idnits 2.17.1 draft-ietf-weirds-rdap-query-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 19, 2013) is 3811 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-14) exists of draft-ietf-weirds-json-response-06 == Outdated reference: A later version (-12) exists of draft-ietf-weirds-rdap-sec-05 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-rdap-sec' == Outdated reference: A later version (-15) exists of draft-ietf-weirds-using-http-07 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-weirds-using-http' ** Downref: Normative reference to an Unknown state RFC: RFC 952 ** Downref: Normative reference to an Informational RFC: RFC 1166 ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Downref: Normative reference to an Informational RFC: RFC 4290 ** Obsolete normative reference: RFC 5785 (Obsoleted by RFC 8615) -- Obsolete informational reference (is this intentional?): RFC 4627 (Obsoleted by RFC 7158, RFC 7159) Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Newton 3 Internet-Draft ARIN 4 Intended status: Standards Track S. Hollenbeck 5 Expires: May 23, 2014 Verisign Labs 6 November 19, 2013 8 Registration Data Access Protocol Query Format 9 draft-ietf-weirds-rdap-query-08 11 Abstract 13 This document describes uniform patterns to construct HTTP URLs that 14 may be used to retrieve registration information from registries 15 (including both Regional Internet Registries (RIRs) and Domain Name 16 Registries (DNRs)) using "RESTful" web access patterns. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on May 23, 2014. 35 Copyright Notice 37 Copyright (c) 2013 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Conventions Used in This Document . . . . . . . . . . . . . . 2 53 1.1. Acronyms and Abbreviations . . . . . . . . . . . . . . . 2 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 3. Path Segment Specification . . . . . . . . . . . . . . . . . 4 56 3.1. Lookup Path Segment Specification . . . . . . . . . . . . 4 57 3.1.1. IP Network Path Segment Specification . . . . . . . . 5 58 3.1.2. Autonomous System Path Segment Specification . . . . 5 59 3.1.3. Domain Path Segment Specification . . . . . . . . . . 6 60 3.1.4. Name Server Path Segment Specification . . . . . . . 7 61 3.1.5. Entity Path Segment Specification . . . . . . . . . . 7 62 3.1.6. Help Path Segment Specification . . . . . . . . . . . 7 63 3.2. Search Path Segment Specification . . . . . . . . . . . . 8 64 3.2.1. Domain Search . . . . . . . . . . . . . . . . . . . . 8 65 3.2.2. Name Server Search . . . . . . . . . . . . . . . . . 9 66 3.2.3. Entity Search . . . . . . . . . . . . . . . . . . . . 9 67 4. Search Processing . . . . . . . . . . . . . . . . . . . . . . 10 68 5. Extensibility . . . . . . . . . . . . . . . . . . . . . . . . 11 69 6. Internationalization Considerations . . . . . . . . . . . . . 11 70 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 71 8. Security Considerations . . . . . . . . . . . . . . . . . . . 12 72 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13 73 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 74 10.1. Normative References . . . . . . . . . . . . . . . . . . 13 75 10.2. Informative References . . . . . . . . . . . . . . . . . 15 76 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 15 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 79 1. Conventions Used in This Document 81 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 82 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 83 document are to be interpreted as described in RFC 2119 [RFC2119]. 85 1.1. Acronyms and Abbreviations 87 IDN: Internationalized Domain Name 88 IDNA: Internationalized Domain Names in Applications 89 DNR: Domain Name Registry 90 RDAP: Registration Data Access Protocol 91 REST: Representational State Transfer State Transfer. The term 92 was first described in a doctoral dissertation [REST]. 93 RESTful: an adjective that describes a service using HTTP and the 94 principles of REST. 95 RIR: Regional Internet Registry 97 2. Introduction 99 This document describes a specification for querying registration 100 data using a RESTful web service and uniform query patterns. The 101 service is implemented using the Hypertext Transfer Protocol (HTTP) 102 [RFC2616]. 104 The protocol described in this specification is intended to address 105 deficiencies with the WHOIS protocol [RFC3912] that have been 106 identified over time, including: 108 o Lack of standardized command structures, 109 o lack of standardized output and error structures, 110 o lack of support for internationalization and localization, and 111 o lack of support for user identification, authentication, and 112 access control. 