idnits 2.17.1 draft-gould-regext-rdap-redacted-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (12 July 2021) is 990 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '1' on line 989 -- Looks like a reference, but probably isn't: '0' on line 990 -- Looks like a reference, but probably isn't: '3' on line 990 -- Looks like a reference, but probably isn't: '5' on line 990 == Outdated reference: A later version (-21) exists of draft-ietf-jsonpath-base-00 ** Obsolete normative reference: RFC 7483 (Obsoleted by RFC 9083) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J.G. Gould 3 Internet-Draft D.S. Smith 4 Intended status: Standards Track VeriSign, Inc. 5 Expires: 13 January 2022 J.K. Kolker 6 R.C. Carney 7 GoDaddy Inc. 8 12 July 2021 10 Redacted Fields in the Registration Data Access Protocol (RDAP) Response 11 draft-gould-regext-rdap-redacted-00 13 Abstract 15 This document describes an RDAP extension for explicitly identifying 16 redacted RDAP response fields, using JSONPath as the default 17 expression language. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on 13 January 2022. 36 Copyright Notice 38 Copyright (c) 2021 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 43 license-info) in effect on the date of publication of this document. 44 Please review these documents carefully, as they describe your rights 45 and restrictions with respect to this document. Code Components 46 extracted from this document must include Simplified BSD License text 47 as described in Section 4.e of the Trust Legal Provisions and are 48 provided without warranty as described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 53 2. Conventions Used in This Document . . . . . . . . . . . . . . 2 54 3. Redaction Methods . . . . . . . . . . . . . . . . . . . . . . 3 55 3.1. Redaction by Removal Method . . . . . . . . . . . . . . . 3 56 3.2. Redaction by Empty Value Method . . . . . . . . . . . . . 4 57 4. Redacted RDAP Response . . . . . . . . . . . . . . . . . . . 5 58 4.1. RDAP Conformance . . . . . . . . . . . . . . . . . . . . 5 59 4.2. "redacted" Member . . . . . . . . . . . . . . . . . . . . 5 60 5. JSONPath Considerations . . . . . . . . . . . . . . . . . . . 21 61 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 62 6.1. RDAP Extensions Registry . . . . . . . . . . . . . . . . 21 63 7. Security Considerations . . . . . . . . . . . . . . . . . . . 22 64 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 65 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 66 9.1. Normative References . . . . . . . . . . . . . . . . . . 22 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 69 1. Introduction 71 This document describes an RDAP extension for explicitly identifying 72 redacted RDAP response fields, using JSONPath as the default 73 expression language. A redacted RDAP field is one that has data 74 removed from the RDAP response due to the lack of client privilege to 75 receive the field. This extension can be used to identify redacted 76 RDAP fields in any RDAP object class, as defined in [RFC7483], or 77 RDAP fields defined in RDAP extensions. Because an RDAP response may 78 exclude a field due to either the lack of data or based on the lack 79 of RDAP client privileges, this extension is used to explicitly 80 specify which RDAP fields are not included in the RDAP response due 81 to redaction. It thereby provides a capability for disambiguation 82 between redaction and possible other reasons for data or field 83 absence. 85 JSONPath, as defined in [I-D.ietf-jsonpath-base], is used as the 86 default expression language to reference RDAP fields that have been 87 redacted. The redacted JSON fields will either be removed or have 88 empty values in the RDAP response. JSON is defined by [RFC8259]. 