idnits 2.17.1 draft-ietf-regext-rdap-partial-response-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 13, 2020) is 1315 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7482 (Obsoleted by RFC 9082) ** Obsolete normative reference: RFC 7483 (Obsoleted by RFC 9083) Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Registration Protocols Extensions M. Loffredo 3 Internet-Draft M. Martinelli 4 Intended status: Standards Track IIT-CNR/Registro.it 5 Expires: March 17, 2021 September 13, 2020 7 Registration Data Access Protocol (RDAP) Partial Response 8 draft-ietf-regext-rdap-partial-response-15 10 Abstract 12 The Registration Data Access Protocol (RDAP) does not include 13 capabilities to request partial responses. Servers will only return 14 full responses that include all of the information that a client is 15 authorized to receive. A partial response capability that limits the 16 amount of information returned, especially in the case of search 17 queries, could bring benefits to both clients and servers. This 18 document describes an RDAP query extension that allows clients to 19 specify their preference for obtaining a partial response. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on March 17, 2021. 38 Copyright Notice 40 Copyright (c) 2020 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Conventions Used in This Document . . . . . . . . . . . . 3 57 2. RDAP Path Segment Specification . . . . . . . . . . . . . . . 3 58 2.1. Subsetting Metadata . . . . . . . . . . . . . . . . . . . 3 59 2.1.1. RDAP Conformance . . . . . . . . . . . . . . . . . . 4 60 2.1.2. Representing Subsetting Links . . . . . . . . . . . . 4 61 3. Dealing with Relationships . . . . . . . . . . . . . . . . . 5 62 4. Basic Field Sets . . . . . . . . . . . . . . . . . . . . . . 6 63 5. Negative Answers . . . . . . . . . . . . . . . . . . . . . . 7 64 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 65 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 8 66 7.1. IIT-CNR/Registro.it . . . . . . . . . . . . . . . . . . . 9 67 7.2. APNIC . . . . . . . . . . . . . . . . . . . . . . . . . . 9 68 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 69 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 70 9.1. Normative References . . . . . . . . . . . . . . . . . . 10 71 9.2. Informative References . . . . . . . . . . . . . . . . . 11 72 Appendix A. Approaches to Partial Response Implementation . . . 11 73 A.1. Specific Issues Raised by RDAP . . . . . . . . . . . . . 12 74 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 75 Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 78 1. Introduction 80 The use of partial responses in RESTful API [REST] design is very 81 common. The rationale is quite simple: instead of returning objects 82 in API responses with all data fields, only a subset of the fields in 83 each result object is returned. The benefit is obvious: less data 84 transferred over the network means less bandwidth usage, faster 85 server responses, less CPU time spent both on the server and the 86 client, and less memory usage on the client. 88 Currently, RDAP does not provide a client with any way to request a 89 partial response. Servers can only provide the client with a full 90 response [RFC7483]. Servers cannot limit the amount of information 91 returned in a response based on a client's preferences, and this 92 creates inefficiencies. 94 The protocol described in this specification extends RDAP search 95 capabilities to enable partial responses through the provisioning of 96 pre-defined sets of fields that clients can submit to an RDAP service 97 by adding a new query parameter. The service is implemented using 98 the Hypertext Transfer Protocol (HTTP) [RFC7230] and the conventions 99 described in [RFC7480]. 