idnits 2.17.1 draft-ietf-regext-rdap-partial-response-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 23, 2020) is 1309 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7482 (Obsoleted by RFC 9082) ** Obsolete normative reference: RFC 7483 (Obsoleted by RFC 9083) Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Registration Protocols Extensions M. Loffredo 3 Internet-Draft M. Martinelli 4 Intended status: Standards Track IIT-CNR/Registro.it 5 Expires: March 27, 2021 September 23, 2020 7 Registration Data Access Protocol (RDAP) Partial Response 8 draft-ietf-regext-rdap-partial-response-16 10 Abstract 12 The Registration Data Access Protocol (RDAP) does not include 13 capabilities to request partial responses. Servers will only return 14 full responses that include all of the information that a client is 15 authorized to receive. A partial response capability that limits the 16 amount of information returned, especially in the case of search 17 queries, could bring benefits to both clients and servers. This 18 document describes an RDAP query extension that allows clients to 19 specify their preference for obtaining a partial response. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on March 27, 2021. 38 Copyright Notice 40 Copyright (c) 2020 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Conventions Used in This Document . . . . . . . . . . . . 3 57 2. RDAP Path Segment Specification . . . . . . . . . . . . . . . 3 58 2.1. Subsetting Metadata . . . . . . . . . . . . . . . . . . . 3 59 2.1.1. RDAP Conformance . . . . . . . . . . . . . . . . . . 4 60 2.1.2. Representing Subsetting Links . . . . . . . . . . . . 4 61 3. Dealing with Relationships . . . . . . . . . . . . . . . . . 5 62 4. Basic Field Sets . . . . . . . . . . . . . . . . . . . . . . 6 63 5. Negative Answers . . . . . . . . . . . . . . . . . . . . . . 7 64 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 65 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 8 66 7.1. IIT-CNR/Registro.it . . . . . . . . . . . . . . . . . . . 9 67 7.2. APNIC . . . . . . . . . . . . . . . . . . . . . . . . . . 9 68 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 69 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 70 9.1. Normative References . . . . . . . . . . . . . . . . . . 10 71 9.2. Informative References . . . . . . . . . . . . . . . . . 11 72 Appendix A. Approaches to Partial Response Implementation . . . 11 73 A.1. Specific Issues Raised by RDAP . . . . . . . . . . . . . 12 74 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 75 Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 78 1. Introduction 80 The use of partial responses in RESTful API [REST] design is very 81 common. The rationale is quite simple: instead of returning objects 82 in API responses with all data fields, only a subset of the fields in 83 each result object is returned. The benefit is obvious: less data 84 transferred over the network means less bandwidth usage, faster 85 server responses, less CPU time spent both on the server and the 86 client, and less memory usage on the client. 88 Currently, RDAP does not provide a client with any way to request a 89 partial response. Servers can only provide the client with a full 90 response [RFC7483]. Servers cannot limit the amount of information 91 returned in a response based on a client's preferences, and this 92 creates inefficiencies. 94 The protocol described in this specification extends RDAP search 95 capabilities to enable partial responses through the provisioning of 96 pre-defined sets of fields that clients can submit to an RDAP service 97 by adding a new query parameter. The service is implemented using 98 the Hypertext Transfer Protocol (HTTP) [RFC7230] and the conventions 99 described in [RFC7480]. 