114 The patterns described in this document purposefully do not encompass 115 all of the methods employed in the WHOIS and RESTful web services of 116 all of the RIRs and DNRs. The intent of the patterns described here 117 are to enable queries of: 119 o networks by IP address, 120 o autonomous system numbers by number, 121 o reverse DNS meta-data by domain, 122 o name servers by name, 123 o registrars by name, and 124 o entities (such as contacts) by identifier. 126 It is envisioned that each registry will continue to maintain NICNAME 127 /WHOIS and/or RESTful web services specific to their needs and those 128 of their constituencies, and the information retrieved through the 129 patterns described here may reference such services. 131 Likewise, future IETF standards may add additional patterns for 132 additional query types. A simple pattern namespacing scheme is 133 described in Section 5 to accommodate custom extensions that will not 134 interfere with the patterns defined in this document or patterns 135 defined in future IETF standards. 137 WHOIS services, in general, are read-only services. Therefore URL 138 [RFC3986] patterns specified in this document are only applicable to 139 the HTTP [RFC2616] GET and HEAD methods. 141 This document does not describe the results or entities returned from 142 issuing the described URLs with an HTTP GET. JSON [RFC4627] result 143 formatting and processing is described in 144 [I-D.ietf-weirds-json-response]. 146 Additionally, resource management, provisioning and update functions 147 are out of scope for this document. Registries have various and 148 divergent methods covering these functions, and it is unlikely a 149 uniform approach for these functions will ever be possible. 151 HTTP contains mechanisms for servers to authenticate clients and for 152 clients to authenticate servers (from which authorization schemes may 153 be built) so such mechanisms are not described in this document. 154 Policy, provisioning, and processing of authentication and 155 authorization are out-of-scope for this document as deployments will 156 have to make choices based on local criteria. Specified 157 authentication mechanisms MUST use HTTP. 159 3. Path Segment Specification 161 Uniform query patterns start with a base URL [RFC3986] specified by 162 each registry or any other service provider offering this service. 163 The base URL is followed by a path prefix that identifies a well 164 known [RFC5785] location for per-resource metadata, ".well-known/ 165 rdap". The path prefix is followed by a path segment that is 166 specific to each type of resource. The characters used to form a 167 path segment are limited to those that can be used to form a URI as 168 specified in RFC 3986 [RFC3986]. This specification uses the 169 following base URL and path prefix in examples: 171 http://example.com/.well-known/rdap 173 The base URL is specific to each server implementation. The ".well- 174 known/rdap" path prefix MUST be present. 176 3.1. Lookup Path Segment Specification 178 The resource type path segments for exact match lookup are: 180 o 'ip': Used to identify IP networks and associated data referenced 181 using either an IPv4 or IPv6 address. 182 o 'autnum': Used to identify autonomous system registrations and 183 associated data referenced using an AS Plain autonomous system 184 number. 185 o 'domain': Used to identify reverse DNS (RIR) or domain name (DNR) 186 information and associated data referenced using a fully-qualified 187 domain name. 188 o 'nameserver': Used to identify a name server information query 189 using a host name. 190 o 'entity': Used to identify an entity information query using a 191 string identifier. 193 3.1.1. IP Network Path Segment Specification 195 Syntax: ip/ or ip// 197 Queries for information about IP networks are of the form /ip/XXX/... 198 or /ip/XXX/YY/... where the path segment following 'ip' is either an 199 IPv4 [RFC1166] or IPv6 [RFC5952] address (i.e. XXX) or an IPv4 or 200 IPv6 CIDR [RFC4632] notation address block (i.e. XXX/YY). 201 Semantically, the simpler form using the address can be thought of as 202 a CIDR block with a bitmask length of 32 for IPv4 and a bitmask 203 length of 128 for IPv6. A given specific address or CIDR may fall 204 within multiple IP networks in a hierarchy of networks, therefore 205 this query targets the "most-specific" or smallest IP network which 206 completely encompasses it in a hierarchy of IP networks. 