Re: [regext] rfc7484bis

Marc Blanchet <> Wed, 12 August 2020 16:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5BE583A13AB for <>; Wed, 12 Aug 2020 09:22:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qXjfFiz8Zf60 for <>; Wed, 12 Aug 2020 09:22:40 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8C7FA3A10C7 for <>; Wed, 12 Aug 2020 09:22:39 -0700 (PDT)
Received: by with SMTP id w9so1897389qts.6 for <>; Wed, 12 Aug 2020 09:22:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hxxBxPma4p9HIlLcJ+ywCvdnXbSBgEynuHpN7S5ry5I=; b=ZXPRSlHdqAgu6D3fMm2T7qgM51UjFZsVMd0W+2kIL34wRIGb3dAtb9GV5+gPUekaCu y/EKuqNC9dhGVpeM9/J7dmjM0nAmDzH0QmkSwb1yLxg4w1+tTv6UKvl07UER35yq2XV2 1+apXu290XpqCQNDhTx7YB+SCSRY//6anPezzU9jfd9hDXIbLvjfj9Nuc5y7IijfNYNg TRYTrb32YnvaRr3Df35LXaSeSbetPgN0Rc1GMyVbyLv70clyCwotMJXz76LwRFj3L7pd ENSBlZSKWqtBsQbUlI0CSLQlenpt3PJCdPQ/Acv2phvnl8Frhwb5DgEbqTdGMYpbPQZD H5ZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hxxBxPma4p9HIlLcJ+ywCvdnXbSBgEynuHpN7S5ry5I=; b=q9hazOLfMZrBIbad7T4xPcaqFcvw2UCNvtjJOFNMkCmoOr25s21HuzgH5SI8bNGRU0 O8w1+QUVPbQZmVgLLLf1wN0HsNV88ojkBvZJzATpdzOYdm0yoHvUYxJmjUFIY2Eysw13 WMHM1TMEudkt3IxYXSoiSvYykMQ7z0bvdswhEEPI3j+ORFIFlyjcDFjV7pe14jgNaieL wy/rgb0oh8p2pQkLAOfHYSr1fdfe7gCuCicGK//2jX1CgsTEojJqIcYWtHSGwH3NZ//L k5aFZ0Xhy1rtVlZ0e5ZtFoA8SqrqmCxZQ01k6tt1k6AhBimvuY0oU36ur74Vv2mYB8xK SPZg==
X-Gm-Message-State: AOAM532EXVHsB1XbiRNlgQPgofGUB3yvX/EDDqmF7UYBl9R0Uv4FgpKm 4JsTufUesmEAeksBiOVUd481Yo42R5Jq1Q==
X-Google-Smtp-Source: ABdhPJxhp5Uf+JquHdxal8cAMANsG18JDKE6fqKD0xDaqRAJMlpuoVjOolkkSkc4IWVt4Q5fogB9nA==
X-Received: by 2002:ac8:5416:: with SMTP id b22mr387356qtq.45.1597249358394; Wed, 12 Aug 2020 09:22:38 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id y46sm3165658qth.78.2020. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 12 Aug 2020 09:22:37 -0700 (PDT)
From: "Marc Blanchet" <>
To: "Patrick Mevzek" <>
Date: Wed, 12 Aug 2020 12:22:36 -0400
X-Mailer: MailMate (1.13.1r5671)
Message-ID: <>
In-Reply-To: <>
References: <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [regext] rfc7484bis
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 12 Aug 2020 16:22:41 -0000

On 11 Aug 2020, at 15:27, Patrick Mevzek wrote:

> Hello Marc,
> On Tue, Aug 11, 2020, at 13:55, Marc Blanchet wrote:
>> On 4 Aug 2020, at 15:47, Patrick Mevzek wrote:
>>> PS: related but not directly, at least for domain registries, it 
>>> would
>>> be
>>> nice to have an `SRV` record on `_rdap._tcp` or something to point 
>>> to
>>> relevant
>>> RDAP server, even if that does not allow to encode the path (but 
>>> maybe
>>> a solution with .well-known/ and URI template could be found), it
>>> allows at least
>>> for nice failover and load balancing. It may be a problem for gTLDs 
>>> as
>>> they have
>>> restrictions in content of their zone.
>> well, this has been debated at length during the WEIRDS working group
>> work. I actually wrote a sentence about this in the RFC (in the
>> acknowledgements section). I’m not sure we want to restart the 
>> debate
>> again…
> I am not saying to restart the debate, especially not in the context 
> of a -bis document where protocol changes are not welcome.
> But the RFCs are also 5 years old now and a lot of things change 
> quickly.
> SVCB record in the DNS being one, while not there already.
>>> Maybe the newly expected SCVB record could help...
>>> A setup like that would allow for discoverability without
>>> centralization of data,
>>> which also removes IANA from the hot operational path when RDAP
>>> clients do queries.
>> yes. this is the well-known caveat of this RFC and discussed and 
>> debated
>> during WEIRDS. But experience up to now has not shown any issue, at
>> least to my knowledge. (and as a developer of the RDAP Browser mobile
>> app, I haven’t seen any issue fetching that registry. I do have 
>> found
>> thousands of issues with the registry/registrars RDAP servers 
>> however,
>> but that is another story).
> I am not saying there is a current issue, fetching the JSON file from 
> webserver is clearly the smallest problem of any RDAP client.
> But I also think there is currently no issue because basically the 
> world did
> not shift to RDAP in any way yet. Which can easily be witnessed by the 
> amount
> of broken servers so far - even if they are in a regulated space where 
> compliance
> is an issue - and the total lack of ccTLDs in this space, at least in 
> operations.
> Once there is a shift, then an issue can happen. Or not. We can indeed 
> not
> try to prematurely optimize this.
> And I would prefer a more decentralized way of discovery, because it 
> makes
> more sense to me and because we do already have a decentralized 
> publicly available
> database (the DNS) that could store RDAP related information per 
> registry.

we all wanted. But when one think of all the requirements and that we 
make sure it works for both domains and IP addresses and AS numbers, the 
best compromise solution was the IANA registries. None of the solutions 
discussed were perfect. Yes, the IANA registry solution is not 
distributed, but brings additional features (as agile as we want with a 
JSON data model) that were not available in in-dns solutions, available, 
ready to deploy, and also, one of the point that was pushed often was 
the ability to fetch the data from a contained Javascript client in a 
browser (where dns queries are not available).


> -- 
>   Patrick Mevzek