Re: [regext] [Ext] Re: RDAP and link context
James Mitchell <james.mitchell@iana.org> Mon, 04 March 2024 18:58 UTC
Return-Path: <james.mitchell@iana.org>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D081BC13AE21 for <regext@ietfa.amsl.com>; Mon, 4 Mar 2024 10:58:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.805
X-Spam-Level:
X-Spam-Status: No, score=-6.805 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6pKP2wl-W-YX for <regext@ietfa.amsl.com>; Mon, 4 Mar 2024 10:58:54 -0800 (PST)
Received: from ppa4.dc.icann.org (ppa4.dc.icann.org [192.0.46.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD83AC14F5F2 for <regext@ietf.org>; Mon, 4 Mar 2024 10:58:54 -0800 (PST)
Received: from MBX112-E2-CO-1.pexch112.icann.org (out.mail.icann.org [64.78.33.7]) by ppa4.dc.icann.org (8.17.1.24/8.17.1.24) with ESMTPS id 424IwiCu014534 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 4 Mar 2024 10:58:46 -0800
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Mon, 4 Mar 2024 10:58:44 -0800
Received: from MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) by MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) with mapi id 15.02.1258.028; Mon, 4 Mar 2024 10:58:43 -0800
From: James Mitchell <james.mitchell@iana.org>
To: Jasdip Singh <jasdips@arin.net>, "Hollenbeck, Scott" <shollenbeck@verisign.com>, "andy@hxr.us" <andy@hxr.us>
CC: "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [regext] [Ext] Re: RDAP and link context
Thread-Index: AQHabZ67jYEYvryq6UqBy7wSKjPSibEoTMcAgAADnQD//6BTgA==
Date: Mon, 04 Mar 2024 18:58:43 +0000
Message-ID: <96CE291D-4D92-48A2-A936-8F9625E77F49@iana.org>
References: <E057A842-3FF6-4A0A-BD95-9CB8C047BBE9@iana.org> <CAAQiQRco_P-U2EzwXPOudpohUvO0kNhbBkkFBGKbrCG+ANUogA@mail.gmail.com> <A56D1534-E81E-4783-A731-B2ADC1D0E5EA@iana.org> <LV3PR15MB6453ADFFF1B4935F50F26444C95C2@LV3PR15MB6453.namprd15.prod.outlook.com> <59520332939e4bfcb6c64802f08226e5@verisign.com> <LV3PR15MB6453F00DE23B54A4D3145B9EC9232@LV3PR15MB6453.namprd15.prod.outlook.com>
In-Reply-To: <LV3PR15MB6453F00DE23B54A4D3145B9EC9232@LV3PR15MB6453.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: True
Content-Type: multipart/alternative; boundary="_000_96CE291D4D9248A2A9368F9625E77F49ianaorg_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-04_14,2024-03-04_01,2023-05-22_02
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/kudBMQ52OoEpEfUU2hAu08a9j60>
Subject: Re: [regext] [Ext] Re: RDAP and link context
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2024 18:58:58 -0000
Thanks for the link, Scott. It appears that the context was made mandatory because of an interpretation of “according to Section 3 of RFC5988, the members "value", "rel" and "href" are all required.” This is correct by definition, however fails to consider web linking as a whole. RFC 8288 defines the HTTP Link header and it’s context having a default value (https://datatracker.ietf.org/doc/html/rfc8288#section-3.2). While the context (anchor) can be defined, it also warns that applications might reject links assigned to other resources (other contexts). Note also the third paragraph in the security considerations section that warns about trusting links with explicitly defined anchors/context. Furthermore, appendices A.1 and A.2 of RFC 8288 also describe the link context for HTML and Atom, but note in none of these is the context explicitly defined alongside the definition of the link. The link context should not have been made mandatory. If you are to fix this, I would suggest text along the lines of: A link must have a context, a relation type, and a target as described in Section 2 of [RFC8288]. By default, the context is the is the URI associated with the entire JSON