IETF Logo Mail Archive

Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)

"Gould, James" <jgould@verisign.com> Fri, 17 June 2022 13:02 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C02BC157B34 for <regext@ietfa.amsl.com>; Fri, 17 Jun 2022 06:02:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RIXQ5dUh0Pyt for <regext@ietfa.amsl.com>; Fri, 17 Jun 2022 06:02:33 -0700 (PDT)
Received: from mail6.verisign.com (mail6.verisign.com [69.58.187.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69C85C14F748 for <regext@ietf.org>; Fri, 17 Jun 2022 06:02:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=41173; q=dns/txt; s=VRSN; t=1655470954; h=from:to:subject:date:message-id:mime-version; bh=lTBIAY6qOpFO/pcHD7rDq0NmBAcb+j+xDOpLBB9fhLU=; b=Z8ElrlEJN2mIUpiqjpZaeB+yOufdkbhWb9yaYCj62qxPTHEmCkFhSrWk ByFiAdP8C2pP4MmzN+3MOMfWXYNQDPFRMdiBcZreEm+P3KCkdssffBlEd Z7aotHPHZFifnYPtJYlMks2sxU7SlZxIeyIPwucpVbqyBY4wMU+gISuxl JPH1P1sx+k3kFDGEJPlpB7RWl9V8bMQLPi/TMSs4ZQYbFYWERRK5sd1bd vnosQtTEtpcDRInFTvn3BVi3WXEYi8bYevX7jwKVBVycJ6lDwOwdZ2S0b AJd42P9/kSnDPbRMzRlyggF9IOGrkIuP3kf/7wSdArRtjSFR5ws/V1j5B Q==;
IronPort-Data: A9a23:UFJJYKgEO6Fuc9h8PQkkkcw3X161FBEKZh0ujC45NGQN5FlHY01je htvX2yBOfjbYmL2LY8gYYm+909X7Zbcx9RnHldtpHo2RnkW8JqUDtmndUqhZCn6wu8v7q5Ex 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wqz6V5NfsYkidfyc9IMsaoU8lyrRRbrJA24DjWVvT4 I2q/6UzBXf+s9JKGjNMg068gE431BjCkGtwUosWPK0jUPf2zhH5PbpHTU2DByKQrrp8R4ZWc 93+IISRpQs1yT92U4/4zeyrGqE9auW60QCm0hK6UoD82kQS/nRaPqwTbJLwYm8P49mFckwYJ HygevVcRC9wVpAgltjxXDFbGmZQDL1UqYXmHkiDu8GJ5hXfdmnjlqAG4EEeZeX0+85dO0cXy to1GGhXKA6IgPiuhru3DPd2ncJlJ87uVG8dkig4i2iGVrB/HMuFH/SiCdxwhV/cguhMEvHDY 8Yxdzd1bQ/BbBsJMVASYH47tL713yClLWwCwL6TjZQWynfI5glv65/SHOTaVsOQfpxern/N8 woq+Ey8WHn2Lue3zDOf83XqgujBkzn2VIU6FbyksPVsmhuS2gQ7Ex0RUV+2p/O0gU3rB4pBJ lYV4Sshq+4580mDQtz0RRb+oXOYsFgbQdU4O/c35wyd1oLV7hqXQG8eQVZ8hMcOvtUwHCMs2 0/RxZbyGyYptbyODHiasL2Oq2r0JzIOKykJYipsoRY53uQPabob1nrnJuuP2obs5jEpMVkcG wy3kRU=
IronPort-HdrOrdr: A9a23:WCxsnapN5lFX5Ob9+G94tGEaV5r2eYIsimQD101hICG9Ffbo8v xG/c5rtyMc5wxwZJhNo7690cq7Lk80nKQdibX5Vo3SPzUO1lHIEKhSqaXvxDH6EzDz+6p3xc 5bH5RWOZnVAUJhhcj3pCu1A78bquWvweSNif3Fx3lgCTt2bbpthj0VNi+AHlZoSBJ9CZ01KZ qZ6qN8zAadRQ==
X-IronPort-AV: E=Sophos; i="5.92,306,1650945600"; d="scan'208,217"; a="15112692"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.24; Fri, 17 Jun 2022 09:02:31 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2375.024; Fri, 17 Jun 2022 09:02:31 -0400
From: "Gould, James" <jgould@verisign.com>
To: "mario.loffredo@iit.cnr.it" <mario.loffredo@iit.cnr.it>, "shollenbeck=40verisign.com@dmarc.ietf.org" <shollenbeck=40verisign.com@dmarc.ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)
Thread-Index: AQHYgkqA4zykjhWlxEe4nUUkQGwkXg==
Date: Fri, 17 Jun 2022 13:02:31 +0000
Message-ID: <170F5204-AEF5-4495-B272-B8FE7A98B88C@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.59.22031300
x-originating-ip: [10.170.148.18]
Content-Type: multipart/alternative; boundary="_000_170F5204AEF54495B272B8FE7A98B88Cverisigncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/fIA70fb4qqQGD9G1u4rk7aKrFTc>
Subject: Re: [regext] OK, What Next? (was RDAP Extensions Approach Analysis v2)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jun 2022 13:02:38 -0000

I agree with Mario that we need to first consider the approaches presented (approach A, B, and C) prior to determining what changes need to be made to the existing RFCs.  I believe that the use of the "lunarNIC_level_0" identifier is appropriate for the RDAP Conformance value in RFC 9083 to signal support for the specification.