101 1.1. Conventions Used in This Document 103 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 104 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 105 "OPTIONAL" in this document are to be interpreted as described in BCP 106 14 [RFC2119] [RFC8174] when, and only when, they appear in all 107 capitals, as shown here. 109 2. RDAP Path Segment Specification 111 The path segment defined in this section is an OPTIONAL extension of 112 search path segments defined in [RFC7482]. This document defines an 113 RDAP query parameter, "fieldSet", whose value is a non-empty string 114 identifying a server-defined set of fields returned in place of the 115 full response. The field sets supported by a server are usually 116 described in out-of-band documents (e.g., RDAP profile) together with 117 other features. Moreover, this document defines in Section 2.1 an 118 in-band mechanism by means of which servers can provide clients with 119 a basic information about the supported field sets. 121 The following is an example of an RDAP query including the "fieldSet" 122 parameter: 124 https://example.com/rdap/domains?name=example*.com&fieldSet=afieldset 126 This solution can be implemented by RDAP providers with less effort 127 than field selection and is easily requested by clients. The 128 considerations that have led to this solution are described in more 129 detail in Appendix A. 131 2.1. Subsetting Metadata 133 According to most advanced principles in REST design, collectively 134 known as HATEOAS (Hypermedia as the Engine of Application State) 135 [HATEOAS], a client entering a REST application through an initial 136 URI should use server-provided links to dynamically discover 137 available actions and access the resources it needs. In this way, 138 the client is not required to have prior knowledge of the service 139 and, consequently, to hard code the URIs of different resources. 140 This allows the server to make URI changes as the API evolves without 141 breaking clients. Definitively, a REST service should be as self- 142 descriptive as possible. 144 Therefore, servers implementing the query parameter described in this 145 specification SHOULD provide additional information in their 146 responses about the available field sets. Such information is 147 collected in a new JSON data structure named "subsetting_metadata" 148 containing the following properties: 150 o "currentFieldSet": "String" (REQUIRED) either the value of the 151 "fieldSet" parameter as specified in the query string, or the 152 field set applied by default; 154 o "availableFieldSets": "AvailableFieldSet[]" (OPTIONAL) an array of 155 objects, with each element describing an available field set. The 156 AvailableFieldSet object includes the following members: 158 * "name": "String" (REQUIRED) the field set name; 159 * "default": "Boolean" (REQUIRED) whether the field set is 160 applied by default. An RDAP server MUST define only one 161 default field set; 162 * "description": "String" (OPTIONAL) a human-readable description 163 of the field set; 164 * "links": "Link[]" (OPTIONAL) an array of links as described in 165 [RFC8288] containing the query string that applies the field 166 set (see Section 2.1.2). 168 2.1.1. RDAP Conformance 170 Servers returning the "subsetting_metadata" section in their 171 responses MUST include "subsetting" in the rdapConformance array. 173 2.1.2. Representing Subsetting Links 175 An RDAP server MAY use the "links" array of the "subsetting_metadata" 176 element to provide ready-made references [RFC8288] to the available 177 field sets (Figure 1). The target URI in each link is the reference 178 to an alternative to the current view of results identified by the 179 context URI. 181 The "value", "rel" and "href" JSON values MUST be specified. All 182 other JSON values are OPTIONAL. 184 { 185 "rdapConformance": [ 186 "rdap_level_0", 187 "subsetting" 188 ], 189 ... 190 "subsetting_metadata": { 191 "currentFieldSet": "afieldset", 192 "availableFieldSets": [ 193 { 194 "name": "anotherfieldset", 195 "description": "Contains some fields", 196 "default": false, 197 "links": [ 198 { 199 "value": "https://example.com/rdap/domains?name=example*.com 200 &fieldSet=afieldset", 201 "rel": "alternate", 202 "href": "https://example.com/rdap/domains?name=example*.com 203 &fieldSet=anotherfieldset", 204 "title": "Result Subset Link", 205 "type": "application/rdap+json" 206 } 207 ] 208 }, 209 ... 210 ] 211 }, 212 ... 213 "domainSearchResults": [ 214 ... 