idnits 2.17.1 draft-ietf-weirds-rdap-query-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The document has examples using IPv4 documentation addresses according to RFC6890, but does not use any IPv6 documentation addresses. Maybe there should be IPv6 examples, too? Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 18, 2012) is 4147 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-14) exists of draft-ietf-weirds-json-response-01 == Outdated reference: A later version (-12) exists of draft-ietf-weirds-rdap-sec-01 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-rdap-sec' == Outdated reference: A later version (-15) exists of draft-ietf-weirds-using-http-01 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-using-http' ** Downref: Normative reference to an Unknown state RFC: RFC 952 ** Downref: Normative reference to an Informational RFC: RFC 1166 ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Downref: Normative reference to an Informational RFC: RFC 4290 -- Obsolete informational reference (is this intentional?): RFC 4627 (Obsoleted by RFC 7158, RFC 7159) Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Newton 3 Internet-Draft ARIN 4 Intended status: Standards Track S. Hollenbeck 5 Expires: June 21, 2013 Verisign Labs 6 December 18, 2012 8 Registration Data Access Protocol Query Format 9 draft-ietf-weirds-rdap-query-02 11 Abstract 13 This document describes uniform patterns to construct HTTP URLs that 14 may be used to retrieve registration information from registries 15 (including both Regional Internet Registries (RIRs) and Domain Name 16 Registries (DNRs)) using "RESTful" web access patterns. 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on June 21, 2013. 35 Copyright Notice 37 Copyright (c) 2012 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Conventions Used in This Document . . . . . . . . . . . . . . 3 53 1.1. Acronyms and Abbreviations . . . . . . . . . . . . . . . . 3 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 3. Path Segment Specification . . . . . . . . . . . . . . . . . . 4 56 3.1. IP Network Path Segment Specification . . . . . . . . . . 4 57 3.2. Autonomous System Path Segment Specification . . . . . . . 5 58 3.3. Domain Path Segment Specification . . . . . . . . . . . . 5 59 3.4. Name Server Path Segment Specification . . . . . . . . . . 6 60 3.5. Entity Path Segment Specification . . . . . . . . . . . . 6 61 4. Extensibility . . . . . . . . . . . . . . . . . . . . . . . . 6 62 5. Internationalization Considerations . . . . . . . . . . . . . 7 63 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 64 7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 65 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 66 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 9.1. Normative References . . . . . . . . . . . . . . . . . . . 8 68 9.2. Informative References . . . . . . . . . . . . . . . . . . 9 69 Appendix A. Path Segment Specification for Search Queries . . . . 9 70 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 10 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 73 1. Conventions Used in This Document 75 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 76 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 77 document are to be interpreted as described in RFC 2119 [RFC2119]. 79 1.1. Acronyms and Abbreviations 81 DNR: Domain Name Registry 82 RDAP: Registration Data Access Protocol 83 RIR: Regional Internet Registry 85 2. Introduction 87 This document describes a specification for querying registration 88 data using a RESTful web service and uniform query patterns. The 89 service is implemented using the Hypertext Transfer Protocol (HTTP) 90 [RFC2616]. 92 The protocol described in this specification is intended to address 93 deficiencies with the WHOIS protocol [RFC3912] that have been 94 identified over time, including: 96 o Lack of standardized command structures, 97 o lack of standardized output and error structures, 98 o lack of support for internationalization and localization, and 99 o lack of support for user identification, authentication, and 100 access control. 102 The patterns described in this document purposefully do not encompass 103 all of the methods employed in the WHOIS and RESTful web services of 104 all of the RIRs and DNRs. The intent of the patterns described here 105 are to enable lookups of networks by IP address, autonomous system 106 numbers by number, reverse DNS meta-data by domain, domains by name, 107 name servers by name, registrars by name, and entities (such as 108 contacts) by identifier. It is envisioned that each registry will 109 continue to maintain NICNAME/WHOIS and/or RESTful web services 110 specific to their needs and those of their constituencies, and the 111 information retrieved through the patterns described here may 112 reference such services. 