90 2. Conventions Used in This Document 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 94 "OPTIONAL" in this document are to be interpreted as described in BCP 95 14 [RFC2119] [RFC8174] when, and only when, they appear in all 96 capitals, as shown here. 98 The JSON examples include extra line breaks and whitespace. For 99 instance, the JSONPath expressions are broken out into multiple lines 100 when required for illustration. 102 3. Redaction Methods 104 Redaction in RDAP can be handled in multiple ways. The use of 105 placeholder text for the values of the RDAP fields, such as the 106 placeholder text "XXXX", MUST NOT be used for redaction. A 107 placeholder text value will not match the format requirements of each 108 of the RDAP fields and provides an inconsistent and unreliable 109 redaction signal. This section covers the redaction methods that can 110 be used with the redaction signaling defined in Section 4.2. 112 RDAP responses, as defined in [RFC7483], include a mix of JSON 113 objects and JSON arrays, where JSON arrays are heavily used for 114 entity objects with jCard [RFC7095]. jCard [RFC7095] is a JSON 115 representation of vCard [RFC6350] that inherits its dependency on 116 arrays. An example is the vCard [RFC6350] "ADR" property / jCard 117 [RFC7095] "adr" property that defines a sequence of address 118 components. According to [RFC6350], when an "ADR" property component 119 value is missing, the associated component separator MUST still be 120 specified. jCard [RFC7095] extends the use of arrays with each 121 individual vCard property being represented by an array of three 122 fixed elements, followed by one or more additional elements. The mix 123 of JSON objects and JSON arrays impacts the methods used for 124 redaction in RDAP. The redaction of RDAP fields fall into the two 125 categories of Redaction by Removal Method (Section 3.1) and Redaction 126 by Empty Value Method (Section 3.2), defined in the following sub- 127 sections. 129 3.1. Redaction by Removal Method 131 The Redaction by Removal Method is when the RDAP field is removed 132 from the RDAP response, which is the preferred method. The Redaction 133 by Removal Method can be done for all RDAP response fields other than 134 the JSON arrays used with jCard [RFC7095]. When an RDAP object is 135 redacted by removal, all of the RDAP object's child fields are also 136 removed. Only the redacted RDAP object needs to be referenced in the 137 list of redacted fields, as defined in Section 4.2. An example of 138 redacting an RDAP object is removing the administrative contact from 139 the RDAP response and including the following "redacted" member: 141 "redacted": [ 142 { 143 "name": "Administrative Contact", 144 "path": "$.entities[?(@.roles[0]=='administrative')]", 145 "method": "removal" 146 "reason": "Client request" 147 } 148 ] 150 The Redaction by Removal Method MUST NOT be used to remove a field 151 from a jCard [RFC7095] fixed array position, which will result in a 152 non-conformant jCard [RFC7095] array definition. 154 3.2. Redaction by Empty Value Method 156 The Redaction by Empty Value Method is when a redacted field is not 157 removed, but its value is set to an empty value, such as "" for a 158 jCard [RFC7095] Text ("text") property or null for non-Text ("text") 159 properties. The empty jCard [RFC7095] values ("" or null) are 160 referenced in the "redacted" member in place of the jCard [RFC7095] 161 property name, such as referencing the "fn" jCard property value at 162 position 3 instead of referencing the "fn" jCard property name at 163 position 0. The Redaction by Empty Value Method SHOULD be used only 164 when redacting JSON response fields that use jCard [RFC7095] arrays. 