parameter for the client to provide a hint of the extension versions > to include in the RDAP query and RDAP response. The server MUST > support both methods and the client MUST include a single method in > the RDAP query to ensure that there are no conflicts. This ensures > that clients can specify the extension versions via a query parameter > and via an HTTP header per draft-ietf-regext-rdap-x-media-type. > 2. draft-ietf-regext-rdap-x-media-type could be merged into > draft-ietf-regext-rdap-versioning, since it now represents one method > of an Extension Versioning Request. > * An alternative is for draft-ietf-regext-rdap-x-media-type to > support a more generic form of query parameters for use in any RDAP > extension. > * The extension can stay separate if there is some advantage. > 3. draft-ietf-regext-rdap-versioning defines a Extension Version > Identifier in section 3.1 > https://datatracker.ietf.org/doc/html/draft-ietf-regext-rdap-versioning#name-extension-version-identifie > as: > * ABNF > > i. > extension-version-identifier = identifier versioning > > ii. > identifier = ALPHA *( ALPHA / DIGIT / "_") ; Extension Identifer > > iii. > versioning = ["-" 1*VCHAR] > > * draft-ietf-regext-rdap-x-media-type needs to also support the > extension-version-identifier to use it with > draft-ietf-regext-rdap-versioning, which currently uses the language: > > i. > “This media type has a parameter of "extensions" which is a > whitespace-separated list of RDAP extensions as defined in the IANA > RDAP Extensions registry.” > > * How about making this more generic to support > additional types of extension versioning schemes, such as the > language: > * “This media type has a parameter of "extensions" > which is a whitespace-separated list of RDAP extensions, such as > defined in the IANA RDAP Extensions registry.” > > i. > Use of the IANA RDAP Extensions registry will support Opaque > Versioning in draft-ietf-regext-rdap-versioning, where use of “such > as” will allow for additional RDAP extensions schemes. > > ii. > “the values in the media type's extension parameter SHOULD match the > values in the rdapConformance array in the return JSON.” > > * The Extension Version Identifier does include the > extension identifier, so the question is whether inclusion of the > versioning suffix will meet the “match the values in the > rdapConformance array”. > * How about making this more specific to directly > reference the version identifiers, which would work better with > draft-ietf-regext-rdap-versioning: > * “the extension identifier values in the media > type's extension parameter SHOULD match the values in the > rdapConformance array in the return JSON.” > * “though clients SHOULD list the extension identifier > in the extensions parameter when using other protocol elements of > those extensions. Servers SHOULD NOT require the usage of extension > identifiers in the extensions paramater when other extension protocol > elements are used. > * To support draft-ietf-regext-rdap-versioning, this > could be modified as: > > i. > “though clients SHOULD list the extension identifier in the > extensions parameter when using other protocol elements of those > extensions. Servers SHOULD NOT require the usage of extensions > identifiers in the extensions parameter when other extension protocol > elements are used” > > ii. > Referencing extension instead of extension identifier would be > more generic to support the Extension Version Identifier. > > iii. > Nit – replace “paramater” with “parameter” > > 1. draft-ietf-regext-rdap-x-media-type Security Considerations > parameter below may be best to address in > draft-ietf-regext-rdap-versioning and even more generically in > draft-ietf-regext-rdap-extensions > * “This specification does contrast with solutions using > query parameters in that those solutions require servers to blindly > copy query parameters into redirect URLs in situations where such > copying could cause harm, such as copying an API key intended for one > server into the redirect URL of another server.” > 2. draft-ietf-regext-rdap-x-media-type B.2 “Query Parameters > Considered Harmful” could be moved to > draft-ietf-regext-rdap-extensions, since query parameters are used in > many places in RDAP, so providing clear guidance when a query > parameter should or should not be used would be useful in > draft-ietf-regext-rdap-extensions. I don’t believe query parameters > are “harmful” but has a disadvantage in the use cases presented. > The query parameter has the advantage of being a simple approach for > clients to provide their hint when directly interfacing with the > server. In re-reviewing draft-ietf-regext-rdap-extensions it does > look like section 12 “Redirects” includes some guidance related to > query parameters, where I believe it would be beneficial to have a > separate query parameter section in draft-ietf-regext-rdap-extensions. > 3. draft-ietf-regext-rdap-x-media-type B.2.4 “Architectural > Violations” and B.3 “RDAP Extension Versioning” could be > removed, since I don’t see how the use of a query parameter in RDAP > would be considered an architectural violation and RDAP Extension > Versioning will be worked on in parallel in > draft-ietf-regext-rdap-versioning. > 4. draft-ietf-regext-rdap-versioning > * In section 8 “Extension Versioning”, I just want to > confirm that draft-ietf-regext-rdap-versioning address the normative > language and if not what needs to be added: > > i. > “If a future RFC defines a versioning scheme (such as using the > mechanims defined in section Section > 2<https://datatracker.ietf.org/doc/html/draft-ietf-regext-rdap-extensions#extension_identifier> > ), an RDAP extension definition MUST explicitly denote this > compliance.” > > * Section 8.1 “Backwards-Compatible Changes” > > i. > This section may not be needed with draft-ietf-regext-rdap-versioning, > since the set of supported extension versions are explicitly > specified, where in the case of Opaque Versioning the server could > support many versions of the extension. > > * Section 8.2 “Backwards-Incompatible Changes” > > i. > IT would be helpful to include the reference to > draft-ietf-regext-rdap-versioning as an option to consider in > signaling support for more than one version of an extension. > > * Section 9 “Extension Identifiers in a Response” > > i. > You can update the reference of [I-D.gould-regext-rdap-versioning] to > be [I-D.draft-ietf-regext-rdap-versioning]. > Thanks, > > -- > > JG > > [cid87442*image001.png@01D960C5.C631DA40] > > James Gould > Fellow Engineer > jgould@Verisign.com<applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> > > 703-948-3271 > 12061 Bluemont Way > Reston, VA 20190 > > Verisign.com<http://verisigninc.com/> > _______________________________________________ > regext mailing list -- regext@ietf.org > To unsubscribe send an email to regext-leave@ietf.org
- [regext] Review of draft-ietf-regext-rdap-version… Gould, James
- [regext] Re: Review of draft-ietf-regext-rdap-ver… James Galvin
- [regext] Re: Review of draft-ietf-regext-rdap-ver… Gould, James
- [regext] Re: Review of draft-ietf-regext-rdap-ver… James Galvin
- [regext] Re: Review of draft-ietf-regext-rdap-ver… Gould, James
- [regext] Re: Review of draft-ietf-regext-rdap-ver… Jasdip Singh
- [regext] Re: Review of draft-ietf-regext-rdap-ver… Gould, James
- [regext] Re: Review of draft-ietf-regext-rdap-ver… Andrew Newton (andy)