114 Likewise, future IETF standards may add additional patterns for 115 additional query types (for example, "/domains" for a domain search 116 query). And Section 4 defines a simple pattern namespacing scheme to 117 accomodate custom extensions that will not interfere with the 118 patterns defined in this document or patterns defined in future IETF 119 standards. 121 WHOIS services, in general, are read-only services. Therefore URL 122 [RFC3986] patterns presented here are only applicable to the HTTP 123 [RFC2616] GET and HEAD methods. 125 This document does not describe the results or entities returned from 126 issuing the described URLs with an HTTP GET. It is envisioned that 127 other documents will describe these entities in various serialization 128 formats, such as JavaScript Object Notation (JSON, [RFC4627]). 130 Additionally, resource management, provisioning and update functions 131 are out of scope for this document. Registries have various and 132 divergent methods covering these functions, and it is unlikely a 133 uniform approach for these functions will ever be possible. 135 HTTP contains mechanisms for servers to authenticate clients and for 136 clients to authenticate servers (from which authorization schemes may 137 be built) so such mechanisms are not described in this document. 138 Policy, provisioning, and processing of authentication and 139 authorization are out-of-scope for this document as deployments will 140 have to make choices based on local criteria. So long as the 141 solution chosen makes use of the HTTP mechanisms, implementations 142 ought to be interoperable. 144 3. Path Segment Specification 146 The uniform patterns start with a base URL [RFC3986] specified by 147 each registry or any other service provider offering this service. 148 The base URL is followed by a resource-type-specific path segment. 149 The base URL may contain its own path segments (e.g. 150 http://example.com/... or http://example.com/restful-WHOIS/... ). 152 The resource type path segments are: 153 o 'ip': IP networks and associated data referenced using either an 154 IPv4 or IPv6 address. 155 o 'autnum': Autonomous system registrations and associated data 156 referenced using an AS Plain autonomous system number. 157 o 'domain': Reverse DNS (RIR) or domain name (DNR) information and 158 associated data referenced using a fully-qualified domain name. 159 o 'nameserver': Used to identify a name server information query. 160 o 'entity': Used to identify an entity information query. 162 3.1. IP Network Path Segment Specification 164 Syntax: ip/ or ip// 166 Queries for information about IP networks are of the form /ip/XXX/... 167 or /ip/XXX/YY/... where the path segment following 'ip' is either an 168 IPv4 [RFC1166] or IPv6 [RFC5952] address (i.e. XXX) or an IPv4 or 169 IPv6 CIDR [RFC4632] notation address block (i.e. XXX/YY). 170 Semantically, the simpler form using the address can be thought of as 171 a CIDR block with a bitmask length of 32 for IPv4 and a bitmask 172 length of 128 for IPv6. A given specific address or CIDR may fall 173 within multiple IP networks in a hierarchy of networks, therefore 174 this query targets the "most-specific" or smallest IP network which 175 completely encompasses it in a hierarchy of IP networks. 177 This is an example URL for the most specific network containing 178 192.0.2.0: 180 /ip/192.0.2.0 182 This is an example of a URL the most specific network containing 183 192.0.2.0/24: 185 /ip/192.0.2.0/24 187 3.2. Autonomous System Path Segment Specification 189 Syntax: autnum/ 191 Queries for information regarding autonomous system number 192 registrations are of the form /autnum/XXX/... where XXX is an asplain 193 autonomous system number [RFC5396]. In some registries, registration 194 of autonomous system numbers is done on an individual number basis, 195 while other registries may register blocks of autonomous system 196 numbers. The semantics of this query are such that if a number falls 197 within a range of registered blocks, the target of the query is the 198 block registration, and that individual number registrations are 199 considered a block of numbers with a size of 1. 201 For example, to find information on autonomous system number 65551, 202 the following path would be used: 204 /autnum/65551 206 3.3. Domain Path Segment Specification 208 Syntax: domain/ 210 Queries for domain information are of the form /domain/XXXX/..., 211 where XXXX is a fully-qualified domain name [RFC4343] in either the 212 in-addr.arpa or ip6.arpa zones (for RIRs) or a fully-qualified domain 213 name in a zone administered by the server operator (for DNRs). 