Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-06.txt
"Hollenbeck, Scott" <shollenbeck@verisign.com> Tue, 05 January 2021 14:06 UTC
Return-Path: <shollenbeck@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5DAD3A0D05 for <regext@ietfa.amsl.com>; Tue, 5 Jan 2021 06:06:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9TJFZSl74QfZ for <regext@ietfa.amsl.com>; Tue, 5 Jan 2021 06:06:34 -0800 (PST)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC9393A0EEF for <regext@ietf.org>; Tue, 5 Jan 2021 06:06:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=2545; q=dns/txt; s=VRSN; t=1609855594; h=from:to:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=xk3sxmF0nNuaFABZRZLPpeuedWu/dofYMLuH9HKK1Yo=; b=BUzaC0+j+OSzJjxruCT+fnv75/vne8epyEP/R+fmPQYXPmc7AqkPRZ46 37LKEo7cEFtq9OfAA1AS0V+rfqaOQZeI0eLX4SQlJmgj9jZg8A9CGRkrQ 1zHZX7XCLpHZPdVNGTlUwjOCTfjsZoNi8M73oHSg6Pup7ZJ/Wna2+003a 6m5O8W/pfhpjPHlUBocGrNUIChvDYtncvvQgWgjME2n4Qn8Vyar3yrhTf 0EuZ81zrVEl7u1p34ijB6HR4nfHP4kHQ97zfl6ibViXWHiJpMrjtp8GLC /LAlF5MXC8IyWlfErKMrZgorvepTmBjI9ZhcyvrltQtSfZZJBIXzzXVHl w==;
IronPort-SDR: nnlo/6NQjC+HQE6DEJXcttGAgtlykJoIwrjWKaRnvt+NXu7TptWqcZIZM+EF/6ULBFpsIHpaMj X04wzUON97xgXPKBNu003s5uvz21BiMKgydk5GqAQHUjNz9TmnRbzp67I1hprx7vKCNt2C48/X PH6lgKj5Y/bJbeZfEMPc3W0K8hWAgJRky8d1S1wzfkXZNBQ16ReCac8l4kiK9KjLINGW5oaC/8 W3Za5aSmlK7CxL+GWt4gz4iVH4J71WrW1yw6jOEze3lEA3lpOR9tt7/TrB1cPtvkH8axpM90Lo cmE=
X-IronPort-AV: E=Sophos;i="5.78,477,1599523200"; d="scan'208";a="4658272"
IronPort-PHdr: 9a23:xXxBYhy/AF3RR7jXCy+O+j09IxM/srCxBDY+r6Qd2uoQIJqq85mqBkHD//Il1AaPAdyEragf1KGM6ejJYi8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6JvjvGo7Vks+7y/2+94fcbglVhjexe61+IRu0oAneqMUan5ZpJ7osxBfOvnZGYfldy3lyJVKUkRb858Ow84Bm/i9Npf8v9NNOXLvjcaggQrNWEDopM2Yu5M32rhbDVheA5mEdUmoNjBVFBRXO4QzgUZfwtiv6sfd92DWfMMbrQ704RSiu4qF2QxLulSwJNSM28HvPh8JwkqxVvQ6hqRJ8zY7aYo6VNeZxcKzSct4BWWpBR8RRWzBdDo+gcYcCCfcKM+ZCr4n6olsDtRWyCwurBOPrzj9HmHn20rYk3Os9EgHKxBErEc8Sv3TTsNX1KKkeWv2ywanTzTXDaPdW2TPj54jOaR8uv+2DXbFrfMrP10YvDQLFjk6RqYzqOTOZzPgCs2+e7+d5U++klmEopR1rrDe12scslpfGhpgTyl3c6Ch0wIY4KMGmRUN5fNOpFJRdujyVOYdqRs4uX3xktDo0x7MIpJO2fycHxIg7yxDfa/KLb4aG7xDtWuuPJTp1mHRoc6+8iRaq6UWs1/HwWtOp3FtIoCdJiMTAu3AD2hDJ5cWKTuNx8lq91TqVygze6P1ILVopmafUKJMt2KM8m5kVvE/eBCH5gl/2g7WTdkg8/+io7Pnobav+q5+HMo90lhn+MqMzmsyjGeg4MhYBX2yc+emkybDt4VX3TKhKgfMunafWsYzWKdoBqq6nHwBV1Zwj6w6lAzi8zdsUh2cHLEheeBKBlYTmJ1bOIPXgAfe+hVSjjitryujbMrH9GJnBM3rOnbn7cbpg60NRxhA/wN9b6p5MD7EOOvPzWkv/tNzCCR85NhS5w/3nCNV60oMeXXyAAqmCP6zMrVCI5fkiI/eSa48PuTb9MPkl5/HojXMjhVAdeqyp0YMNaH+kBvRmP1mZYX30j9cbD2gKsRQxTeP2iFCZUD5ceWqyX6wm6jE8EoKmAtSLeof4yqaM0yqrArVXa3xITFeWHj2gI5+JVPocdAqTL9Nv1DseWu7yZZUm0ETklAj+z7dhJOff+WlQjpnkyMQ/r7nIlRY28TFyBcmW0EmTQnt1hWIHQXk926Up8h818UuKzaUt268QLtdU/f4cCgo=
X-IPAS-Result: A2E8bQBzcfRf/zGZrQpZCRwBAQE8AQEEBAEBAgEBBwEBFYFGBgEBAwGBOwI2gSuBOAqTFoJQA48NizETgWgLAQEBAQEBAQEBCAEvBAEBhEoCgXEmOgQNAgMBAQsBAQEFAQEBAQEGAwEBAQKGTwuCOCKDdgEBAQEDOksEAgEIEQQBAR8QMh0IAgQKCQgMgxOwUzx0gTSFWIRsgTYCAQGNJ0GBQj6BEYMZPoN/CgEICgEJhhAEgUuBWQRSAxIOOwMwB0ofDCg8mjydRgMHgnabUyuiV5QOnD8ChHkCBAIEBQIWgXAKfnBwL4MKUBcCDYEbm090NwIGCgEBAwmMHIERAQE
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Tue, 5 Jan 2021 09:06:32 -0500