215 ] 216 } 218 Figure 1: Example of a "subsetting_metadata" instance 220 3. Dealing with Relationships 222 Representation of second level objects within a field set produces 223 additional considerations. Since the representation of the topmost 224 returned objects will vary according to the field set in use, the 225 response may contain no relationships (e.g., for an abbreviated field 226 set) or may contain associated objects as in a normal RDAP query 227 response. Each field set can indicate the format of the additional 228 objects to be returned, in the same manner that the format of the 229 topmost objects is controlled by the field set. 231 4. Basic Field Sets 233 This section defines three basic field sets which servers MAY 234 implement to facilitate their interaction with clients: 236 o "id": the server provides only the key field: "handle" for 237 entities, "ldhName" for domains and nameservers. If a returned 238 domain or nameserver is an Internationalized Domain Name (IDN) 239 [RFC5890], then the "unicodeName" field MUST additionally be 240 included in the response. This field set could be used when the 241 client wants to obtain a collection of object identifiers 242 (Figure 2); 244 o "brief": the field set contains the fields that can be included in 245 a "short" response. This field set could be used when the client 246 is asking for a subset of the full response which provides only 247 basic knowledge of each object; 249 o "full": the field set contains all of the information the server 250 can provide for a particular object. 252 The "objectClassName" field is implicitly included in each of the 253 above field sets. RDAP providers SHOULD include a "links" field 254 indicating the "self" link relationship. RDAP providers MAY also add 255 any property providing service information. 257 Fields included in the "brief" and "full" field set responses MUST 258 take into account the user's access and authorization levels. 260 { 261 "rdapConformance": [ 262 "rdap_level_0", 263 "subsetting" 264 ], 265 ... 266 "domainSearchResults": [ 267 { 268 "objectClassName": "domain", 269 "ldhName": "example1.com", 270 "links": [ 271 { 272 "value": "https://example.com/rdap/domain/example1.com", 273 "rel": "self", 274 "href": "https://example.com/rdap/domain/example1.com", 275 "type": "application/rdap+json" 276 } 277 ] 278 }, 279 { 280 "objectClassName": "domain", 281 "ldhName": "example2.com", 282 "links": [ 283 { 284 "value": "https://example.com/rdap/domain/example2.com", 285 "rel": "self", 286 "href": "https://example.com/rdap/domain/example2.com", 287 "type": "application/rdap+json" 288 } 289 ] 290 }, 291 ... 292 ] 293 } 295 Figure 2: Example of RDAP response according to the "id" field set 297 5. Negative Answers 299 Each request including an empty or unsupported "fieldSet" value MUST 300 produce an HTTP 400 (Bad Request) response code. Optionally, the 301 response MAY include additional information regarding the supported 302 field sets in the HTTP entity body (Figure 3). 304 { 305 "errorCode": 400, 306 "title": "Field set 'unknownfieldset' is not valid", 307 "description": [ 308 "Supported field sets are: 'afieldset', 'anotherfieldset'." 309 ] 311 } 313 Figure 3: Example of RDAP error response due to an invalid field set 314 included in the request 316 6. IANA Considerations 318 IANA is requested to register the following value in the RDAP 319 Extensions Registry: 321 Extension identifier: subsetting 322 Registry operator: Any 323 Published specification: This document. 324 Contact: IETF 325 Intended usage: This extension describes best practice for partial 326 response provisioning. 328 7. Implementation Status 330 NOTE: Please remove this section and the reference to RFC 7942 prior 331 to publication as an RFC. 333 This section records the status of known implementations of the 334 protocol defined by this specification at the time of posting of this 335 Internet-Draft, and is based on a proposal described in [RFC7942]. 336 The description of implementations in this section is intended to 337 assist the IETF in its decision processes in progressing drafts to 338 RFCs. Please note that the listing of any individual implementation 339 here does not imply endorsement by the IETF. Furthermore, no effort 340 has been spent to verify the information presented here that was 341 supplied by IETF contributors. This is not intended as, and must not 342 be construed to be, a catalog of available implementations or their 343 features. Readers are advised to note that other implementations may 344 exist. 346 According to RFC 7942, "this will allow reviewers and working groups 347 to assign due consideration to documents that have the benefit of 348 running code, which may serve as evidence of valuable experimentation 349 and feedback that have made the implemented protocols more mature. 