101 1.1. Conventions Used in This Document 103 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 104 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 105 "OPTIONAL" in this document are to be interpreted as described in BCP 106 14 [RFC2119] [RFC8174] when, and only when, they appear in all 107 capitals, as shown here. 109 2. RDAP Path Segment Specification 111 The path segment defined in this section is an OPTIONAL extension of 112 search path segments defined in [RFC7482]. This document defines an 113 RDAP query parameter, "fieldSet", whose value is a non-empty string 114 identifying a server-defined set of fields returned in place of the 115 full response (Figure 1). The field sets supported by a server are 116 usually described in out-of-band documents (e.g., RDAP profile) 117 together with other features. Moreover, this document defines in 118 Section 2.1 an in-band mechanism by means of which servers can 119 provide clients with a basic information about the supported field 120 sets. 122 https://example.com/rdap/domains?name=example*.com&fieldSet=afieldset 124 Figure 1: Example of RDAP search query reporting the "fieldSet" 125 parameter 127 This solution can be implemented by RDAP providers with less effort 128 than field selection and is easily requested by clients. The 129 considerations that have led to this solution are described in more 130 detail in Appendix A. 132 2.1. Subsetting Metadata 134 According to most advanced principles in REST design, collectively 135 known as HATEOAS (Hypermedia as the Engine of Application State) 136 [HATEOAS], a client entering a REST application through an initial 137 URI should use server-provided links to dynamically discover 138 available actions and access the resources it needs. In this way, 139 the client is not required to have prior knowledge of the service 140 and, consequently, to hard code the URIs of different resources. 141 This allows the server to make URI changes as the API evolves without 142 breaking clients. Definitively, a REST service should be as self- 143 descriptive as possible. 145 Therefore, servers implementing the query parameter described in this 146 specification SHOULD provide additional information in their 147 responses about the available field sets. Such information is 148 collected in a new JSON data structure named "subsetting_metadata" 149 containing the following properties: 151 o "currentFieldSet": "String" (REQUIRED) either the value of the 152 "fieldSet" parameter as specified in the query string, or the 153 field set applied by default; 155 o "availableFieldSets": "AvailableFieldSet[]" (OPTIONAL) an array of 156 objects, with each element describing an available field set. The 157 AvailableFieldSet object includes the following members: 159 * "name": "String" (REQUIRED) the field set name; 160 * "default": "Boolean" (REQUIRED) whether the field set is 161 applied by default. An RDAP server MUST define only one 162 default field set; 163 * "description": "String" (OPTIONAL) a human-readable description 164 of the field set; 165 * "links": "Link[]" (OPTIONAL) an array of links as described in 166 [RFC8288] containing the query string that applies the field 167 set (see Section 2.1.2). 169 2.1.1. RDAP Conformance 171 Servers returning the "subsetting_metadata" section in their 172 responses MUST include "subsetting" in the rdapConformance array. 174 2.1.2. Representing Subsetting Links 176 An RDAP server MAY use the "links" array of the "subsetting_metadata" 177 element to provide ready-made references [RFC8288] to the available 178 field sets (Figure 2). The target URI in each link is the reference 179 to an alternative to the current view of results identified by the 180 context URI. 182 The "value", "rel" and "href" JSON values MUST be specified. All 183 other JSON values are OPTIONAL. 185 { 186 "rdapConformance": [ 187 "rdap_level_0", 188 "subsetting" 189 ], 190 ... 191 "subsetting_metadata": { 192 "currentFieldSet": "afieldset", 193 "availableFieldSets": [ 194 { 195 "name": "anotherfieldset", 196 "description": "Contains some fields", 197 "default": false, 198 "links": [ 199 { 200 "value": "https://example.com/rdap/domains?name=*nr.com 201 &fieldSet=afieldset", 202 "rel": "alternate", 203 "href": "https://example.com/rdap/domains?name=*nr.com 204 &fieldSet=anotherfieldset", 205 "title": "Result Subset Link", 206 "type": "application/rdap+json" 207 } 208 ] 209 }, 210 ... 211 ] 212 }, 213 ... 214 "domainSearchResults": [ 215 ... 