165 Optional jCard [RFC7095] properties SHOULD use the Redaction by 166 Removal Method (Section 3.1) to redact the entire property. The 167 required jCard [RFC7095] "fn" property, defined in section 6.2.1 of 168 vCard [RFC6350], MUST use the Redaction by Empty Value Method to 169 redact the property value. Removing the "fn" property would violate 170 vCard [RFC6350] and removing the property value would violate the 171 fixed array positions defined in jCard [RFC7095]. 173 An example of the redacted field "fn" jCard property using the 174 Redaction by Empty Value Method: 176 [ 177 "fn", 178 {}, 179 "text", 180 "" 181 ] 183 An example of the "redacted" member for the redacted "fn" jCard 184 property value, which is array position 3: 186 "redacted": [ 187 { 188 "name": "Registrant Name", 189 "path": "$.entities[?(@.roles[0]=='registrant')]. 190 vcardArray[1][?(@[0]=='fn')][3]", 191 "pathLang": "jsonpath", 192 "method": "emptyValue" 193 "reason": "Server policy" 194 } 195 ] 197 4. Redacted RDAP Response 199 4.1. RDAP Conformance 201 RDAP responses that contain values described in this document MUST 202 indicate conformance with this specification by including an 203 rdapConformance ([RFC7483]) value of "redacted_0". The information 204 needed to register this value in the RDAP Extensions Registry is 205 described in Section 6.1. 207 Example rdapConformance member with the redacted extension: 209 "rdapConformance" : 210 [ 211 "rdap_level_0", 212 "redacted_0" 213 ] 215 4.2. "redacted" Member 217 The "redacted" member MUST be added to the RDAP response when there 218 are redacted fields. The "redacted" member contains an array of 219 redacted objects with the following child members: 221 "name": A logical name for the redacted field. The logical name 222 used for the redacted field is up to server policy. Conventions 223 used for the chosen logical names MAY be defined in other 224 documents to meet the needs of different RDAP services or 225 industries. 227 "path": The JSON expression of the redacted field, using the 228 expression language defined by the "pathLang" member. The JSON 229 expression references a removed JSON field or an empty field 230 value based on Section 3. 232 "pathLang": OPTIONAL JSON path expression language used, with the 233 default value of "jsonpath" for JSONPath 234 ([I-D.ietf-jsonpath-base]). Other JSON path expression languages 235 MAY be used based on server policy. 237 "method": OPTIONAL redaction method used with "removal" indicating 238 the Redaction By Removed Method (Section 3.1) and "emptyValue" 239 indicating the Redaction by Empty Value Method (Section 3.2), 240 with the default value of "removal". 242 "reason": OPTIONAL human readable reason(s) for the redacted field 243 in the language defined by the [RFC7483] "lang" member. The 244 default language is "en" if the [RFC7483] "lang" member is not 245 specified. The "reason" member is provided for informational 246 purposes and MUST NOT be a client processing dependency. 248 Example unredacted version of RDAP response: 250 { 251 "rdapConformance": [ 252 "rdap_level_0" 253 ], 254 "objectClassName": "domain", 255 "handle": "ABC123", 256 "ldhName": "example.com", 257 "secureDNS": { 258 "delegationSigned": false 259 }, 260 "notices": [ 261 { 262 "title": "Terms of Use", 263 "description": [ 264 "Service subject to Terms of Use." 265 ], 266 "links": [ 267 { 268 "rel": "self", 269 "href": "https://www.example.com/terms-of-use", 270 "type": "text/html", 271 "value": "https://www.example.com/terms-of-use" 272 } 273 ] 274 } 275 ], 276 "nameservers": [ 277 { 278 "objectClassName": "nameserver", 279 "ldhName": "ns1.example.com" 280 }, 