IETF Logo Mail Archive

[regext] Re: RDAP versioning - on client-server interactions and 2-RTT flow

"Gould, James" <jgould@verisign.com> Thu, 21 November 2024 17:29 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B75A0C1840D8 for <regext@ietfa.amsl.com>; Thu, 21 Nov 2024 09:29:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aWUwHxFZgVrc for <regext@ietfa.amsl.com>; Thu, 21 Nov 2024 09:29:18 -0800 (PST)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) by ietfa.amsl.com (Postfix) with ESMTP id 3868BC1840D1 for <regext@ietf.org>; Thu, 21 Nov 2024 09:29:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=4476; q=dns/txt; s=VRSN; t=1732210158; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=A3O/UlxLMctIlJ6I1jDiz3b78fnvnrFVUyj+Pgi/hB4=; b=g+b+dk4NSmzyvWE3/EgsJRo3FOjsHUkj5dLY7YBvLdrlNOeJPWDubapY zf1CZW1yGez6iOXQIwz1CL2+KuroYU99ddHV3LIMCRHBAvB4uB8/7h/RB mZ+yep5GzsUk+ktYHh8cBvYe+kvtFoPdtUKihmIw8BLroUh1ixx/syYwV hE8M5d+gCRAe8kln3GWJl8+ZtvbrxBYhG0TO3Hxxpm7ATXKQHLbYBXmt6 FIV+kSfEfMw3NbfIcVVKrh33zrQIxCwMc1ich9ttJl69ktSBf77o60dxi v3M5OqZsIBCYvWCT2woFa1qEpMXooM4B5q+uXd59BIbIWF723Hr9D8dw+ Q==;
X-CSE-ConnectionGUID: cOU+bj7mQCuT4c5qxxITcQ==
X-CSE-MsgGUID: XA4NpQxgQh2WrPJ5J/BSwg==
X-ThreatScanner-Verdict: Negative
IronPort-Data: A9a23:mRipuqo0KDN+/WYrP6uCGUTP7YpeBmJmZBIvgKrLsJaIsI4StFCzt garIBmAaKvZZGqjfNkgOtnnoRxU68XdmIUxTQFv+H0xH3gRoJacVYWSI3mrMnLJJKUvbq7FA +Y2MYCccZ9uHhcwgj/3b9ANeFEljfngqoLUUbOCZ2YrA1c9GE/NsDo788YhmIlknNOlNA2Ev NL2sqX3NUSss9JOGjt8B5mr9lU25pwehBtC5gZiPKkR5QeE/5UoJMl3yZ+ZfiOQrrZ8Q7bSq 9brlNmR4m7f9hExPdKp+p6TWlEKWLPbIT+VgXNQXaW46jAazsDl+v9mXBa0QR4/ZwShx7id+ v0U3XCDYV5B0pn3pQgoe0Iw/xdWZvQapeCdcRBThuTIp6HOWyOEL/xGUhlqbdVAkgp9KTkmG fcwcFjhYv0f7g4fLX3SpuRE36wewMfX0Iw3sVZdjjvbUvMfao3/H66X/M9I/Qs7v5UbdRreT 5JxhTtHRi7mOiJpF2dPUdQgl+Cynj/2f3tGskmT46Ew5gA/ziQoiP60b4GTI4HRA5kF9qqbj juuE2DRAB4dKdiT4SSI6HO3h+DJ2yj8Xer+EZXkrq4z3AzMnQT/DjUmfAeducCphXe+Ae1FE 25J2G0Elrc9oRnDot7VGkfQTGS/lh0bRNNUEu4S5AyLy6GS7wvxLnIJQTNRdPQnudM4Azsw2 Te0c8jBDyZp6aKTRGLFr/KPsyn0PCkOaGUFIyUeS1JD/cP4psc4iRenostfLZNZR+bdQVnYq w1mZgBn71nPpabnD5mGwG0=
IronPort-HdrOrdr: A9a23:gzG7PqqvH1X4unDrxAqTgywaV5ryeYIsimQD101hICG9Kvbo8v xHBJwgpGXJYUUqKRUdcLe7SdS9qBLnhOVICOYqXItKMDONhILsFvAB0WKA+UydJ8SdzI5gPM 5bGsAUNDSzNykYsS+Q2mWF+qMbruVvh5rGuQ6x9RpQpEpRGsZdBk9Ce2Cm+gcdfng+OXMWLu vl2vZ6
X-Talos-CUID: 9a23:WPLDBWrGV6NfCSuYW4A3aVnmUcsCTz7XzijVGmSlNTpiFaSFWX6s85oxxg==
X-Talos-MUID: 9a23:nCRQRgoPGD/GD8bRyTcezwFLaOFw2rShMUBXro8+mZSmcgZLJDjI2Q==
X-IronPort-AV: E=Sophos;i="6.12,173,1728950400"; d="scan'208";a="40814973"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.37; Thu, 21 Nov 2024 12:29:16 -0500
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2507.037; Thu, 21 Nov 2024 12:29:16 -0500
From: "Gould, James" <jgould@verisign.com>
To: "kowalik@denic.de" <kowalik@denic.de>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] [regext] RDAP versioning - on client-server interactions and 2-RTT flow
Thread-Index: AQHbPDmAT9iCiMIgNkCZkW2Bw7HSz7LB/VMA
Date: Thu, 21 Nov 2024 17:29:16 +0000
Message-ID: <10BE3B85-4538-49C5-AB98-4EDDCDCF2B5F@verisign.com>
References: <10ba3faa-8bf7-4202-81bf-e2c99473c3db@denic.de>
In-Reply-To: <10ba3faa-8bf7-4202-81bf-e2c99473c3db@denic.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.91.24111020
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <4DD965ADC5D68140876631014D1CB87E@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Message-ID-Hash: VZMRTBENJINQJHBSMYTRVRHSFLQJTKD4
X-Message-ID-Hash: VZMRTBENJINQJHBSMYTRVRHSFLQJTKD4
X-MailFrom: jgould@verisign.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-regext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [regext] Re: RDAP versioning - on client-server interactions and 2-RTT flow
List-Id: Registration Protocols Extensions Working Group <regext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/zLWIyU8n0kmIp0gJPOCJhw-Zkes>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Owner: <mailto:regext-owner@ietf.org>
List-Post: <mailto:regext@ietf.org>
List-Subscribe: <mailto:regext-join@ietf.org>
List-Unsubscribe: <mailto:regext-leave@ietf.org>

