[weirds] Questions about suffix matches in domain and nameserver searches

Brian Mountford <mountford@google.com> Fri, 30 October 2015 17:41 UTC

Return-Path: <mountford@google.com>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id C7B271B2DC7 for <weirds@ietfa.amsl.com>; Fri, 30 Oct 2015 10:41:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 3gLWUXo98LKg for <weirds@ietfa.amsl.com>; Fri, 30 Oct 2015 10:41:15 -0700 (PDT)
Received: from mail-vk0-x234.google.com (mail-vk0-x234.google.com [IPv6:2607:f8b0:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CBE71B2DC4 for <weirds@ietf.org>; Fri, 30 Oct 2015 10:41:15 -0700 (PDT)
Received: by vkgs66 with SMTP id s66so52003200vkg.1 for <weirds@ietf.org>; Fri, 30 Oct 2015 10:41:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=k9ZkqVL7PxBla3R/8nlpG66BxGg4kRnTO09j6imf7WI=; b=j7FYVn1Y2hGAqITil3E7UKz2UyE58IdDT8eRVZYT6SWKxV9M4m9lOYhl+K/A+QFFxf L67On8oaz6Nn0xoPlb9fp+v2aQgaCqtU9tVd+PRY7X8Sme8gMJIxeMjUQvb3taozJRx7 CgBdUv5SwvFnPrP+9YWyxaeJKR3dV5YqYUo+dzjpn1UT4pWDq41w46nFd6pUEMc16/gp THOgK70ejFRT4aP/doAnjftdNBztv9v8APuEiLB3k81H1JF105KeyP7FkiOxtBudPlaU aH6H746ZIeNfOpnfb/lHJqbuvt0w0mOoHWTRlwDsYQB8sbmrGOgrU2OjCvRc0RVJ2CMc /HjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=k9ZkqVL7PxBla3R/8nlpG66BxGg4kRnTO09j6imf7WI=; b=bA6bB5v5xazuaORP5Cb/SjiGy6W2pQ2u4Zqew+iw9DdbHT/mtDvuOzc8hhi3JmK57K V5zT2mxIt/UpzoBIbborY/fKIERG1mxiZFiVjereT1GhOjf1H0t6pPgok2sHT4HhHssS UKktjyaYWSNE+O30KWDQUYprFUl6fPvztbBiWWcDsJ7BSuKNDtAnQYPTT6VdtZASNhxG XfnMhYIjh4SQMZ70Vs9GiM0/kVx9ntY2yGD/95RgWDFNbhYd4yapYuiVDnU/c+x4W1U4 cRRsweHmokAxPY9Oj9viztyS8ir5cNOasodSw3Ahc+pUTSRUZ6GQK6CekisaB5ms2w4T imfA==
X-Gm-Message-State: ALoCoQleKe/cJA/7mmzSD4XtFER4svnYW/choYToFXlpUW7qUC+8NMsabdYMWffAPDuZTaHwRywX
X-Received: by with SMTP id y136mr6307899vkd.53.1446226874687; Fri, 30 Oct 2015 10:41:14 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Fri, 30 Oct 2015 10:40:55 -0700 (PDT)
From: Brian Mountford <mountford@google.com>
Date: Fri, 30 Oct 2015 13:40:55 -0400
Message-ID: <CALRmJyh8wX3f2tVmk9cfegK=LjF1Bm_j_Hq5Yd1C4NjSUJnKKw@mail.gmail.com>
To: weirds@ietf.org
Content-Type: multipart/alternative; boundary=001a1141dc9e21ab1d052355efda
Archived-At: <http://mailarchive.ietf.org/arch/msg/weirds/8ey_is0sa-CFa1g3VZIf8_3BErc>
Subject: [weirds] Questions about suffix matches in domain and nameserver searches
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/weirds/>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2015 17:41:16 -0000

RFC 7482 describes the format of search strings to be used in partial match
queries. If I understand correctly, a wildcard search string should have a
prefix, exactly one wildcard asterisk, and then zero or more complete
domain labels at the end. I am wondering if the RDAP authors had in mind an
efficient way to implement such queries on a standard database system. The
prefix and single wildcard seem to be designed for ease of lookup using a
sorted database index. But then I'm not sure how one would efficiently
implement the domain label suffixes. For instance, it appears to be legal
to search for nameservers using the pattern ns*.subdomain.example.tld. The
ns* part is easy, but the suffix is harder to figure out. I am tempted to
think that the authors figured that queries too complicated for a given
system would just get rejected as per the wiggle room in the RFC. But if
that's the case, why is only one wildcard allowed? Why not define a generic
syntax with asterisk as the wildcard, and let implementors decide where to
draw the line. I'm unclear on the thought process behind the spec.

In a tangentially related question, it looked to me like IP address lookups
of nameservers and domains did not need to support a wildcard asterisk,
because the syntax was never defined. Is that true? Or does the RDAP spec
envision wildcard IP address lookups as well? If so, what is the syntax for