281 { 282 "objectClassName": "nameserver", 283 "ldhName": "ns2.example.com" 284 } 285 ], 286 "entities": [ 287 { 288 "objectClassName": "entity", 289 "handle": "123", 290 "roles": [ 291 "registrar" 292 ], 293 "publicIds": [ 294 { 295 "type": "IANA Registrar ID", 296 "identifier": "1" 297 } 298 ], 299 "vcardArray": [ 300 "vcard", 301 [ 302 [ 303 "version", 304 {}, 305 "text", 306 "4.0" 307 ], 308 [ 309 "fn", 310 {}, 311 "text", 312 "Example Registrar Inc." 313 ], 314 [ 315 "adr", 316 {}, 317 "text", 318 [ 319 "", 320 "Suite 100", 321 "123 Example Dr.", 322 "Dulles", 323 "VA", 324 "20166-6503", 325 "US" 326 ] 327 ], 328 [ 329 "email", 330 {}, 331 "text", 332 "contact@organization.example" 333 ], 334 [ 335 "tel", 336 { 337 "type": "voice" 338 }, 339 "uri", 340 "tel:+1.7035555555;ext=1234" 341 ], 342 [ 343 "tel", 344 { 345 "type": "fax" 346 }, 347 "uri", 348 "tel:+1.7035555556" 349 ] 350 ] 351 ], 352 "entities": [ 353 { 354 "objectClassName": "entity", 355 "roles": [ 356 "abuse" 357 ], 358 "vcardArray": [ 359 "vcard", 360 [ 361 [ 362 "version", 363 {}, 364 "text", 365 "4.0" 366 ], 367 [ 368 "fn", 369 {}, 370 "text", 371 "Abuse Contact" 372 ], 373 [ 374 "email", 375 {}, 376 "text", 377 "abuse@organization.example" 378 ], 379 [ 380 "tel", 381 { 382 "type": "voice" 383 }, 384 "uri", 385 "tel:+1.7035555555;ext=1234" 386 ] 387 ] 388 ] 389 } 390 ] 391 }, 392 { 393 "roles": [ 394 "registrant" 395 ], 396 "vcardArray": [ 397 "vcard", 398 [ 399 [ 400 "version", 401 {}, 402 "text", 403 "4.0" 404 ], 405 [ 406 "fn", 407 {}, 408 "text", 409 "Registrant User" 410 ], 411 [ 412 "org", 413 {}, 414 "text", 415 "Example Inc." 416 ], 417 [ 418 "adr", 419 {}, 420 "text", 421 [ 422 "", 423 "Suite 1235", 424 "4321 Rue Somewhere", 425 "Quebec", 426 "QC", 427 "G1V 2M2", 428 "Canada" 429 ] 430 ], 431 [ 432 "email", 433 {}, 434 "text", 435 "registrant.user@example.com" 436 ], 437 [ 438 "tel", 439 { 440 "type": "voice" 441 }, 442 "uri", 443 "tel:+1-555-555-1235;ext=123" 444 ], 445 [ 446 "tel", 447 { 448 "type": "fax" 449 }, 450 "uri", 451 "tel:+1-555-555-5321" 452 ] 453 ] 454 ] 455 }, 456 { 457 "roles": [ 458 "technical" 459 ], 460 "vcardArray": [ 461 "vcard", 462 [ 463 [ 464 "version", 465 {}, 466 "text", 467 "4.0" 468 ], 469 [ 470 "fn", 471 {}, 472 "text", 473 "Technical User" 474 ], 475 [ 476 "org", 477 {}, 478 "text", 479 "Example Inc." 480 ], 481 [ 482 "adr", 483 {}, 484 "text", 485 [ 486 "", 487 "Suite 1234", 488 "4321 Rue Somewhere", 489 "Quebec", 490 "QC", 491 "G1V 2M2", 492 "Canada" 493 ] 494 ], 495 [ 496 "email", 497 {}, 498 "text", 499 "technical.user@example.com" 500 ], 501 [ 502 "tel", 503 { 504 "type": "voice" 505 }, 506 "uri", 507 "tel:+1-555-555-1234;ext=321" 508 ], 509 [ 510 "tel", 511 { 512 "type": "fax" 513 }, 514 "uri", 515 "tel:+1-555-555-4321" 516 ] 517 ] 518 ] 519 }, 520 { 521 "roles": [ 522 "administrative" 523 ], 524 "vcardArray": [ 525 "vcard", 526 [ 527 [ 528 "version", 529 {}, 530 "text", 531 "4.0" 532 ], 533 [ 534 "fn", 535 {}, 536 "text", 537 "Administrative User" 538 ], 539 [ 540 "org", 541 {}, 542 "text", 543 "Example Inc." 544 ], 545 [ 546 "adr", 547 {}, 548 "text", 549 [ 550 "", 551 "Suite 1236", 552 "4321 Rue Somewhere", 553 "Quebec", 554 "QC", 555 "G1V 2M2", 556 "Canada" 557 ] 558 ], 559 [ 560 "email", 561 {}, 562 "text", 563 "administrative.user@example.com" 564 ], 565 [ 566 "tel", 567 { 568 "type": "voice" 570 }, 571 "uri", 572 "tel:+1-555-555-1236;ext=789" 573 ], 574 [ 575 "tel", 576 { 577 "type": "fax" 578 }, 579 "uri", 580 "tel:+1-555-555-6321" 581 ] 582 ] 583 ] 584 } 585 ], 586 "events": [ 587 { 588 "eventAction": "registration", 589 "eventDate": "1997-06-03T00:00:00Z" 590 }, 591 { 592 "eventAction": "last changed", 593 "eventDate": "2020-05-28T01:35:00Z" 