response and does not need to be explicitly defined. The "value" JSON value can be used to assign a different context URI, however servers and clients should be aware of Section 3.2 and Section 5 of [RFC8288] when providing assigning different contexts. The JSON name/values of "rel", "href", "hreflang", "title", "media", and "type" correspond to values found in Section 3<https://www.rfc-editor.org/rfc/rfc8288#section-3> of [RFC8288<https://www.rfc-editor.org/rfc/rfc9083#RFC8288>]. A "related" link relation MUST NOT include an "href" URI that is the same as the "self" link relation "href" URI to reduce the risk of infinite client processing loops. Internationalized Domain Names (IDNs) returned in URIs SHOULD be consistently returned in LDH name format to allow clients to process these IDNs according to their capabilities. Thanks, James From: regext <regext-bounces@ietf.org> on behalf of Jasdip Singh <jasdips@arin.net> Date: Monday, March 4, 2024 at 8:41 AM To: "Hollenbeck, Scott" <shollenbeck@verisign.com>, James Mitchell <james.mitchell@iana.org>, "andy@hxr.us" <andy@hxr.us> Cc: "regext@ietf.org" <regext@ietf.org> Subject: Re: [regext] [Ext] Re: RDAP and link context Thanks, Scott. RFC 8288 (obsoletes RFC 5988) also retains this requirement (in section 2). Jasdip From: Hollenbeck, Scott <shollenbeck@verisign.com> Date: Monday, March 4, 2024 at 11:28 AM To: Jasdip Singh <jasdips@arin.net>, james.mitchell@iana.org <james.mitchell@iana.org>, andy@hxr.us <andy@hxr.us> Cc: regext@ietf.org <regext@ietf.org> Subject: RE: [regext] [Ext] Re: RDAP and link context From: regext <regext-bounces@ietf.org> On Behalf Of Jasdip Singh Sent: Sunday, March 3, 2024 2:12 PM To: James Mitchell <james.mitchell@iana.org>; Andrew Newton (andy) <andy@hxr.us> Cc: regext@ietf.org Subject: [EXTERNAL] Re: [regext] [Ext] Re: RDAP and link context Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hi. Did some digging on this. Right, RFC 7483 had only “href” as a MUST. RFC 7483bis (eventually RFC 9083) additionally made “rel” and “value” as MUST’s. Looks like the “rel” MUST came about because of RFC 8288 mandating so [1], and the RDAP Deployment Findings and Update draft highlighting so [2]. As for making “value” a MUST, the rationale is not very clear from [2]. It even passed the IESG review [3]. (Scott might be able to shed more light on this. :)) [SAH] The change was made in version -01 of draft-hollenbeck-regext-rfc7483bis (“Clarified that the "value", "rel" and "href" JSON values MUST be specified in the "links" array.”) Here’s the on-list discussion: https://mailarchive.ietf.org/arch/msg/regext/kWZ9ix80uaUAHqXjJsf_L2IN-Ys/ [mailarchive.ietf.org]<https://urldefense.com/v3/__https:/mailarchive.ietf.org/arch/msg/regext/kWZ9ix80uaUAHqXjJsf_L2IN-Ys/__;!!PtGJab4!96Si9ZKlOG3GC7TFJeKZ5lVO-tZO2LtXGwEWvV7bOrVL_bfPOQtHLXY__xfumApzO51K0xaYAgiQmz7v8ru17Il_$> Blame RFC 5988. [SAH] Scott
- [regext] RDAP and link context James Mitchell
- Re: [regext] RDAP and link context Andrew Newton (andy)
- Re: [regext] RDAP and link context rep.dot.nop
- Re: [regext] RDAP and link context rep.dot.nop
- Re: [regext] [Ext] Re: RDAP and link context James Mitchell
- Re: [regext] [Ext] Re: RDAP and link context Jasdip Singh
- Re: [regext] [Ext] Re: RDAP and link context Hollenbeck, Scott
- Re: [regext] [Ext] Re: RDAP and link context Jasdip Singh
- Re: [regext] [Ext] Re: RDAP and link context James Mitchell
- Re: [regext] [Ext] Re: RDAP and link context Hollenbeck, Scott
- Re: [regext] [Ext] Re: RDAP and link context Andrew Newton (andy)
- Re: [regext] [Ext] Re: RDAP and link context James Mitchell
- Re: [regext] [Ext] Re: RDAP and link context Andrew Newton (andy)
- Re: [regext] RDAP and link context Tom Harrison