216 ] 217 } 219 Figure 2: Example of a "subsetting_metadata" instance 221 3. Dealing with Relationships 223 Representation of second level objects within a field set produces 224 additional considerations. Since the representation of the topmost 225 returned objects will vary according to the field set in use, the 226 response may contain no relationships (e.g., for an abbreviated field 227 set) or may contain associated objects as in a normal RDAP query 228 response. Each field set can indicate the format of the additional 229 objects to be returned, in the same manner that the format of the 230 topmost objects is controlled by the field set. 232 4. Basic Field Sets 234 This section defines three basic field sets which servers MAY 235 implement to facilitate their interaction with clients: 237 o "id": the server provides only the key field: "handle" for 238 entities, "ldhName" for domains and nameservers. If a returned 239 domain or nameserver is an Internationalized Domain Name (IDN) 240 [RFC5890], then the "unicodeName" field MUST additionally be 241 included in the response. This field set could be used when the 242 client wants to obtain a collection of object identifiers 243 (Figure 3); 245 o "brief": the field set contains the fields that can be included in 246 a "short" response. This field set could be used when the client 247 is asking for a subset of the full response which provides only 248 basic knowledge of each object; 250 o "full": the field set contains all of the information the server 251 can provide for a particular object. 253 The "objectClassName" field is implicitly included in each of the 254 above field sets. RDAP providers SHOULD include a "links" field 255 indicating the "self" link relationship. RDAP providers MAY also add 256 any property providing service information. 258 Fields included in the "brief" and "full" field set responses MUST 259 take into account the user's access and authorization levels. 261 { 262 "rdapConformance": [ 263 "rdap_level_0", 264 "subsetting" 265 ], 266 ... 267 "domainSearchResults": [ 268 { 269 "objectClassName": "domain", 270 "ldhName": "example1.com", 271 "links": [ 272 { 273 "value": "https://example.com/rdap/domain/example1.com", 274 "rel": "self", 275 "href": "https://example.com/rdap/domain/example1.com", 276 "type": "application/rdap+json" 277 } 278 ] 279 }, 280 { 281 "objectClassName": "domain", 282 "ldhName": "example2.com", 283 "links": [ 284 { 285 "value": "https://example.com/rdap/domain/example2.com", 286 "rel": "self", 287 "href": "https://example.com/rdap/domain/example2.com", 288 "type": "application/rdap+json" 289 } 290 ] 291 }, 292 ... 293 ] 294 } 296 Figure 3: Example of RDAP response according to the "id" field set 298 5. Negative Answers 300 Each request including an empty or unsupported "fieldSet" value MUST 301 produce an HTTP 400 (Bad Request) response code. Optionally, the 302 response MAY include additional information regarding the supported 303 field sets in the HTTP entity body (Figure 4). 305 { 306 "errorCode": 400, 307 "title": "Field set 'unknownfieldset' is not valid", 308 "description": [ 309 "Supported field sets are: 'afieldset', 'anotherfieldset'." 310 ] 312 } 314 Figure 4: Example of RDAP error response due to an invalid field set 315 included in the request 317 6. IANA Considerations 319 IANA is requested to register the following value in the RDAP 320 Extensions Registry: 322 Extension identifier: subsetting 323 Registry operator: Any 324 Published specification: This document. 325 Contact: IETF 326 Intended usage: This extension describes best practice for partial 327 response provisioning. 329 7. Implementation Status 331 NOTE: Please remove this section and the reference to RFC 7942 prior 332 to publication as an RFC. 334 This section records the status of known implementations of the 335 protocol defined by this specification at the time of posting of this 336 Internet-Draft, and is based on a proposal described in [RFC7942]. 337 The description of implementations in this section is intended to 338 assist the IETF in its decision processes in progressing drafts to 339 RFCs. Please note that the listing of any individual implementation 340 here does not imply endorsement by the IETF. Furthermore, no effort 341 has been spent to verify the information presented here that was 342 supplied by IETF contributors. This is not intended as, and must not 343 be construed to be, a catalog of available implementations or their 344 features. Readers are advised to note that other implementations may 345 exist. 