594 }, 595 { 596 "eventAction": "expiration", 597 "eventDate": "2021-06-03T04:00:00Z" 598 } 599 ], 600 "status": [ 601 "server delete prohibited", 602 "server update prohibited", 603 "server transfer prohibited", 604 "client transfer prohibited" 605 ] 606 } 608 Example redacted version of RDAP response: 610 { 611 "rdapConformance": [ 612 "rdap_level_0", 613 "redacted_0" 614 ], 615 "objectClassName": "domain", 616 "ldhName": "example.com", 617 "secureDNS": { 618 "delegationSigned": false 619 }, 620 "notices": [ 621 { 622 "title": "Terms of Use", 623 "description": [ 624 "Service subject to Terms of Use." 625 ], 626 "links": [ 627 { 628 "rel": "self", 629 "href": "https://www.example.com/terms-of-use", 630 "type": "text/html", 631 "value": "https://www.example.com/terms-of-use" 632 } 633 ] 634 } 635 ], 636 "nameservers": [ 637 { 638 "objectClassName": "nameserver", 639 "ldhName": "ns1.example.com" 640 }, 641 { 642 "objectClassName": "nameserver", 643 "ldhName": "ns2.example.com" 644 } 645 ], 646 "entities": [ 647 { 648 "objectClassName": "entity", 649 "handle": "123", 650 "roles": [ 651 "registrar" 652 ], 653 "publicIds": [ 654 { 655 "type": "IANA Registrar ID", 656 "identifier": "1" 657 } 658 ], 659 "vcardArray": [ 660 "vcard", 661 [ 662 [ 663 "version", 664 {}, 665 "text", 666 "4.0" 667 ], 668 [ 669 "fn", 670 {}, 671 "text", 672 "Example Registrar Inc." 673 ], 674 [ 675 "adr", 676 {}, 677 "text", 678 [ 679 "", 680 "Suite 100", 681 "123 Example Dr.", 682 "Dulles", 683 "VA", 684 "20166-6503", 685 "US" 686 ] 687 ], 688 [ 689 "email", 690 {}, 691 "text", 692 "contact@organization.example" 693 ], 694 [ 695 "tel", 696 { 697 "type": "voice" 698 }, 699 "uri", 700 "tel:+1.7035555555" 701 ], 702 [ 703 "tel", 704 { 705 "type": "fax" 706 }, 707 "uri", 708 "tel:+1.7035555556" 709 ] 710 ] 711 ], 712 "entities": [ 713 { 714 "objectClassName": "entity", 715 "roles": [ 716 "abuse" 717 ], 718 "vcardArray": [ 719 "vcard", 720 [ 721 [ 722 "version", 723 {}, 724 "text", 725 "4.0" 726 ], 727 [ 728 "fn", 729 {}, 730 "text", 731 "Abuse Contact" 732 ], 733 [ 734 "email", 735 {}, 736 "text", 737 "abuse@organization.example" 738 ], 739 [ 740 "tel", 741 { 742 "type": "voice" 743 }, 744 "uri", 745 "tel:+1.7035555555" 746 ] 747 ] 748 ] 749 } 750 ] 751 }, 752 { 753 "roles": [ 754 "registrant" 755 ], 756 "vcardArray": [ 757 "vcard", 758 [ 759 [ 760 "version", 761 {}, 762 "text", 763 "4.0" 764 ], 765 [ 766 "fn", 767 {}, 768 "text", 769 "" 770 ], 771 [ 772 "adr", 773 {}, 774 "text", 775 [ 776 "", 777 "", 778 "", 779 "", 780 "QC", 781 "", 782 "Canada" 783 ] 784 ] 785 ] 786 ] 787 }, 788 { 789 "roles": [ 790 "technical" 791 ], 792 "vcardArray": [ 793 "vcard", 794 [ 795 [ 796 "version", 797 {}, 798 "text", 799 "4.0" 800 ], 801 [ 802 "fn", 803 {}, 804 "text", 805 "" 806 ], 807 [ 808 "org", 809 {}, 810 "text", 811 "Example Inc." 812 ], 813 [ 814 "adr", 815 {}, 816 "text", 817 [ 818 "", 819 "Suite 1234", 820 "4321 Rue Somewhere", 821 "Quebec", 822 "QC", 823 "G1V 2M2", 824 "Canada" 825 ] 826 ] 827 ] 828 ] 829 } 830 ], 831 "events": [ 832 { 833 "eventAction": "registration", 834 "eventDate": "1997-06-03T00:00:00Z" 835 }, 836 { 837 "eventAction": "last changed", 838 "eventDate": "2020-05-28T01:35:00Z" 839 }, 840 { 841 "eventAction": "expiration", 842 "eventDate": "2021-06-03T04:00:00Z" 843 } 844 ], 845 "status": [ 846 "server delete prohibited", 847 "server update prohibited", 848 "server transfer prohibited", 849 "client transfer prohibited" 850 ], 851 "redacted": [ 852 { 853 "name": "Registry Domain ID", 854 "path": "$.handle", 855 "pathLang": "jsonpath", 856 "method": "removal", 857 "reason": "Server policy" 859 }, 860 { 861 "name": "Registrant Name", 862 "path": "$.entities[?(@.roles[0]=='registrant')]. 