The gap that exists in the RFCs is how to support versioning of the RDAP extensions.  The RDAP conformance identifiers can support versioning, with "rdap_level_0" providing the base identifier for RDAP itself.  There is nothing that explicitly ties the prefix registrations with the RDAP conformance identifier registrations, where the prefixes define new path segment and response elements, and the RDAP conformation identifier signals the support for a specification.  I believe the RDAP Conformance identifiers should include the versioning, like the namespace URI in XML, and the prefixes should not include versioning, like the namespace prefix in XML.   If we consider the versioning of RDAP extensions, I include an example of each approach in the drafts below:



  1.  Approach A - https://datatracker.ietf.org/doc/html/draft-ietf-regext-rdap-openid-15
     *   Registration of versioned extension prefix “roidc1”, that is used for the RDAP conformance and used as an RDAP prefix, as in “roidc1_session”, “roidc1_deviceInfo”, “roidc1_openidcConfiguration”.
     *   If the version changes, all the extension elements (RDAP conformance and the RDAP prefixes elements will change), and there is no formal format for the version number.
  2.  Approach B - https://datatracker.ietf.org/doc/html/draft-ietf-regext-rdap-redacted-04#section-6
     *   Registration of the extension prefix “redacted”, which is used for the new response member and used as the prefix used in the versioned RDAP conformance value “redacted_level_0.2”.  Note, the use of “.” does not match RFC 7480, so the versioned RDAP Conformance value should have been “redacted_level_0_2”.
     *   The version of the RDAP Conformance is defined in the associated specification, but it will use the unique prefix registered in the RDAP Extension Registry.
     *   This provides the linkage similar to Approach A, but doesn’t cascade versioning into the prefix and the extension elements.
  3.  Approach C - https://datatracker.ietf.org/doc/html/draft-ietf-regext-rdap-redacted-07
     *   Registration of the extension prefix “redacted” and the versioned extension identifier “redacted_level_0_3”, where there can be more than one extension prefix “redacted”, “redacting”, “redaction” registered along with the versioned extension identifier “redacted_level_0_3”.  The RDAP conformance identifier is used for signaling only and the registered prefixes ensure uniqueness with other RDAP extensions.



I’m starting to think that Approach B may satisfy both requirements of those advocating for Approach A and those advocating for Approach C, where there is a linkage between the RDAP conformation value and the RDAP prefixed in Approach A, and there is versioning support that is isolated to the RDAP conformance in Approach C.  The RFCs mix of the term prefix and identifier would need to be clarified and how versioning is handled needs to be defined.



--



JG







James Gould

Fellow Engineer

jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>



703-948-3271

12061 Bluemont Way

Reston, VA 20190



Verisign.com <http://verisigninc.com/>



On 6/16/22, 10:08 AM, "regext on behalf of Mario Loffredo" <regext-bounces@ietf.org on behalf of mario.loffredo@iit.cnr.it> wrote:



    Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.



    Hi Scott,



    Il 16/06/2022 15:30, Hollenbeck, Scott ha scritto:

    >> -----Original Message-----

    >> From: regext <regext-bounces@ietf.org> On Behalf Of Mario Loffredo

    >> Sent: Thursday, June 16, 2022 2:57 AM

    >> To: regext@ietf.org

    >> Subject: [EXTERNAL] Re: [regext] OK, What Next? (was RDAP Extensions

    >> Approach Analysis v2)

    >>

    >> Caution: This email originated from outside the organization. Do not click

    >> links

    >> or open attachments unless you recognize the sender and know the content

    >> is safe.

    >>

    >> Hi folks,

    >>

    >> I invite you to consider that, currently, rdap-reverse-search and,

    >> potentially,

    >> three other RDAP-related docs are blocked waiting for the end of this

    >> discussion.