214 Internationalized domain names represented in A-label format 215 [RFC5890] are also valid domain names. 217 The following path would be used to find information describing the 218 zone serving the network 192.0.2/24: 220 /domain/2.0.192.in-addr.arpa 222 The following path would be used to find information for the 223 example.com domain name: 225 /domain/example.com 227 3.4. Name Server Path Segment Specification 229 Syntax: nameserver/ 231 The parameter represents a fully qualified name as 232 specified in RFC 952 [RFC0952] and RFC 1123 [RFC1123]. 233 Internationalized names represented in A-label format [RFC5890] are 234 also valid name server names. 236 The following path would be used to find information for the 237 ns1.example.com name server: 239 /nameserver/ns1.example.com 241 3.5. Entity Path Segment Specification 243 Syntax: entity/ 245 The parameter represents an entity (such as a contact, 246 registrant, or registrar) identifier. For example, for some DNRs 247 contact identifiers are specified in RFC 5730 [RFC5730] and RFC 5733 248 [RFC5733]. 250 The following path would be used to find information for the entity 251 associated with handle CID-4005: 253 /entity/CID-4005 255 4. Extensibility 257 This document describes path segment specifications for a limited 258 number of objects commonly registered in both RIRs and DNRs. It does 259 not attempt to describe path segments for all of the objects 260 registered in all registries. Custom path segments can be created 261 for objects not specified here using the process described in Section 262 TBD of "Using HTTP for RESTful Whois Services by Internet Registries" 263 [I-D.ietf-weirds-using-http]. 265 Custom path segments can be created by prefixing the segment with a 266 unique identifier followed by an underscore character (0x5F). For 267 example, a custom entity path segment could be created by prefixing 268 "entity" with "custom_", producing "custom_entity". Servers MUST 269 return an appropriate failure status code for a request with an 270 unrecognized path segment. 272 5. Internationalization Considerations 274 There is value in supporting the ability to submit either a U-label 275 (Unicode form of an IDN label) or an A-label (ASCII form of an IDN 276 label) as a query argument to an RDAP service. Clients with 277 graphical user interfaces may prefer a U-label since this is more 278 visually recognizable and familiar than A-label strings, but clients 279 of programmatic interfaces may wish to submit and display A-labels or 280 may not be able to input U-labels with their keyboard configuration. 281 In the interest of protocol simplicity, A-labels (the "wire format" 282 of IDNs) are the only labels supported by this specification. 284 Internationalized domain and name server names can contain character 285 variants and variant labels as described in RFC 4290 [RFC4290]. 286 Clients that support queries for internationalized domain and name 287 server names MUST accept service provider responses that describe 288 variants as specified in "JSON Responses for the Registration Data 289 Access Protocol" [I-D.ietf-weirds-json-response]. 291 6. IANA Considerations 293 This document does not specify any IANA actions. 295 7. Security Considerations 297 Security services for the operations specified in this document are 298 described in "Security Services for the Registration Data Access 299 Protocol" [I-D.ietf-weirds-rdap-sec]. As we identify specific use 300 cases for which security services are needed they will be described 301 here. 303 8. Acknowledgements 305 This document is derived from original work on RIR query formats 306 developed by Byron J. Ellacott of APNIC, Arturo L. Servin of LACNIC, 307 Kaveh Ranjbar of the RIPE NCC, and Andrew L. Newton of ARIN. 308 Additionally, this document incorporates DNR query formats originally 309 described by Francisco Arias and Steve Sheng of ICANN and Scott 310 Hollenbeck of Verisign. 312 The authors would like to acknowledge the following individuals for 313 their contributions to this document: Francisco Arias, Edward Lewis, 314 and John Levine. 316 9. References 318 9.1. Normative References 320 [I-D.ietf-weirds-json-response] 321 Newton, A. and S. Hollenbeck, "JSON Responses for the 322 Registration Data Access Protocol (RDAP)", 323 draft-ietf-weirds-json-response-01 (work in progress), 324 December 2012. 326 [I-D.ietf-weirds-rdap-sec] 327 Hollenbeck, S. and N. Kong, "Security Services for the 328 Registration Data Access Protocol", 329 draft-ietf-weirds-rdap-sec-01 (work in progress), 330 November 2012. 332 [I-D.ietf-weirds-using-http] 333 Newton, A., Ellacott, B., and N. Kong, "Using the 334 Registration Data Access Protocol (RDAP) with HTTP", 335 draft-ietf-weirds-using-http-01 (work in progress), 336 December 2012. 