863 vcardArray[1][?(@[0]=='fn')][3]", 864 "pathLang": "jsonpath", 865 "method": "emptyValue", 866 "reason": "Server policy" 867 }, 868 { 869 "name": "Registrant Organization", 870 "path": "$.entities[?(@.roles[0]=='registrant')]. 871 vcardArray[1][?(@[0]=='org')]", 872 "pathLang": "jsonpath", 873 "method": "removal", 874 "reason": "Server policy" 875 }, 876 { 877 "name": "Registrant Street", 878 "path": "$.entities[?(@.roles[0]=='registrant')]. 879 vcardArray[1][?(@[0]=='adr')][3][:3]", 880 "pathLang": "jsonpath", 881 "method": "emptyValue", 882 "reason": "Server policy" 883 }, 884 { 885 "name": "Registrant City", 886 "path": "$.entities[?(@.roles[0]=='registrant')]. 887 vcardArray[1][?(@[0]=='adr')][3][3]", 888 "pathLang": "jsonpath", 889 "method": "emptyValue", 890 "reason": "Server policy" 891 }, 892 { 893 "name": "Registrant Postal Code", 894 "path": "$.entities[?(@.roles[0]=='registrant')]. 895 vcardArray[1][?(@[0]=='adr')][3][5]", 896 "pathLang": "jsonpath", 897 "method": "emptyValue", 898 "reason": "Server policy" 899 }, 900 { 901 "name": "Registrant Email", 902 "path": "$.entities[?(@.roles[0]=='registrant')]. 903 vcardArray[1][?(@[0]=='email')]", 904 "method": "removal", 905 "reason": "Server policy" 906 }, 907 { 908 "name": "Registrant Phone", 909 "path": "$.entities[?(@.roles[0]=='registrant')]. 910 vcardArray[1][?(@[1].type=='voice')]", 911 "method": "removal", 912 "reason": "Server policy" 913 }, 914 { 915 "name": "Technical Name", 916 "path": "$.entities[?(@.roles[0]=='technical')]. 917 vcardArray[1][?(@[0]=='fn')][3]", 918 "method": "emptyValue", 919 "reason": "Server policy" 920 }, 921 { 922 "name": "Technical Email", 923 "path": "$.entities[?(@.roles[0]=='technical')]. 924 vcardArray[1][?(@[0]=='email')]", 925 "method": "removal", 926 "reason": "Server policy" 927 }, 928 { 929 "name": "Technical Phone", 930 "path": "$.entities[?(@.roles[0]=='technical')]. 931 vcardArray[1][?(@[1].type=='voice')]", 932 "method": "removal", 933 "reason": "Server policy" 934 }, 935 { 936 "name": "Technical Fax", 937 "path": "$.entities[?(@.roles[0]=='technical')]. 938 vcardArray[1][?(@[1].type=='fax')]", 939 "reason": "Client request" 940 }, 941 { 942 "name": "Administrative Contact", 943 "path": "$.entities[?(@.roles[0]=='administrative')]", 944 "method": "removal", 945 "reason": "Client request" 946 } 947 ] 948 } 950 5. JSONPath Considerations 952 JSONPath [I-D.ietf-jsonpath-base] is the default JSON path expression 953 language. This section covers considerations for servers using 954 [I-D.ietf-jsonpath-base] to identify redacted RDAP fields with the 955 "path" member of redacted objects in the "redacted" member. The list 956 of JSONPath considerations include: 958 1. Use absolute paths with the '$' JSONPath element. An example is 959 "$.handle" for the "Registry Domain ID". 960 2. Validate a JSONPath expression using a non-redacted RDAP 961 response, where evaluating the expression results in returning 962 the redacted field. 963 3. Reference the removed object field when redacting an entire 964 object by the Redaction by Removal Method (Section 3.1), where 965 all of the object's child fields are explicitly removed. An 966 example is "$.entities[?(@.roles[0]=='administrative')]" for the 967 entire "Administrative Contact". 968 4. Reference the removed field when using the Redaction by Removal 969 Method (Section 3.1). An example is "$.handle" for the "Registry 970 Domain ID". 971 5. Reference index 0 of the jCard [RFC7095] property array, which is 972 the jCard [RFC7095] "name" property, with a filter expression 973 containing the name of the field, when redacting a jCard 974 [RFC7095] field using the Redaction by Removal Method 975 (Section 3.1). An example is "$.entities[?