350 It is up to the individual working groups to use this information as 351 they see fit". 353 7.1. IIT-CNR/Registro.it 355 Responsible Organization: Institute of Informatics and Telematics 356 of the National Research Council (IIT-CNR)/Registro.it 357 Location: https://rdap.pubtest.nic.it/ 358 Description: This implementation includes support for RDAP queries 359 using data from .it public test environment. 360 Level of Maturity: This is an "alpha" test implementation. 361 Coverage: This implementation includes all of the features 362 described in this specification. 363 Contact Information: Mario Loffredo, mario.loffredo@iit.cnr.it 365 7.2. APNIC 367 Responsible Organization: Asia-Pacific Network Information Centre 368 Location: https://github.com/APNIC-net/rdap-rmp-demo/tree/partial- 369 response 370 Description: A proof-of-concept for RDAP mirroring. 371 Level of Maturity: This is a proof-of-concept implementation. 372 Coverage: This implementation includes all of the features 373 described in this specification. 374 Contact Information: Tom Harrison, tomh@apnic.net 376 8. Security Considerations 378 A search query typically requires more server resources (such as 379 memory, CPU cycles, and network bandwidth) when compared to a lookup 380 query. This increases the risk of server resource exhaustion and 381 subsequent denial of service. This risk can be mitigated by 382 supporting the return of partial responses combined with other 383 strategies (e.g. restricting search functionality, limiting the rate 384 of search requests, and truncating and paging results). 386 Support for partial responses gives RDAP operators the ability to 387 implement data access control policies based on the HTTP 388 authentication mechanisms described in [RFC7481]. RDAP operators can 389 vary the information returned in RDAP responses based on a client's 390 access and authorization levels. For example: 392 o the list of fields for each set can differ based on the client's 393 access and authorization levels; 395 o the set of available field sets could be restricted based on the 396 client's access and authorization levels. 398 Servers can also define different result limits according to the 399 available field sets, so a more flexible truncation strategy can be 400 implemented. The new query parameter presented in this document 401 provides RDAP operators with a way to implement a server that reduces 402 inefficiency risks. 404 9. References 406 9.1. Normative References 408 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 409 Requirement Levels", BCP 14, RFC 2119, 410 DOI 10.17487/RFC2119, March 1997, 411 . 413 [RFC5890] Klensin, J., "Internationalized Domain Names for 414 Applications (IDNA): Definitions and Document Framework", 415 RFC 5890, DOI 10.17487/RFC5890, August 2010, 416 . 418 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 419 Protocol (HTTP/1.1): Message Syntax and Routing", 420 RFC 7230, DOI 10.17487/RFC7230, June 2014, 421 . 423 [RFC7480] Newton, A., Ellacott, B., and N. Kong, "HTTP Usage in the 424 Registration Data Access Protocol (RDAP)", RFC 7480, 425 DOI 10.17487/RFC7480, March 2015, 426 . 428 [RFC7481] Hollenbeck, S. and N. Kong, "Security Services for the 429 Registration Data Access Protocol (RDAP)", RFC 7481, 430 DOI 10.17487/RFC7481, March 2015, 431 . 433 [RFC7482] Newton, A. and S. Hollenbeck, "Registration Data Access 434 Protocol (RDAP) Query Format", RFC 7482, 435 DOI 10.17487/RFC7482, March 2015, 436 . 438 [RFC7483] Newton, A. and S. Hollenbeck, "JSON Responses for the 439 Registration Data Access Protocol (RDAP)", RFC 7483, 440 DOI 10.17487/RFC7483, March 2015, 441 . 443 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 444 Code: The Implementation Status Section", BCP 205, 445 RFC 7942, DOI 10.17487/RFC7942, July 2016, 446 . 448 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 449 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 450 May 2017, . 452 [RFC8288] Nottingham, M., "Web Linking", RFC 8288, 453 DOI 10.17487/RFC8288, October 2017, 454 . 456 9.2. Informative References 458 [CQL] Whitaker, G., "Catnap Query Language Reference", September 459 2017, . 