208 The IPv4 and IPv6 address formats supported in this query are 209 described in section 3.2.2 of [RFC3986], as IPv4address and 210 IPv6address ABNF definitions. Any valid IPv6 text address format 211 [RFC4291] can be used, compressed or not compressed. The restricted 212 rules to write a text representation of an IPv6 address [RFC5952] are 213 not mandatory. However, the zone id [RFC4007] is not appropriate in 214 this context and therefore prohibited. 216 For example, the following URL would be used to find information for 217 the most specific network containing 192.0.2.0: 219 http://example.com/.well-known/rdap/ip/192.0.2.0 221 The following URL would be used to find information for the most 222 specific network containing 192.0.2.0/24: 224 http://example.com/.well-known/rdap/ip/192.0.2.0/24 226 The following URL would be used to find information for the most 227 specific network containing 2001:db8::0: 229 http://example.com/.well-known/rdap/ip/2001:db8::0 231 3.1.2. Autonomous System Path Segment Specification 233 Syntax: autnum/ 235 Queries for information regarding autonomous system number 236 registrations are of the form /autnum/XXX/... where XXX is an AS 237 Plain autonomous system number [RFC5396]. In some registries, 238 registration of autonomous system numbers is done on an individual 239 number basis, while other registries may register blocks of 240 autonomous system numbers. The semantics of this query are such that 241 if a number falls within a range of registered blocks, the target of 242 the query is the block registration, and that individual number 243 registrations are considered a block of numbers with a size of 1. 245 For example, the following URL would be used to find information 246 describing autonomous system number 12 (a number within a range of 247 registered blocks): 249 http://example.com/.well-known/rdap/autnum/12 251 The following URL would be used to find information describing 4-byte 252 autonomous system number 65538: 254 http://example.com/.well-known/rdap/autnum/65538 256 3.1.3. Domain Path Segment Specification 258 Syntax: domain/ 260 Queries for domain information are of the form /domain/XXXX/..., 261 where XXXX is a fully-qualified domain name [RFC4343] in either the 262 in-addr.arpa or ip6.arpa zones (for RIRs) or a fully-qualified domain 263 name in a zone administered by the server operator (for DNRs). 264 Internationalized domain names represented in either A-label or 265 U-label format [RFC5890] are also valid domain names. IDN labels 266 SHOULD NOT be represented as a mixture of A-labels and U-labels. 268 If the client sends the server an IDN in U-label format, servers that 269 support IDNs MUST convert the IDN into A-label format and perform 270 IDNA processing as specified in RFC 5891 [RFC5891]. The server 271 should perform an exact match lookup using the A-label. 273 The following URL would be used to find information describing the 274 zone serving the network 192.0.2/24: 276 http://example.com/.well-known/rdap/domain/2.0.192.in-addr.arpa 278 The following URL would be used to find information describing the 279 zone serving the network 2001:db8:1::/48: 281 http://example.com/.well-known/rdap/domain/ 282 1.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa 284 The following URL would be used to find information for the 285 blah.example.com domain name: 287 http://example.com/.well-known/rdap/domain/blah.example.com 288 The following URL would be used to find information for the 289 xn--fo-5ja.example IDN: 291 http://example.com/.well-known/rdap/domain/xn--fo-5ja.example 293 3.1.4. Name Server Path Segment Specification 295 Syntax: nameserver/ 297 The parameter represents a fully qualified name as 298 specified in RFC 952 [RFC0952] and RFC 1123 [RFC1123]. 299 Internationalized names represented in either A-label or U-label 300 format [RFC5890] are also valid name server names. IDN labels SHOULD 301 NOT be represented as a mixture of A-labels and U-labels. 303 If the client sends the server an IDN in U-label format, servers that 304 support IDNs MUST convert the IDN into A-label format and perform 305 IDNA processing as specified in RFC 5891 [RFC5891]. The server 306 should perform an exact match lookup using the A-label. 308 The following URL would be used to find information for the 309 ns1.example.com name server: 311 http://example.com/.well-known/rdap/nameserver/ns1.example.com 313 The following URL would be used to find information for the 314 ns1.xn--fo-5ja.example name server: 316 http://example.com/.well-known/rdap/nameserver/ns1.xn--fo-5ja.example 318 3.1.5. Entity Path Segment Specification 320 Syntax: entity/ 322 The parameter represents an entity (such as a contact, 323 registrant, or registrar) identifier. For example, for some DNRs 324 contact identifiers are specified in RFC 5730 [RFC5730] and RFC 5733 325 [RFC5733]. 