(@.roles[0]=='registra 976 nt')].vcardArray[1][?(@[0]=='email')]" for the "Registrant 977 Email". 978 6. Reference jCard [RFC7095] field value or values redacted by array 979 index 3 and greater, when redacting a jCard [RFC7095] field using 980 the Redaction by Empty Value Method (Section 3.2). The jCard 981 [RFC7095] property array index 3 and greater contain the property 982 values, where the property values set with an empty value are 983 referenced directly in place of the jCard [RFC7095] property 984 name. Servers can then systematically redact jCard [RFC7095] 985 field value or values based on the JSONPath expressions and 986 clients will directly know which jCard [RFC7095] property values 987 have been redacted. An example is "$.entities[?(@.roles[0]=='reg 988 istrant')].vcardArray[1][?(@[0]=='fn')][3]" for the "Registrant 989 Name" or "$.entities[?(@.roles[0]=='registrant')].vcardArray[1][? 990 (@[0]=='adr')][3][5]" for the "Registrant Postal Code". 992 6. IANA Considerations 994 6.1. RDAP Extensions Registry 996 IANA is requested to register the following value in the RDAP 997 Extensions Registry: 999 Extension identifier: redacted_0 1000 Registry operator: Any 1001 Published specification: This document. 1002 Contact: IESG 1003 Intended usage: This extension identifies the redacted fields in an 1004 RDAP response. 1006 7. Security Considerations 1008 The server including a redacted signal provides an unauthorized 1009 client additional information related to the existence of data. 1010 Servers MAY exclude the redacted members for RDAP fields that are 1011 considered a privacy issue in providing a data existence signal. 1013 8. Acknowledgements 1015 The authors wish to thank the following persons for their feedback 1016 and suggestions: Scott Hollenbeck, and Rick Wilhelm. 1018 9. References 1020 9.1. Normative References 1022 [I-D.ietf-jsonpath-base] 1023 Normington, G., Surov, E., Mikulicic, M., and F. Dortmund, 1024 "JavaScript Object Notation (JSON) Path", Work in 1025 Progress, Internet-Draft, draft-ietf-jsonpath-base-00, 7 1026 March 2021, 1027 . 1029 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1030 Requirement Levels", BCP 14, RFC 2119, 1031 DOI 10.17487/RFC2119, March 1997, 1032 . 1034 [RFC6350] Perreault, S., "vCard Format Specification", RFC 6350, 1035 DOI 10.17487/RFC6350, August 2011, 1036 . 1038 [RFC7095] Kewisch, P., "jCard: The JSON Format for vCard", RFC 7095, 1039 DOI 10.17487/RFC7095, January 2014, 1040 . 1042 [RFC7483] Newton, A. and S. Hollenbeck, "JSON Responses for the 1043 Registration Data Access Protocol (RDAP)", RFC 7483, 1044 DOI 10.17487/RFC7483, March 2015, 1045 . 1047 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1048 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1049 May 2017, . 1051 [RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data 1052 Interchange Format", STD 90, RFC 8259, 1053 DOI 10.17487/RFC8259, December 2017, 1054 . 1056 Authors' Addresses 1058 James Gould 1059 VeriSign, Inc. 1060 12061 Bluemont Way 1061 Reston, VA 20190 1062 United States of America 1064 Email: jgould@verisign.com 1065 URI: http://www.verisigninc.com 1067 David Smith 1068 VeriSign, Inc. 1069 12061 Bluemont Way 1070 Reston, VA 20190 1071 United States of America 1073 Email: dsmith@verisign.com 1074 URI: http://www.verisigninc.com 1076 Jody Kolker 1077 GoDaddy Inc. 1078 14455 N. Hayden Rd. #219 1079 Scottsdale, AZ 85260 1080 United States of America 1082 Email: jkolker@godaddy.com 1083 URI: http://www.godaddy.com 1085 Roger Carney 1086 GoDaddy Inc. 1087 14455 N. Hayden Rd. #219 1088 Scottsdale, AZ 85260 1089 United States of America 1091 Email: rcarney@godaddy.com 1092 URI: http://www.godaddy.com