    > [SAH] There's no reason for the documents to be blocked if you adopt the

    > practice described in 9083. Look at Section 2.1 (Naming):

    >

    > "Servers that insert such unspecified members into JSON responses SHOULD have

    > member names prefixed with a short identifier followed by an underscore

    > followed by a meaningful name"

    >

    > We need an identifier for "unspecified members" (extension elements) that's to

    > be used as a prefix. Further:

    >

    > "If The Registry of the Moon desires to express information not found in this

    > specification, it might select "lunarNIC" as its identifying prefix and

    > insert, as an example, the member named "lunarNIC_beforeOneSmallStep" to

    > signify registrations occurring before the first moon landing and the member

    > named "lunarNIC_harshMistressNotes" that contains other descriptive text."

    >

    > This example shows the identifying prefix being used in two examples. This

    > begs the question: "What is registered with IANA and returned in the

    > rdapConformance data structure?". Section 4.1 (RDAP Conformance) has the

    > answer:

    >

    > "When custom JSON values are inserted into responses, conformance to those

    > custom specifications MUST be indicated by including a unique string literal

    > value registered in the IANA RDAP Extensions registry specified in [RFC7480].

    > For example, if the fictional Registry of the Moon wants to signify that their

    > JSON responses are conformant with their registered extensions, the string

    > used might be "lunarNIC_level_0"."

    >

    > This unambiguously tells us that the value registered with IANA is included in

    > the rdapConformance data structure. If you consider the text from Section 2.1,

    > the only thing that make sense is if these identifiers are one and the same.

    > That's why I'm saying that the example in 4.1 is incorrect and needs to be

    > fixed. It should be "lunarNIC" to be consistent with Section 2.1 such that the

    > identifier used with "unspecified members" is the same identifier that's

    > returned in the rdapConformance data structure and the same identifier that's

    > registered with IANA.

    >

    >> In addition, it seems to me more logical, first, to decide how RDAP

    >> exentions

    >> must be treated and, then, correct RFC 9083 to make it consistent with what

    >> decided.

    > [SAH] 9083 already describes how extensions must be treated. If there's

    > anything unclear about that description, that lack of clarity should be

    > addressed first. If the WG wants to *change* that description, that's a

    > different discussion.



    [ML] Whatever will be the approach (A,B, or C) we'll agree on, RFC 9083

    needs to be updated.



    But depending on the approach agreed, the corrections needed will be

    different and they wiil involve either the definitions or the examples

    or both.



    Likewise, the elected approach could imply possible changes to the

    existing documents.





    Best,



    Mario



    > Scott

    > _______________________________________________

    > regext mailing list

    > regext@ietf.org

    > https://secure-web.cisco.com/1Kzc-Qe6UgjV-R9D2TuSkCiAafVeiC69srrhOy-YfkUT4wEoM6P4tZxle5nMP2p-grJmL0sN3MargRWKU2K-ElZjgbuj8xU0cvmNj4uqkkc-SjTa-BGR0IOlyGCdhl8Rj9Qc4NbyS0UjRXvGNXAdDDEQCMhMe8cYtnDL9tvmCrGYtXWO7-oBuJQybPtdjJkCPzkggPpEpCWOmAnGfc1Uufdspuxdz1Xt0F6s6QQBVHkVvoZ9TnNImAB3s5ENwyL9_/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext



    --

    Dr. Mario Loffredo

    Technological Unit “Digital Innovation”

    Institute of Informatics and Telematics (IIT)

    National Research Council (CNR)

    via G. Moruzzi 1, I-56124 PISA, Italy

    Phone: +39.0503153497

    Web: http://secure-web.cisco.com/14ojfrPjCC0uZKbflsEuxNfFgHKsAz5anzd-kaxzeNZsRbCoDuDjpzlEzWIzaM5MM8XZjqFJHKfGDDPcnA6dr_GgY2-CXYGZieUsDALj1M9E2Fmebwzya7Wp3wKKqZ0rg6uy10EnPPBNDdD83p4kCSKx4Cll-08iXc0jKVi-322wXWyKG1ITCW0m1sdJEkipnozrferGaRL91A5v6j0PkC4lg_f2Dh9-sN84qFT8BhMJeNh1aHQvYc0Sp-Lh9J7D3/http%3A%2F%2Fwww.iit.cnr.it%2Fmario.loffredo



    _______________________________________________

    regext mailing list

    regext@ietf.org

    https://secure-web.cisco.com/1Kzc-Qe6UgjV-R9D2TuSkCiAafVeiC69srrhOy-YfkUT4wEoM6P4tZxle5nMP2p-grJmL0sN3MargRWKU2K-ElZjgbuj8xU0cvmNj4uqkkc-SjTa-BGR0IOlyGCdhl8Rj9Qc4NbyS0UjRXvGNXAdDDEQCMhMe8cYtnDL9tvmCrGYtXWO7-oBuJQybPtdjJkCPzkggPpEpCWOmAnGfc1Uufdspuxdz1Xt0F6s6QQBVHkVvoZ9TnNImAB3s5ENwyL9_/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext

v2.23.0 | Report a Bug | By Email