327 The following URL would be used to find information for the entity 328 associated with handle XXXX: 330 http://example.com/.well-known/rdap/entity/XXXX 332 3.1.6. Help Path Segment Specification 334 Syntax: help 335 The help path segment can be used to request helpful information 336 (command syntax, terms of service, privacy policy, rate limiting 337 policy, supported authentication methods, supported extensions, 338 technical support contact, etc.) from an RDAP server. The response 339 to "help" should provide basic information that a client needs to 340 successfully use the service. The following URL would be used to 341 return "help" information: 343 http://example.com/.well-known/rdap/help 345 3.2. Search Path Segment Specification 347 The resource type path segments for search are: 349 o 'domains': Used to identify a domain name information search using 350 a pattern to match a fully-qualified domain name. 351 o 'nameservers': Used to identify a name server information search 352 using a pattern to match a host name. 353 o 'entities': Used to identify an entity information search using a 354 pattern to match a string identifier. 356 RDAP search path segments are formed using a concatenation of the 357 plural form of the object being searched for, a forward slash 358 character ('/', ASCII value 0x002F), and an HTTP query string. The 359 HTTP query string is formed using a concatenation of the question 360 mark character ('?', ASCII value 0x003F), the JSON object value 361 associated with the object being searched for, the equal sign 362 character ('=', ASCII value 0x003D), and the search pattern. For the 363 domain and entity objects described in this document the plural 364 object forms are "domains" and "entities". 366 3.2.1. Domain Search 368 Syntax: domains?name= 370 Searches for domain information are of the form 372 /domains?name=XXXX 374 where XXXX is a search pattern representing a domain name in 375 "letters, digits, hyphen" format [RFC5890] in a zone administered by 376 the server operator of a DNR. The following URL would be used to 377 find DNR information for domain names matching the "example*.com" 378 pattern: 380 http://example.com/.well-known/rdap/domains?name=example*.com 381 Internationalized Domain Names (IDNs) in U-label format [RFC5890] can 382 also be used as search patterns (see Section 4). Searches for these 383 names are of the form /domains?name=XXXX, where XXXX is a search 384 pattern representing a domain name in U-label format [RFC5890]. 386 3.2.2. Name Server Search 388 Syntax: nameservers?name= 390 Searches for name server information are of the form 392 /nameservers?name=XXXX 394 where XXXX is a search pattern representing a host name in "letters, 395 digits, hyphen" format [RFC5890] in a zone administered by the server 396 operator of a DNR. The following URL would be used to find DNR 397 information for name server names matching the "ns1.example*.com" 398 pattern: 400 http://example.com/.well-known/rdap/nameservers?name=ns1.example*.com 402 Internationalized name server names in U-label format [RFC5890] can 403 also be used as search patterns (see Section 4). Searches for these 404 names are of the form /nameservers?name=XXXX, where XXXX is a search 405 pattern representing a name server name in U-label format [RFC5890]. 407 3.2.3. Entity Search 409 Syntax: entities?fn= 411 Syntax: entities?handle= 413 Searches for entity information by name are of the form 415 /entities?fn=XXXX 417 where XXXX is a search pattern representing an entity name as 418 specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The 419 following URL would be used to find information for entity names 420 matching the "Bobby Joe*" pattern. 422 http://example.com/.well-known/rdap/entities?fn=Bobby%20Joe* 424 Searches for entity information by handle are of the form 426 /entities?handle=XXXX 427 where XXXX is a search pattern representing an entity handle as 428 specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The 429 following URL would be used to find information for entity names 430 matching the "CID-40*" pattern. 432 http://example.com/.well-known/rdap/entities?handle=CID-40* 434 URLs MUST be properly encoded according to the rules of [RFC3986]. 435 In the example above, "Bobby Joe*" is encoded to "Bobby%20Joe*". 