462 [HATEOAS] Jedrzejewski, B., "HATEOAS - a simple explanation", 2018, 463 . 466 [REST] Fielding, R., "Architectural Styles and the Design of 467 Network-based Software Architectures", 2000, 468 . 471 Appendix A. Approaches to Partial Response Implementation 473 Looking at the implementation experiences of partial response offered 474 by data providers on the web, two approaches are observed: 476 o the client explicitly describes the data fields to be returned; 478 o the client describes a name identifying a server-defined set of 479 data fields. 481 The former is more flexible than the latter because clients can 482 specify all the data fields they need. However, it has some 483 drawbacks: 485 o fields have to be declared according to a given syntax. This is a 486 simple task when the data structure of the object is flat, but it 487 is much more difficult when the object has a tree structure like 488 that of a JSON object. The presence of arrays and deep nested 489 objects complicate both the syntax definition of the query and, 490 consequently, the processing required on the server side; 492 o clients need to recognize the returned data structure to avoid 493 cases when the requested fields are invalid; 495 o the request of some fields might not match the client's access and 496 authorization levels. Clients might request unauthorized fields 497 and servers have to define a strategy for responding, such as 498 always returning an error response or returning a response that 499 ignores the unauthorized fields. 501 A.1. Specific Issues Raised by RDAP 503 In addition to those listed above, RDAP responses raise some specific 504 issues: 506 o relevant entity object information is included in a jCard, but 507 such information cannot be easily selected because it is split 508 into the items of a jagged array; 510 o RDAP responses contain some properties providing service 511 information (e.g. rdapConformance, links, notices, remarks, etc.) 512 which are not normally selected but they are just as important. 513 They could be returned anyway but, in this case, the server would 514 provide unrequested data. 516 It is possible to address these issues. For example, the Catnap 517 Query Language [CQL] is a comprehensive expression language that can 518 be used to customize the JSON response of a RESTful web service. 519 Application of CQL to RDAP responses would explicitly identify the 520 output fields that would be acceptable when a few fields are 521 requested but it would become very complicated when processing a 522 larger number of fields. In the following, two CQL expressions for a 523 domain search query are shown (Figure 4). In the first, only 524 objectClassName and ldhName are requested. In the second, the fields 525 of a possible WHOIS-like response are listed. 527 https://example.com/rdap/domains?name=example*.com 528 &fields=domainSearchResults(objectClassName,ldhName) 530 https://example.com/rdap/domains?name=example*.com 531 &fields=domainSearchResults(objectClassName,ldhName, 532 unicodeName, 533 status, 534 events(eventAction,eventDate), 535 entities(objectClassName,handle,roles), 536 nameservers(objectClassName,ldhName)) 538 Figure 4: Examples of CQL expressions for a domain search query 540 The field set approach seems to facilitate RDAP interoperability. 541 Servers can define basic field sets which, if known to clients, can 542 increase the probability of obtaining a valid response. The usage of 543 field sets makes the query string be less complex. Moreover, the 544 definition of pre-defined sets of fields makes it easier to establish 545 result limits. 547 Finally, considering that there is no real need for RDAP users to 548 have the maximum flexibility in defining all the possible sets of 549 logically connected fields (e.g. users interested in domains usually 550 need to know the status, the creation date, and the expiry date of 551 each domain), the field set approach is preferred. 553 Acknowledgements 555 The authors would like to acknowledge Scott Hollenbeck, Tom Harrison, 556 Karl Heinz Wolf, Jasdip Singh, Patrick Mevzek, Benjamin Kaduk, Roman 557 Danyliw, Murray Kucherawy, Erik Kline and Robert Wilton for their 558 contribution to this document. 