idnits 2.17.1 draft-ietf-weirds-rdap-query-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 26, 2012) is 4140 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-14) exists of draft-ietf-weirds-json-response-00 == Outdated reference: A later version (-12) exists of draft-ietf-weirds-rdap-sec-00 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-rdap-sec' == Outdated reference: A later version (-15) exists of draft-ietf-weirds-using-http-00 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-using-http' ** Downref: Normative reference to an Unknown state RFC: RFC 952 ** Downref: Normative reference to an Informational RFC: RFC 1166 ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Downref: Normative reference to an Informational RFC: RFC 4290 -- Obsolete informational reference (is this intentional?): RFC 4627 (Obsoleted by RFC 7158, RFC 7159) Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Newton 3 Internet-Draft ARIN 4 Intended status: Standards Track S. Hollenbeck 5 Expires: May 30, 2013 Verisign Labs 6 November 26, 2012 8 Unified Registration Data Access Protocol Query Format 9 draft-ietf-weirds-rdap-query-01 11 Abstract 13 This document describes uniform patterns to construct HTTP URLs that 14 may be used to retrieve registration information from registries 15 (including both Regional Internet Registries (RIRs) and Domain Name 16 Registries (DNRs)) using "RESTful" web access patterns. 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on May 30, 2013. 35 Copyright Notice 37 Copyright (c) 2012 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Conventions Used in This Document . . . . . . . . . . . . . . 3 53 1.1. Acronyms and Abbreviations . . . . . . . . . . . . . . . . 3 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 3. Path Segment Specification . . . . . . . . . . . . . . . . . . 4 56 3.1. IP Network Path Segment Specification . . . . . . . . . . 4 57 3.2. Autonomous System Path Segment Specification . . . . . . . 5 58 3.3. Domain Path Segment Specification . . . . . . . . . . . . 5 59 3.4. Name Server Path Segment Specification . . . . . . . . . . 6 60 3.5. Entity Path Segment Specification . . . . . . . . . . . . 6 61 4. Extensibility . . . . . . . . . . . . . . . . . . . . . . . . 6 62 5. Internationalization Considerations . . . . . . . . . . . . . 7 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 64 7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 65 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 66 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 9.1. Normative References . . . . . . . . . . . . . . . . . . . 8 68 9.2. Informative References . . . . . . . . . . . . . . . . . . 9 69 Appendix A. Path Segment Specification for Search Queries . . . . 9 70 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 10 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 73 1. Conventions Used in This Document 75 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 76 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 77 document are to be interpreted as described in RFC 2119 [RFC2119]. 79 1.1. Acronyms and Abbreviations 81 DNR: Domain Name Registry 83 RDAP: Registration Data Access Protocol 85 RIR: Regional Internet Registry 87 2. Introduction 89 This document describes a specification for querying registration 90 data using a RESTful web service and uniform query patterns. The 91 service is implemented using the Hypertext Transfer Protocol (HTTP) 92 [RFC2616]. 94 The protocol described in this specification is intended to address 95 deficiencies with the WHOIS protocol [RFC3912] that have been 96 identified over time, including: 98 o Lack of standardized command structures, 99 o lack of standardized output and error structures, 100 o lack of support for internationalization and localization, and 101 o lack of support for user identification, authentication, and 102 access control. 104 The patterns described in this document purposefully do not encompass 105 all of the methods employed in the WHOIS and RESTful web services of 106 all of the RIRs and DNRs. The intent of the patterns described here 107 are to enable lookups of networks by IP address, autonomous system 108 numbers by number, reverse DNS meta-data by domain, domains by name, 109 name servers by name, registrars by name, and entities (such as 110 contacts) by identifier. It is envisioned that each registry will 111 continue to maintain NICNAME/WHOIS and/or RESTful web services 112 specific to their needs and those of their constituencies, and the 113 information retrieved through the patterns described here may 114 reference such services. 