437 4. Search Processing 439 Partial string searching uses the asterisk ('*', ASCII value 0x002A) 440 character to match zero or more trailing characters. A character 441 string representing a top-level domain MAY be concatenated to the end 442 of the search pattern to limit the scope of the search. For example, 443 the search pattern "exam*" will match "example.com" and 444 "example.net". The search pattern "exam*.com" will match 445 "example.com". Additional pattern matching processing is beyond the 446 scope of this specification. 448 If a server receives a search request but cannot process the request 449 because it does not support a particular style of partial match 450 searching, it SHOULD return an HTTP 422 [RFC4918] error. When 451 returning a 422 error, the server MAY also return an error response 452 body as specified in Section 7 of [I-D.ietf-weirds-json-response] if 453 the requested media type is one that is specified in 454 [I-D.ietf-weirds-using-http]. 456 Partial matching is not feasible across combinations of Unicode 457 characters because Unicode characters can be combined with another 458 Unicode character or characters. Servers SHOULD NOT partially match 459 combinations of Unicode characters where a Unicode character may be 460 legally combined with another Unicode character or characters. 461 Clients should avoid submitting a partial match search of Unicode 462 characters where a Unicode character may be legally combined with 463 another Unicode character or characters. Partial match searches with 464 incomplete combinations of characters where a character must be 465 combined with another character or characters are invalid. Partial 466 match searches with characters that may be combined with another 467 character or characters are to be considered non-combined characters 468 (that is, if character x may be combined with character y but 469 character y is not submitted in the search string then character x is 470 a complete character and no combinations of character x are to be 471 searched). 473 Servers can expect to receive search patterns from clients that 474 contain character strings encoded in different forms supported by 475 HTTP. It is entirely possible to apply filters and normalization 476 rules to search patterns prior to making character comparisons, but 477 this type of processing is more typically needed to determine the 478 validity of registered strings than to match patterns. Servers 479 SHOULD thus accept any search pattern that is otherwise properly 480 encoded. If the pattern consists entirely of ASCII characters, 481 servers SHOULD use case-insensitive prefix matching against ASCII 482 labels to determine partial matches. If the text in the pattern is 483 or can be converted to a U-label, servers SHOULD use prefix matching 484 against U-labels to determine partial matches. 486 Conceptually, a name-record in a database may include a link to an 487 associated name-record, which may include a link to another such 488 record, and so on. If an implementation is to return more than one 489 name-record in response to a query, information from the records 490 thereby identified is returned. 492 Note that this model includes arrangements for associated names, 493 including those that are linked by policy mechanisms and names bound 494 together for some other purposes. Note also that returning 495 information that was not explicitly selected by an exact-match 496 lookup, including additional names that match a relatively fuzzy 497 search as well as lists of names that are linked together, may cause 498 privacy issues. 500 5. Extensibility 502 This document describes path segment specifications for a limited 503 number of objects commonly registered in both RIRs and DNRs. It does 504 not attempt to describe path segments for all of the objects 505 registered in all registries. Custom path segments can be created 506 for objects not specified here using the process described in 507 Section 6 of "HTTP usage in the Registration Data Access Protocol 508 (RDAP)" [I-D.ietf-weirds-using-http]. 510 Custom path segments can be created by prefixing the segment with a 511 unique identifier followed by an underscore character (0x5F). For 512 example, a custom entity path segment could be created by prefixing 513 "entity" with "custom_", producing "custom_entity". Servers MUST 514 return an appropriate failure status code for a request with an 515 unrecognized path segment. 