Internet Engineering Task Force T. Harrison Internet-Draft G. Michaelson Intended status: Standards Track APNIC Expires: May 5, 2021 November 1, 2020 RDAP Redirect with Content draft-harrison-regext-rdap-redirect-with-content-00 Abstract The Registration Data Access Protocol (RDAP) is used by Regional Internet Registries (RIRs) and Domain Name Registries (DNRs) to provide access to their resource registration information. When an RDAP service operator has delegated authority for a resource to a third party, the operator will configure its RDAP service to redirect requests for that resource to the third party. However, the client may be interested in the resource registration data that the first service operator has in its own right, for various reasons. This document defines a conformance code that a service operator can use to indicate that when redirecting requests, it will also include as the body of the response the RDAP object (if any) that it has in its own right for the requested resource. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 5, 2021. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents Harrison & Michaelson Expires May 5, 2021 [Page 1] Internet-Draft RDAP Redirect with Content November 2020 (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Conventions Used in This Document . . . . . . . . . . . . 3 2. Implementation . . . . . . . . . . . . . . . . . . . . . . . 3 3. Security Considerations . . . . . . . . . . . . . . . . . . . 3 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 6.1. Normative References . . . . . . . . . . . . . . . . . . 4 6.2. Informative References . . . . . . . . . . . . . . . . . 4 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction The Registration Data Access Protocol (RDAP) [RFC7480] is used by Regional Internet Registries (RIRs) and Domain Name Registries (DNRs) to provide access to their resource registration information. For a client, this typically involves following the bootstrap process [RFC7484] to determine the base URL for the query. When the service operator for the base URL has delegated authority for a resource to a third party, the operator will configure its RDAP service to redirect requests accordingly. The client may also be interested in the registration data that the original service operator has, though. For example: the original service operator's responses may be in conformance with an externally-defined RDAP profile, such that the client finds them easier or more useful to deal with than the responses provided by the delegated service operator; the original service operator's responses may provide useful information about larger delegations of resources to delegated service operators; where both service operators record information about the same delegation (e.g. the same specific IP network), the delegated operator may omit some information recorded by the original operator which is useful to the client; or Harrison & Michaelson Expires May 5, 2021 [Page 2] Internet-Draft RDAP Redirect with Content November 2020 the delegated service may be unavailable for some reason, and the client may be content to rely on the data from the original service operator in that situation. It is already open to a service operator to return an RDAP object as the body of a redirect response: see section 6.4 of [RFC7231] and section 5.2 of [RFC7480], neither of which prohibits this behaviour. However, because this is unusual both in the RDAP context and more generally, this document defines the parameters of this behaviour, as well as a conformance code that can be used to signal that this behaviour is supported. 1.1. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. Implementation An RDAP service operator that implements this specification MUST include an RDAP object ([RFC7483]) as the body of any non-permanent (HTTP 302, 303, or 307) redirect response that it returns, whenever it records data in its own right about the requested resource, or about a resource for which a response may be validly returned for the requested resource (for example, a less-specific IP network object). An RDAP service operator that implements this specification MUST include the string literal "redirect_with_content" in the rdapConformance array of a "/help" response, as well as any redirect response that includes an RDAP object as its body. The service operator MAY include this string literal in other responses. 3. Security Considerations [RFC7481] describes security requirements and considerations for RDAP generally. This specification does not introduce any new requirements/considerations past those defined in that document. 4. IANA Considerations IANA is requested to register the following values in the RDAP Extensions Registry: Extension identifier: redirect_with_content Harrison & Michaelson Expires May 5, 2021 [Page 3] Internet-Draft RDAP Redirect with Content November 2020 Registry operator: Any Published specification: This document. Contact: IETF 5. Acknowledgements TBD 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC7481] Hollenbeck, S. and N. Kong, "Security Services for the Registration Data Access Protocol (RDAP)", RFC 7481, DOI 10.17487/RFC7481, March 2015, . [RFC7483] Newton, A. and S. Hollenbeck, "JSON Responses for the Registration Data Access Protocol (RDAP)", RFC 7483, DOI 10.17487/RFC7483, March 2015, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 6.2. Informative References [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content", RFC 7231, DOI 10.17487/RFC7231, June 2014, . [RFC7480] Newton, A., Ellacott, B., and N. Kong, "HTTP Usage in the Registration Data Access Protocol (RDAP)", RFC 7480, DOI 10.17487/RFC7480, March 2015, . [RFC7484] Blanchet, M., "Finding the Authoritative Registration Data (RDAP) Service", RFC 7484, DOI 10.17487/RFC7484, March 2015, . Harrison & Michaelson Expires May 5, 2021 [Page 4] Internet-Draft RDAP Redirect with Content November 2020 Authors' Addresses Tom Harrison Asia-Pacific Network Information Centre 6 Cordelia St South Brisbane, QLD 4101 Australia Email: tomh@apnic.net George G. Michaelson Asia-Pacific Network Information Centre 6 Cordelia St South Brisbane, QLD 4101 Australia Email: ggm@apnic.net Harrison & Michaelson Expires May 5, 2021 [Page 5]