347 According to RFC 7942, "this will allow reviewers and working groups 348 to assign due consideration to documents that have the benefit of 349 running code, which may serve as evidence of valuable experimentation 350 and feedback that have made the implemented protocols more mature. 351 It is up to the individual working groups to use this information as 352 they see fit". 354 7.1. IIT-CNR/Registro.it 356 Responsible Organization: Institute of Informatics and Telematics 357 of the National Research Council (IIT-CNR)/Registro.it 358 Location: https://rdap.pubtest.nic.it/ 359 Description: This implementation includes support for RDAP queries 360 using data from .it public test environment. 361 Level of Maturity: This is an "alpha" test implementation. 362 Coverage: This implementation includes all of the features 363 described in this specification. 364 Contact Information: Mario Loffredo, mario.loffredo@iit.cnr.it 366 7.2. APNIC 368 Responsible Organization: Asia-Pacific Network Information Centre 369 Location: https://github.com/APNIC-net/rdap-rmp-demo/tree/partial- 370 response 371 Description: A proof-of-concept for RDAP mirroring. 372 Level of Maturity: This is a proof-of-concept implementation. 373 Coverage: This implementation includes all of the features 374 described in this specification. 375 Contact Information: Tom Harrison, tomh@apnic.net 377 8. Security Considerations 379 A search query typically requires more server resources (such as 380 memory, CPU cycles, and network bandwidth) when compared to a lookup 381 query. This increases the risk of server resource exhaustion and 382 subsequent denial of service. This risk can be mitigated by 383 supporting the return of partial responses combined with other 384 strategies (e.g. restricting search functionality, limiting the rate 385 of search requests, and truncating and paging results). 387 Support for partial responses gives RDAP operators the ability to 388 implement data access control policies based on the HTTP 389 authentication mechanisms described in [RFC7481]. RDAP operators can 390 vary the information returned in RDAP responses based on a client's 391 access and authorization levels. For example: 393 o the list of fields for each set can differ based on the client's 394 access and authorization levels; 396 o the set of available field sets could be restricted based on the 397 client's access and authorization levels. 399 Servers can also define different result limits according to the 400 available field sets, so a more flexible truncation strategy can be 401 implemented. The new query parameter presented in this document 402 provides RDAP operators with a way to implement a server that reduces 403 inefficiency risks. 405 9. References 407 9.1. Normative References 409 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 410 Requirement Levels", BCP 14, RFC 2119, 411 DOI 10.17487/RFC2119, March 1997, 412 . 414 [RFC5890] Klensin, J., "Internationalized Domain Names for 415 Applications (IDNA): Definitions and Document Framework", 416 RFC 5890, DOI 10.17487/RFC5890, August 2010, 417 . 419 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 420 Protocol (HTTP/1.1): Message Syntax and Routing", 421 RFC 7230, DOI 10.17487/RFC7230, June 2014, 422 . 424 [RFC7480] Newton, A., Ellacott, B., and N. Kong, "HTTP Usage in the 425 Registration Data Access Protocol (RDAP)", RFC 7480, 426 DOI 10.17487/RFC7480, March 2015, 427 . 429 [RFC7481] Hollenbeck, S. and N. Kong, "Security Services for the 430 Registration Data Access Protocol (RDAP)", RFC 7481, 431 DOI 10.17487/RFC7481, March 2015, 432 . 434 [RFC7482] Newton, A. and S. Hollenbeck, "Registration Data Access 435 Protocol (RDAP) Query Format", RFC 7482, 436 DOI 10.17487/RFC7482, March 2015, 437 . 439 [RFC7483] Newton, A. and S. Hollenbeck, "JSON Responses for the 440 Registration Data Access Protocol (RDAP)", RFC 7483, 441 DOI 10.17487/RFC7483, March 2015, 442 . 444 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 445 Code: The Implementation Status Section", BCP 205, 446 RFC 7942, DOI 10.17487/RFC7942, July 2016, 447 . 449 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 450 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 451 May 2017, . 453 [RFC8288] Nottingham, M., "Web Linking", RFC 8288, 454 DOI 10.17487/RFC8288, October 2017, 455 . 