517 6. Internationalization Considerations 519 There is value in supporting the ability to submit either a U-label 520 (Unicode form of an IDN label) or an A-label (ASCII form of an IDN 521 label) as a query argument to an RDAP service. Clients capable of 522 processing non-ASCII characters may prefer a U-label since this is 523 more visually recognizable and familiar than A-label strings, but 524 clients using programmatic interfaces might find it easier to submit 525 and display A-labels if they are unable to input U-labels with their 526 keyboard configuration. Both query forms are acceptable. 528 Internationalized domain and name server names can contain character 529 variants and variant labels as described in RFC 4290 [RFC4290]. 530 Clients that support queries for internationalized domain and name 531 server names MUST accept service provider responses that describe 532 variants as specified in "JSON Responses for the Registration Data 533 Access Protocol" [I-D.ietf-weirds-json-response]. 535 7. IANA Considerations 537 IANA is requested to register the "rdap" well-known URI suffix 538 following the procedures identified in RFC 5785 [RFC5785]. 540 URI suffix: "rdap" 542 Change controller: IETF 544 Specification document: This document, Section 3. 546 Related information: None 548 8. Security Considerations 550 Security services for the operations specified in this document are 551 described in "Security Services for the Registration Data Access 552 Protocol" [I-D.ietf-weirds-rdap-sec]. 554 Search functionality typically requires more server resources (such 555 as memory, CPU cycles, and network bandwidth) when compared to basic 556 lookup functionality. This increases the risk of server resource 557 exhaustion and subsequent denial of service due to abuse. This risk 558 can be mitigated by developing and implementing controls to restrict 559 search functionality to identified and authorized clients. If those 560 clients behave badly, their search privileges can be suspended or 561 revoked. Rate limiting as described in Section 5.5 of "HTTP usage in 562 the Registration Data Access Protocol (RDAP)" 563 [I-D.ietf-weirds-using-http] can also be used to control the rate of 564 received search requests. Server operators can also reduce their 565 risk by restricting the amount of information returned in response to 566 a search request. 568 Search functionality also increases the privacy risk of disclosing 569 object relationships that might not otherwise be obvious. For 570 example, a search that returns IDN variants [RFC6927] that do not 571 explicitly match a client-provided search pattern can disclose 572 information about registered domain names that might not be otherwise 573 available. Implementers need to consider the policy and privacy 574 implications of returning information that was not explicitly 575 requested. 577 9. Acknowledgements 579 This document is derived from original work on RIR query formats 580 developed by Byron J. Ellacott of APNIC, Arturo L. Servin of LACNIC, 581 Kaveh Ranjbar of the RIPE NCC, and Andrew L. Newton of ARIN. 582 Additionally, this document incorporates DNR query formats originally 583 described by Francisco Arias and Steve Sheng of ICANN and Scott 584 Hollenbeck of Verisign Labs. 586 The authors would like to acknowledge the following individuals for 587 their contributions to this document: Francisco Arias, Marc Blanchet, 588 Ernie Dainow, Jean-Philippe Dionne, Behnam Esfahbod, John Klensin, 589 Edward Lewis, and John Levine. 591 10. References 593 10.1. Normative References 595 [I-D.ietf-weirds-json-response] 596 Newton, A. and S. Hollenbeck, "JSON Responses for the 597 Registration Data Access Protocol (RDAP)", draft-ietf- 598 weirds-json-response-06 (work in progress), October 2013. 600 [I-D.ietf-weirds-rdap-sec] 601 Hollenbeck, S. and N. Kong, "Security Services for the 602 Registration Data Access Protocol", draft-ietf-weirds- 603 rdap-sec-05 (work in progress), August 2013. 605 [I-D.ietf-weirds-using-http] 606 Newton, A., Ellacott, B., and N. Kong, "HTTP usage in the 607 Registration Data Access Protocol (RDAP)", draft-ietf- 608 weirds-using-http-07 (work in progress), July 2013. 610 [RFC0952] Harrenstien, K., Stahl, M., and E. Feinler, "DoD Internet 611 host table specification", RFC 952, October 1985. 613 [RFC1123] Braden, R., "Requirements for Internet Hosts - Application 614 and Support", STD 3, RFC 1123, October 1989. 616 [RFC1166] Kirkpatrick, S., Stahl, M., and M. Recker, "Internet 617 numbers", RFC 1166, July 1990. 619 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 620 Requirement Levels", BCP 14, RFC 2119, March 1997. 622 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 623 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 624 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 626 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 627 Resource Identifier (URI): Generic Syntax", STD 66, RFC 628 3986, January 2005. 