116 WHOIS services, in general, are read-only services. Therefore URL 117 [RFC3986] patterns presented here are only applicable to the HTTP 118 [RFC2616] GET and HEAD methods. 120 This document does not describe the results or entities returned from 121 issuing the described URLs with an HTTP GET. It is envisioned that 122 other documents will describe these entities in various serialization 123 formats, such as JavaScript Object Notation (JSON, [RFC4627]). 125 Additionally, resource management, provisioning and update functions 126 are out of scope for this document. Registries have various and 127 divergent methods covering these functions, and it is unlikely a 128 uniform approach for these functions will ever be possible. 130 While HTTP contains mechanisms for servers to authenticate clients 131 and for clients to authenticate servers (from which authorization 132 schemes may be built), both authentication of clients and servers and 133 authorization for access to data are out-of-scope of this document. 134 In general, these matters require "policy" and are not the domain of 135 technical standards bodies. 137 3. Path Segment Specification 139 The uniform patterns start with a base URL [RFC3986] specified by 140 each registry or any other service provider offering this service. 141 The base URL will be appended with resource type specific path 142 segments. The base URL may contain its own path segments (e.g. 143 http://example.com/... or http://example.com/restful-WHOIS/... ). 145 The resource type path segments are: 146 o 'ip': IP networks and associated data referenced using either an 147 IPv4 or IPv6 address. 148 o 'autnum': Autonomous system registrations and associated data 149 referenced using an AS Plain autonomous system number. 150 o 'domain': Reverse DNS (RIR) or domain name (DNR) information and 151 associated data referenced using a fully-qualified domain name. 152 o 'nameserver': Used to identify a name server information query. 153 o 'entity': Used to identify an entity information query. 155 3.1. IP Network Path Segment Specification 157 Syntax: ip/ or ip// 159 Queries for information about IP networks are of the form /ip/XXX/... 160 or /ip/XXX/YY/... where the path segment following 'ip' is either an 161 IPv4 [RFC1166] or IPv6 [RFC5952] address (i.e. XXX) or an IPv4 or 162 IPv6 CIDR [RFC4632] notation address block (i.e. XXX/YY). 163 Semantically, the simpler form using the address can be thought of as 164 a CIDR block with a length of 32 for IPv4 and a length of 128 for 165 IPv6. A given specific address or CIDR may fall within multiple IP 166 networks in a hierarchy of networks, therefore this query targets the 167 "most-specific" or lowest IP network which completely encompasses it 168 in a hierarchy of IP networks. 170 This is an example URL for the most specific network containing 171 192.0.2.0: 173 /ip/192.0.2.0 175 This is an example of a URL the most specific network containing 176 192.0.2.0/24: 178 /ip/192.0.2.0/24 180 3.2. Autonomous System Path Segment Specification 182 Syntax: autnum/ 184 Queries for information regarding autonomous system number 185 registrations are of the form /autnum/XXX/... where XXX is an 186 autonomous system number [RFC5396]. In some registries, registration 187 of autonomous system numbers is done on an individual number basis, 188 while other registries may register blocks of autonomous system 189 numbers. The semantics of this query is such that if a number falls 190 within a range of registered blocks, the target of the query is the 191 block registration, and that individual number registrations are 192 considered a block of numbers with a size of 1. 194 For example, to find information on autonomous system number 65551, 195 the following path would be used: 197 /autnum/65551 199 3.3. Domain Path Segment Specification 201 Syntax: domain/ 203 Queries for domain information are of the form /domain/XXXX/..., 204 where XXXX is a fully-qualified domain name [RFC4343] in either the 205 in-addr.arpa or ip6.arpa zones (for RIRs) or a fully-qualified domain 206 name in a zone administered by the server operator (for DNRs). 