Pawel,

RFC 9082 states the following for the Help Path Segment:

The help path segment can be used to request helpful information (command syntax, terms of service, privacy policy, rate-limiting policy, supported authentication methods, supported extensions, technical support contact, etc.) from an RDAP server. The response to "help" should provide basic information that a client needs to successfully use the service.

This is exactly what the versioning extension is doing in the "versioning_help" member, by providing help information on supported extensions.  A client is not required to use the versioning extension to perform queries, since the server does have a default extension version that is specified in the "versioning_help" member.  If a client does run into an extension compatibility issue, it could use the help command to programmically (lazily) or manually determine the root cause of the issue for resolution.  

There is no requirement or expectation that an RDAP client implement 2-RTT.  

Thanks,

-- 

JG 



James Gould
Fellow Engineer
jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/> 




On 11/21/24, 12:19 PM, "Pawel Kowalik" <kowalik@denic.de <mailto:kowalik@denic.de>> wrote:


Hi,


Thinking of interactions between the client and server that versioning 
draft assumes I think we are heading towards 2-RTT model for every request.


Step 1: The client makes an HTTP GET request to the /help endpoint of 
the RDAP server.
Step 2: The response is processed to extract rdapConformance and versioning.
Step 3: Compare the server's supported extensions and versions with 
those supported by the client.
Step 4: If compatible configurations are found, the client makes target 
request to a resource endpoint (e.g., domain/foo.com) using headers or 
query parameters to specify the desired configuration.


So we have 2 full RTTs. Of course a client can cache it for some time 
but not forever, as the server may change at any time its configuration. 
In a cold state or a client without capability to cache this will be 
always 2-RTT if the client would like to be aware of the versions.


I don't think this is in line with rfc7480, which assumes "a client 
implementation should be possible using common operating system 
scripting tools (e.g., bash and wget)". Also not with the usage pattern 
defined in Section 1. None of it is normative, however I would not just 
ignore it without discussing consequences of going this way.


I would like to see more that versioning draft would assume 1-RTT model 
as a primary use-case, so that the client would put a range of versions 
it supports into a request and the server would put best efforts to 
fulfil it. This would be also more "redirect friendly", so that a 
redirected request to another server (no matter if with query parameters 
or headers) would have the same information about client capabilities 
and able to serve the response as opposed to getting a request for 
configuration crafted for the origin server of a redirect.


Kind Regards,


Pawel

v2.31.3 | Report a Bug | By Email | System Status