338 [RFC0952] Harrenstien, K., Stahl, M., and E. Feinler, "DoD Internet 339 host table specification", RFC 952, October 1985. 341 [RFC1123] Braden, R., "Requirements for Internet Hosts - Application 342 and Support", STD 3, RFC 1123, October 1989. 344 [RFC1166] Kirkpatrick, S., Stahl, M., and M. Recker, "Internet 345 numbers", RFC 1166, July 1990. 347 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 348 Requirement Levels", BCP 14, RFC 2119, March 1997. 350 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 351 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 352 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 354 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 355 Resource Identifier (URI): Generic Syntax", STD 66, 356 RFC 3986, January 2005. 358 [RFC4290] Klensin, J., "Suggested Practices for Registration of 359 Internationalized Domain Names (IDN)", RFC 4290, 360 December 2005. 362 [RFC4343] Eastlake, D., "Domain Name System (DNS) Case Insensitivity 363 Clarification", RFC 4343, January 2006. 365 [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing 366 (CIDR): The Internet Address Assignment and Aggregation 367 Plan", BCP 122, RFC 4632, August 2006. 369 [RFC5396] Huston, G. and G. Michaelson, "Textual Representation of 370 Autonomous System (AS) Numbers", RFC 5396, December 2008. 372 [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", 373 STD 69, RFC 5730, August 2009. 375 [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) 376 Contact Mapping", STD 69, RFC 5733, August 2009. 378 [RFC5890] Klensin, J., "Internationalized Domain Names for 379 Applications (IDNA): Definitions and Document Framework", 380 RFC 5890, August 2010. 382 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 383 Address Text Representation", RFC 5952, August 2010. 385 9.2. Informative References 387 [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, 388 September 2004. 390 [RFC4627] Crockford, D., "The application/json Media Type for 391 JavaScript Object Notation (JSON)", RFC 4627, July 2006. 393 URIs 395 [1] 397 [2] 399 [3] 401 [4] 403 Appendix A. Path Segment Specification for Search Queries 405 All of the path segments described in this document identify patterns 406 for exact-match lookups of data elements. We have explicitly omitted 407 specifications for search queries in the interest of first focusing 408 on more basic protocol operations. Once we understand how exact- 409 match queries will work we will attempt to define specifications for 410 search queries. 412 It is important to note that there are already multiple 413 implementations of RESTful RDAP-like prototypes that provide search 414 capabilities. For example: 416 ARIN: The American Registry for Internet Numbers (ARIN) has 417 published an API [1] (see Section 4.4.2) that describes using 418 plural forms of path segment identifiers (e.g. "domains") and 419 Matrix URIs [2] to indicate that a client is requesting a list of 420 values when searching for RIR registration data. A prototype 421 service [3] that implements this API is up and running. 422 Verisign: Verisign has deployed a prototype service [4] that 423 implements searches for DNR registration data using HTML query 424 strings (e.g. "?_PRE") to identify search parameters. For 425 example, 426 "http://dnrd.verisignlabs.com/dnrd-ap/domain/verisign?_PRE" 427 performs a search for domain names with a "verisign" prefix. 429 Appendix B. Change Log 431 Initial -00: Adopted as working group document. 432 -01: Added "Conventions Used in This Document" section. Added 433 normative reference to draft-ietf-weirds-rdap-sec and some 434 wrapping text in the Security Considerations section. 435 -02: Removed "unified" from the title. Rewrote the last paragraph 436 of section 2. Edited the first paragraph of section 3 to more 437 clearly note that only one path segement is provided. Added 438 "bitmask" to "length" in section 3.1. Changed "lowest IP network" 439 to "smallest IP network" in section 3.1. Added "asplain" to the 440 description of autonomous system numbers in section 3.2. Minor 441 change from "semantics is" to "semantics are" in section 3.2. 442 Changed the last sentence in section 4 to more clearly specify 443 error response behavior. Added acknowledgements. Added a 444 paragraph in the introduction regarding future IETF standards and 445 extensibility. 447 Authors' Addresses 449 Andrew Lee Newton 450 American Registry for Internet Numbers 451 3635 Concorde Parkway 452 Chantilly, VA 20151 453 US 455 Email: andy@arin.net 456 URI: http://www.arin.net 458 Scott Hollenbeck 459 Verisign Labs 460 12061 Bluemont Way 461 Reston, VA 20190 462 US 464 Email: shollenbeck@verisign.com 465 URI: http://www.verisignlabs.com/