457 9.2. Informative References 459 [CQL] Whitaker, G., "Catnap Query Language Reference", September 460 2017, . 463 [HATEOAS] Jedrzejewski, B., "HATEOAS - a simple explanation", 2018, 464 . 467 [REST] Fielding, R., "Architectural Styles and the Design of 468 Network-based Software Architectures", 2000, 469 . 472 Appendix A. Approaches to Partial Response Implementation 474 Looking at the implementation experiences of partial response offered 475 by data providers on the web, two approaches are observed: 477 o The client explicitly describes the data fields to be returned; 479 o The client describes a name identifying a server-defined set of 480 data fields. 482 The former is more flexible than the latter because clients can 483 specify all the data fields they need. However, it has some 484 drawbacks: 486 o Fields have to be declared according to a given syntax. This is a 487 simple task when the data structure of the object is flat, but it 488 is much more difficult when the object has a tree structure like 489 that of a JSON object. The presence of arrays and deep nested 490 objects complicate both the syntax definition of the query and, 491 consequently, the processing required on the server side; 493 o Clients need to recognize the returned data structure to avoid 494 cases when the requested fields are invalid; 496 o The request of some fields might not match the client's access and 497 authorization levels. Clients might request unauthorized fields 498 and servers have to define a strategy for responding, such as 499 always returning an error response or returning a response that 500 ignores the unauthorized fields. 502 A.1. Specific Issues Raised by RDAP 504 In addition to those listed above, RDAP responses raise some specific 505 issues: 507 o Relevant entity object information is included in a jCard, but 508 such information cannot be easily selected because it is split 509 into the items of a jagged array; 511 o RDAP responses contain some properties providing service 512 information (e.g. rdapConformance, links, notices, remarks, etc.) 513 which are not normally selected but they are just as important. 514 They could be returned anyway but, in this case, the server would 515 provide unrequested data. 517 It is possible to address these issues. For example, the Catnap 518 Query Language [CQL] is a comprehensive expression language that can 519 be used to customize the JSON response of a RESTful web service. 520 Application of CQL to RDAP responses would explicitly identify the 521 output fields that would be acceptable when a few fields are 522 requested but it would become very complicated when processing a 523 larger number of fields. In the following, two CQL expressions for a 524 domain search query are shown (Figure 5). In the first, only 525 objectClassName and ldhName are requested. In the second, the fields 526 of a possible WHOIS-like response are listed. 528 https://example.com/rdap/domains?name=example*.com 529 &fields=domainSearchResults(objectClassName,ldhName) 531 https://example.com/rdap/domains?name=example*.com 532 &fields=domainSearchResults(objectClassName,ldhName, 533 unicodeName, 534 status, 535 events(eventAction,eventDate), 536 entities(objectClassName,handle,roles), 537 nameservers(objectClassName,ldhName)) 539 Figure 5: Examples of CQL expressions for a domain search query 541 The field set approach seems to facilitate RDAP interoperability. 542 Servers can define basic field sets which, if known to clients, can 543 increase the probability of obtaining a valid response. The usage of 544 field sets makes the query string be less complex. Moreover, the 545 definition of pre-defined sets of fields makes it easier to establish 546 result limits. 548 Finally, considering that there is no real need for RDAP users to 549 have the maximum flexibility in defining all the possible sets of 550 logically connected fields (e.g. users interested in domains usually 551 need to know the status, the creation date, and the expiry date of 552 each domain), the field set approach is preferred. 554 Acknowledgements 556 The authors would like to acknowledge Scott Hollenbeck, Tom Harrison, 557 Karl Heinz Wolf, Jasdip Singh, Patrick Mevzek, Benjamin Kaduk, Roman 558 Danyliw, Murray Kucherawy, Erik Kline and Robert Wilton for their 559 contribution to this document. 