207 Internationalized domain names represented in A-label format 208 [RFC5890] are also valid domain names. 210 The following path would be used to find information describing the 211 zone serving the network 192.0.2/24: 213 /domain/2.0.192.in-addr.arpa 214 The following path would be used to find information for the 215 example.com domain name: 217 /domain/example.com 219 3.4. Name Server Path Segment Specification 221 Syntax: nameserver/ 223 The parameter represents a fully qualified name as 224 specified in RFC 952 [RFC0952] and RFC 1123 [RFC1123]. 225 Internationalized names represented in A-label format [RFC5890] are 226 also valid name server names. 228 The following path would be used to find information for the 229 ns1.example.com name server: 231 /nameserver/ns1.example.com 233 3.5. Entity Path Segment Specification 235 Syntax: entity/ 237 The parameter represents an entity (such as a contact, 238 registrant, or registrar) identifier. For example, for some DNRs 239 contact identifiers are specified in RFC 5730 [RFC5730] and RFC 5733 240 [RFC5733]. 242 The following path would be used to find information for the entity 243 associated with handle CID-4005: 245 /entity/CID-4005 247 4. Extensibility 249 This document describes path segment specifications for a limited 250 number of objects commonly registered in both RIRs and DNRs. It does 251 not attempt to describe path segments for all of the objects 252 registered in all registries. Custom path segments can be created 253 for objects not specified here using the process described in Section 254 TBD of "Using HTTP for RESTful Whois Services by Internet Registries" 255 [I-D.ietf-weirds-using-http]. 257 Custom path segments can be created by prefixing the segment with a 258 unique identifier followed by an underscore character (0x5F). For 259 example, a custom entity path segment could be created by prefixing 260 "entity" with "custom_", producing "custom_entity". Servers SHOULD 261 ignore unrecognized path segments. 263 5. Internationalization Considerations 265 There is value in supporting the ability to submit either a U-label 266 (Unicode form of an IDN label) or an A-label (ASCII form of an IDN 267 label) as a query argument to an RDAP service. Clients with 268 graphical user interfaces may prefer a U-label since this is more 269 visually recognizable and familiar than A-label strings, but clients 270 of programmatic interfaces may wish to submit and display A-labels or 271 may not be able to input U-labels with their keyboard configuration. 272 In the interest of protocol simplicity, A-labels (the "wire format" 273 of IDNs) are the only labels supported by this specification. 275 Internationalized domain and name server names can contain character 276 variants and variant labels as described in RFC 4290 [RFC4290]. 277 Clients that support queries for internationalized domain and name 278 server names MUST accept service provider responses that describe 279 variants as specified in "JSON Responses for the Registration Data 280 Access Protocol" [I-D.ietf-weirds-json-response]. 282 6. IANA Considerations 284 This document does not specify any IANA actions. 286 7. Security Considerations 288 Security services for the operations specified in this document are 289 described in "Security Services for the Registration Data Access 290 Protocol" [I-D.ietf-weirds-rdap-sec]. As we identify specific use 291 cases for which security services are needed they will be described 292 here. 294 8. Acknowledgements 296 This document is derived from original work on RIR query formats 297 developed by Byron J. Ellacott of APNIC, Arturo L. Servin of LACNIC, 298 Kaveh Ranjbar of the RIPE NCC, and Andrew L. Newton of ARIN. 299 Additionally, this document incorporates DNR query formats originally 300 described by Francisco Arias and Steve Sheng of ICANN and Scott 301 Hollenbeck of Verisign. 303 The authors would like to acknowledge the following individuals for 304 their contributions to this document: TBD. 306 9. References 308 9.1. Normative References 310 [I-D.ietf-weirds-json-response] 311 Newton, A. and S. Hollenbeck, "JSON Responses for the 312 Registy Data Access Protocol (RDAP)", 313 draft-ietf-weirds-json-response-00 (work in progress), 314 September 2012. 316 [I-D.ietf-weirds-rdap-sec] 317 Hollenbeck, S. and N. Kong, "Security Services for the 318 Registration Data Access Protocol", 319 draft-ietf-weirds-rdap-sec-00 (work in progress), 320 September 2012. 