560 Change Log 562 00: Initial working group version ported from draft-loffredo-regext- 563 rdap-partial-response-03 564 01: Removed "FOR DISCUSSION" items. Changed the basic field sets 565 from REQUIRED to OPTIONAL. Removed the definition of fields 566 included in "brief" field set. Provided a more detailed 567 description of "subsetting_metadata" structure. Removed some 568 references. 569 02: Added the "Negative Answers" section. Changed "IANA 570 Considerations" section. 571 03: Added the "unicodeName" field in the id fieldSet when a returned 572 domain or nameserver is an IDN. Added RFC5890 to "Normative 573 References" section. 574 04: Recommended the RDAP providers to include a "self" link in any 575 field set other than "full". Updated "Acknowledgements" section. 576 05: Moved "Approaches to Partial Response Implementation" section to 577 the appendix. 578 06: Clarified the use of self links in "Basic Field Sets" section. 579 Added APNIC to the implementations of the "Implementation Status" 580 section. 581 07: Changed "only a subset is returned" to "only a subset of fields 582 in each result object is returned" in the "Introduction" section. 583 Moved the "RDAP Conformance" section up in the document. Updated 584 the "Acknowledgements" section. 585 08: Changed the rdapConformance tag "subsetting_level_0" to 586 "subsetting". Moved [RFC7942] to the "Normative References". 587 09: Corrected the "rdapConformance" content in Figure 2. 589 10: Corrected the JSON content in Figure 1. Clarified the meaning 590 of both context and target URIs in a result subset link defined in 591 Section 2.1.2. Updated the "Acknowledgements" section. 592 11: Minor pre-AD review edits. 593 12: Additional minor pre-AD review edits. 594 13: Edits due to Gen-ART review: in the first paragraph of Section 2 595 clarified how field sets are defined by a server, in the first 596 sentence of Section 5 replaced SHOULD with MUST. Other minor 597 edits due to AD review. 598 14: Edits due to IESG review: 600 * replaced "fewer data transferred" with "less data transferred" 601 in the "Introduction" section; 602 * in the "Subsetting Metadata" section: 604 + replaced the phrase "collected in a new data structure" with 605 the phrase "collected in a new JSON data structure"; 606 + replaced "Members are:" with "The AvailableFieldSet object 607 includes the following members:"; 608 + clarified that an RDAP server MUST define only one default 609 field set; 610 * clarified the required members of a Link object in the 611 "Representing Subsetting Links" section; 612 * rewritten the "Dealing with Relationships" section; 613 * in the "Basic Field Sets" section: 615 + replaced the phrase "include a 'self' link in each field 616 set" with the phrase "include a 'links' field indicating the 617 'self' link relationship"; 618 + replaced the phrase "'unicodeName' field MUST be included" 619 with the phrase "'unicodeName' field MUST additionally be 620 included"; 621 * in the "Negative Answers" section: 623 + replaced the phrase "the response MAY include additional 624 information regarding the negative answer" with the phrase 625 "the response MAY include additional information regarding 626 the supported field sets"; 627 + added a new example; 628 * replaced the phrase "and subsequent denial of service due to 629 abuse" with the phrase "and subsequent denial of service" in 630 "Security Considerations" section; 631 * corrected the [REST] reference in the "Informative References" 632 section; 633 * in "Appendix A": 635 + added the phrase " offered by data providers on the web" 636 after the phrase "Looking at the implementation experiences 637 of partial response"; 638 + replaced the phrase "servers should define a strategy" with 639 the phrase "servers have to define a strategy"; 640 + replaced the term "latter approach" with the term "field set 641 approach" in the "Appendix A.1" section; 642 * updated the "Acknowledgements" section. 643 15: Minor edit in the "Appendix A.1" section; 644 16: Changed a figure containing only an RDAP query into text. Made 645 the RDAP queries uniform. Other minor edits. 647 Authors' Addresses 649 Mario Loffredo 650 IIT-CNR/Registro.it 651 Via Moruzzi,1 652 Pisa 56124 653 IT 655 Email: mario.loffredo@iit.cnr.it 656 URI: http://www.iit.cnr.it 658 Maurizio Martinelli 659 IIT-CNR/Registro.it 660 Via Moruzzi,1 661 Pisa 56124 662 IT 664 Email: maurizio.martinelli@iit.cnr.it 665 URI: http://www.iit.cnr.it