561 Change Log 563 00: Initial working group version ported from draft-loffredo-regext- 564 rdap-partial-response-03 565 01: Removed "FOR DISCUSSION" items. Changed the basic field sets 566 from REQUIRED to OPTIONAL. Removed the definition of fields 567 included in "brief" field set. Provided a more detailed 568 description of "subsetting_metadata" structure. Removed some 569 references. 570 02: Added the "Negative Answers" section. Changed "IANA 571 Considerations" section. 572 03: Added the "unicodeName" field in the id fieldSet when a returned 573 domain or nameserver is an IDN. Added RFC5890 to "Normative 574 References" section. 575 04: Recommended the RDAP providers to include a "self" link in any 576 field set other than "full". Updated "Acknowledgements" section. 577 05: Moved "Approaches to Partial Response Implementation" section to 578 the appendix. 579 06: Clarified the use of self links in "Basic Field Sets" section. 580 Added APNIC to the implementations of the "Implementation Status" 581 section. 582 07: Changed "only a subset is returned" to "only a subset of fields 583 in each result object is returned" in the "Introduction" section. 584 Moved the "RDAP Conformance" section up in the document. Updated 585 the "Acknowledgements" section. 586 08: Changed the rdapConformance tag "subsetting_level_0" to 587 "subsetting". Moved [RFC7942] to the "Normative References". 588 09: Corrected the "rdapConformance" content in Figure 3. 590 10: Corrected the JSON content in Figure 2. Clarified the meaning 591 of both context and target URIs in a result subset link defined in 592 Section 2.1.2. Updated the "Acknowledgements" section. 593 11: Minor pre-AD review edits. 594 12: Additional minor pre-AD review edits. 595 13: Edits due to Gen-ART review: in the first paragraph of Section 2 596 clarified how field sets are defined by a server, in the first 597 sentence of Section 5 replaced SHOULD with MUST. Other minor 598 edits due to AD review. 599 14: Edits due to IESG review: 601 * replaced "fewer data transferred" with "less data transferred" 602 in the "Introduction" section; 603 * in the "Subsetting Metadata" section;: 605 + replaced the phrase "collected in a new data structure" with 606 the phrase "collected in a new JSON data structure"; 607 + replaced "Members are:" with "The AvailableFieldSet object 608 includes the following members:"; 609 + clarified that an RDAP server MUST define only one default 610 field set; 611 * clarified the required members of a Link object in the 612 "Subsetting Links" section; 613 * rewritten the "Dealing with Relationships" section; 614 * in the "Basic Field Sets" section: 616 + replaced the phrase "include a 'self' link in each field 617 set" with the phrase "include a 'links' field indicating the 618 'self' link relationship"; 619 + replaced the phrase "'unicodeName' field MUST be included" 620 with the phrase "'unicodeName' field MUST additionally be 621 included"; 622 * in the "Negative Answers" section: 624 + replaced the phrase "the response MAY include additional 625 information regarding the negative answer" with the phrase 626 "the response MAY include additional information regarding 627 the supported field sets"; 628 + added a new example; 629 * replaced the phrase "and subsequent denial of service due to 630 abuse" with the phrase "and subsequent denial of service" in 631 "Security Considerations" section; 632 * corrected the [REST] reference in the "Informative References" 633 section; 634 * in "Appendix A": 636 + added the phrase " offered by data providers on the web" 637 after the phrase "Looking at the implementation experiences 638 of partial response"; 639 + replaced the phrase "servers should define a strategy" with 640 the phrase "servers have to define a strategy"; 641 + replaced the term "latter approach" with the term "field set 642 approach" in the "Appendix A.1" section; 643 * updated the "Acknowledgements" section. 644 15: Minor edit in the "Appendix A.1" section. 646 Authors' Addresses 648 Mario Loffredo 649 IIT-CNR/Registro.it 650 Via Moruzzi,1 651 Pisa 56124 652 IT 654 Email: mario.loffredo@iit.cnr.it 655 URI: http://www.iit.cnr.it 657 Maurizio Martinelli 658 IIT-CNR/Registro.it 659 Via Moruzzi,1 660 Pisa 56124 661 IT 663 Email: maurizio.martinelli@iit.cnr.it 664 URI: http://www.iit.cnr.it