322 [I-D.ietf-weirds-using-http] 323 Newton, A., Ellacott, B., and N. Kong, "Using the 324 Registration Data Access Protocol (RDAP) with HTTP", 325 draft-ietf-weirds-using-http-00 (work in progress), 326 September 2012. 328 [RFC0952] Harrenstien, K., Stahl, M., and E. Feinler, "DoD Internet 329 host table specification", RFC 952, October 1985. 331 [RFC1123] Braden, R., "Requirements for Internet Hosts - Application 332 and Support", STD 3, RFC 1123, October 1989. 334 [RFC1166] Kirkpatrick, S., Stahl, M., and M. Recker, "Internet 335 numbers", RFC 1166, July 1990. 337 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 338 Requirement Levels", BCP 14, RFC 2119, March 1997. 340 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 341 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 342 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 344 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 345 Resource Identifier (URI): Generic Syntax", STD 66, 346 RFC 3986, January 2005. 348 [RFC4290] Klensin, J., "Suggested Practices for Registration of 349 Internationalized Domain Names (IDN)", RFC 4290, 350 December 2005. 352 [RFC4343] Eastlake, D., "Domain Name System (DNS) Case Insensitivity 353 Clarification", RFC 4343, January 2006. 355 [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing 356 (CIDR): The Internet Address Assignment and Aggregation 357 Plan", BCP 122, RFC 4632, August 2006. 359 [RFC5396] Huston, G. and G. Michaelson, "Textual Representation of 360 Autonomous System (AS) Numbers", RFC 5396, December 2008. 362 [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", 363 STD 69, RFC 5730, August 2009. 365 [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) 366 Contact Mapping", STD 69, RFC 5733, August 2009. 368 [RFC5890] Klensin, J., "Internationalized Domain Names for 369 Applications (IDNA): Definitions and Document Framework", 370 RFC 5890, August 2010. 372 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 373 Address Text Representation", RFC 5952, August 2010. 375 9.2. Informative References 377 [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, 378 September 2004. 380 [RFC4627] Crockford, D., "The application/json Media Type for 381 JavaScript Object Notation (JSON)", RFC 4627, July 2006. 383 URIs 385 [1] 387 [2] 389 [3] 391 [4] 393 Appendix A. Path Segment Specification for Search Queries 395 All of the path segments described in this document identify patterns 396 for exact-match lookups of data elements. We have explicitly omitted 397 specifications for search queries in the interest of first focusing 398 on more basic protocol operations. Once we understand how exact- 399 match queries will work we will attempt to define specifications for 400 search queries. 402 It is important to note that there are already multiple 403 implementations of RESTful RDAP-like prototypes that provide search 404 capabilities. For example: 406 The American Registry for Internet Numbers (ARIN) has published an 407 API [1] (see Section 4.4.2) that describes using plural forms of 408 path segment identifiers (e.g. "domains") and Matrix URIs [2] to 409 indicate that a client is requesting a list of values when 410 searching for RIR registration data. A prototype service [3] that 411 implements this API is up and running. 413 Verisign has deployed a prototype service [4] that implements 414 searches for DNR registration data using HTML query strings (e.g. 415 "?_PRE") to identify search parameters. For example, 416 "http://dnrd.verisignlabs.com/dnrd-ap/domain/verisign?_PRE" 417 performs a search for domain names with a "verisign" prefix. 419 The specifications that are eventually added to this document will 420 likely combine features from these and other examples of running 421 code. 423 Appendix B. Change Log 425 Initial -00: Adopted as working group document. 426 -01: Added "Conventions Used in This Document" section. Added 427 normative reference to draft-ietf-weirds-rdap-sec and some 428 wrapping text in the Security Considerations section. 430 Authors' Addresses 432 Andrew Lee Newton 433 American Registry for Internet Numbers 434 3635 Concorde Parkway 435 Chantilly, VA 20151 436 US 438 Email: andy@arin.net 439 URI: http://www.arin.net 440 Scott Hollenbeck 441 Verisign Labs 442 12061 Bluemont Way 443 Reston, VA 20190 444 US 446 Email: shollenbeck@verisign.com 447 URI: http://www.verisignlabs.com/