630 [RFC4290] Klensin, J., "Suggested Practices for Registration of 631 Internationalized Domain Names (IDN)", RFC 4290, December 632 2005. 634 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 635 Architecture", RFC 4291, February 2006. 637 [RFC4343] Eastlake, D., "Domain Name System (DNS) Case Insensitivity 638 Clarification", RFC 4343, January 2006. 640 [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing 641 (CIDR): The Internet Address Assignment and Aggregation 642 Plan", BCP 122, RFC 4632, August 2006. 644 [RFC4918] Dusseault, L., "HTTP Extensions for Web Distributed 645 Authoring and Versioning (WebDAV)", RFC 4918, June 2007. 647 [RFC5396] Huston, G. and G. Michaelson, "Textual Representation of 648 Autonomous System (AS) Numbers", RFC 5396, December 2008. 650 [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", 651 STD 69, RFC 5730, August 2009. 653 [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) 654 Contact Mapping", STD 69, RFC 5733, August 2009. 656 [RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known 657 Uniform Resource Identifiers (URIs)", RFC 5785, April 658 2010. 660 [RFC5890] Klensin, J., "Internationalized Domain Names for 661 Applications (IDNA): Definitions and Document Framework", 662 RFC 5890, August 2010. 664 [RFC5891] Klensin, J., "Internationalized Domain Names in 665 Applications (IDNA): Protocol", RFC 5891, August 2010. 667 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 668 Address Text Representation", RFC 5952, August 2010. 670 10.2. Informative References 672 [REST] Fielding, R. and R. Taylor, "Principled Design of the 673 Modern Web Architecture", ACM Transactions on Internet 674 Technology Vol. 2, No. 2, May 2002. 676 [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, 677 September 2004. 679 [RFC4007] Deering, S., Haberman, B., Jinmei, T., Nordmark, E., and 680 B. Zill, "IPv6 Scoped Address Architecture", RFC 4007, 681 March 2005. 683 [RFC4627] Crockford, D., "The application/json Media Type for 684 JavaScript Object Notation (JSON)", RFC 4627, July 2006. 686 [RFC6927] Levine, J. and P. Hoffman, "Variants in Second-Level Names 687 Registered in Top-Level Domains", RFC 6927, May 2013. 689 Appendix A. Change Log 691 Initial -00: Adopted as working group document. 692 -01: Added "Conventions Used in This Document" section. Added 693 normative reference to draft-ietf-weirds-rdap-sec and some 694 wrapping text in the Security Considerations section. 695 -02: Removed "unified" from the title. Rewrote the last paragraph 696 of section 2. Edited the first paragraph of section 3 to more 697 clearly note that only one path segment is provided. Added 698 "bitmask" to "length" in section 3.1. Changed "lowest IP network" 699 to "smallest IP network" in section 3.1. Added "asplain" to the 700 description of autonomous system numbers in section 3.2. Minor 701 change from "semantics is" to "semantics are" in section 3.2. 702 Changed the last sentence in section 4 to more clearly specify 703 error response behavior. Added acknowledgements. Added a 704 paragraph in the introduction regarding future IETF standards and 705 extensibility. 706 -03: Changed 'query' to 'lookup' in document title to better 707 describe the 'exact match lookup' purpose of this document. 708 Included a multitude of minor additions and clarifications 709 provided by Marc Blanchet and Jean-Philippe Dionne. Modified the 710 domain and name server sections to include support for IDN 711 U-labels. 712 -04: Updated the domain and name server sections to use .example IDN 713 U-labels. Added text to note that mixed IDN labels SHOULD NOT be 714 used. Fixed broken sentences in Section 6. 716 -05: Added "help" path segment. 717 -06: Added search text and removed or edited old search text. 718 -07: Fixed query parameter typo by replacing "/?" with "?". Changed 719 "asplain" to "AS Plain". Added entity search by handle. 720 Corrected section references. Updated IDN search text. 721 -08: Revised URI formats and added IANA instructions to create a 722 registry entry for the "rdap" well-known prefix. Revised search 723 processing text and added search privacy consideration. 724 Synchronized examples with response draft. 726 Authors' Addresses 728 Andrew Lee Newton 729 American Registry for Internet Numbers 730 3635 Concorde Parkway 731 Chantilly, VA 20151 732 US 734 Email: andy@arin.net 735 URI: http://www.arin.net 737 Scott Hollenbeck 738 Verisign Labs 739 12061 Bluemont Way 740 Reston, VA 20190 741 US 743 Email: shollenbeck@verisign.com 744 URI: http://www.verisignlabs.com/