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.2106.006; Tue, 5 Jan 2021 09:06:32 -0500
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] [regext] I-D Action: draft-ietf-regext-rdap-openid-06.txt
Thread-Index: AQHW42sbR0XYgYAszkK2YrB6h5K30qoZD7Dw
Date: Tue, 05 Jan 2021 14:06:32 +0000
Message-ID: <de3d05470d15493697c2c3d053bb7369@verisign.com>
References: <160985521249.14120.3653059009585600299@ietfa.amsl.com>
In-Reply-To: <160985521249.14120.3653059009585600299@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/bJJPJfI6jkyuUAwVyy1BTIf9pG4>
Subject: Re: [regext] I-D Action: draft-ietf-regext-rdap-openid-06.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2021 14:06:37 -0000
> -----Original Message----- > From: regext <regext-bounces@ietf.org> On Behalf Of internet- > drafts@ietf.org > Sent: Tuesday, January 5, 2021 9:00 AM > To: i-d-announce@ietf.org > Cc: regext@ietf.org > Subject: [EXTERNAL] [regext] I-D Action: draft-ietf-regext-rdap-openid-06.txt > > Caution: This email originated from outside the organization. Do not click links > or open attachments unless you recognize the sender and know the content > is safe. > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Registration Protocols Extensions WG of the > IETF. > > Title : Federated Authentication for the Registration Data Access > Protocol (RDAP) using OpenID Connect > Author : Scott Hollenbeck > Filename : draft-ietf-regext-rdap-openid-06.txt > Pages : 25 > Date : 2021-01-05 > > Abstract: > The Registration Data Access Protocol (RDAP) provides "RESTful" web > services to retrieve registration metadata from domain name and > regional internet registries. RDAP allows a server to make access > control decisions based on client identity, and as such it includes > support for client identification features provided by the Hypertext > Transfer Protocol (HTTP). Identification methods that require > clients to obtain and manage credentials from every RDAP server > operator present management challenges for both clients and servers, > whereas a federated authentication system would make it easier to > operate and use RDAP without the need to maintain server-specific > client credentials. This document describes a federated > authentication system for RDAP based on OpenID Connect. I just submitted this version of draft-ietf-regext-rdap-openid since the previous version was about to expire. It may be time to wrap this document up. The capability is needed for some of the other RDAP extensions, and even though the ICANN community isn't talking about using something like this right now the document describes a model that's flexible enough to adapt to changes in the attributes needed to make authorization and access control decisions. AT this point I think the document is ready for WG last call as a Proposed Standard. We need a document shepherd - is anyone interested? Does anyone think that there's anything more to discuss, or any unresolved issues? Scott
- [regext] I-D Action: draft-ietf-regext-rdap-openi… internet-drafts
- Re: [regext] I-D Action: draft-ietf-regext-rdap-o… Hollenbeck, Scott