draft-ietf-regext-data-escrow-07.txt   draft-ietf-regext-data-escrow-08.txt 
Network Working Group G. Lozano Network Working Group G. Lozano
Internet-Draft ICANN Internet-Draft ICANN
Intended status: Standards Track Apr 07, 2020 Intended status: Standards Track Apr 27, 2020
Expires: October 9, 2020 Expires: October 29, 2020
Registry Data Escrow Specification Registry Data Escrow Specification
draft-ietf-regext-data-escrow-07 draft-ietf-regext-data-escrow-08
Abstract Abstract
This document specifies the format and contents of data escrow This document specifies the format and contents of data escrow
deposits targeted primarily for domain name registries. However, the deposits targeted primarily for domain name registries. The
specification was designed to be independent of the underlying specification is designed to be independent of the underlying objects
objects that are being escrowed, therefore it could be used for that are being escrowed and therefore it could also be used for
purposes other than domain name registries. purposes other than domain name registries.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 9, 2020. This Internet-Draft will expire on October 29, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 10 skipping to change at page 2, line 10
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Problem Scope . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Problem Scope . . . . . . . . . . . . . . . . . . . . . . . . 4
4. General Conventions . . . . . . . . . . . . . . . . . . . . . 5 4. Conventions Used in This Document . . . . . . . . . . . . . . 6
4.1. Date and Time . . . . . . . . . . . . . . . . . . . . . . 6 4.1. Date and Time . . . . . . . . . . . . . . . . . . . . . . 6
5. Protocol Description . . . . . . . . . . . . . . . . . . . . 6 5. Protocol Description . . . . . . . . . . . . . . . . . . . . 6
5.1. Root element <deposit> . . . . . . . . . . . . . . . . . 6 5.1. Root element <deposit> . . . . . . . . . . . . . . . . . 6
5.2. Rebuilding the registry from data escrow deposits . . . . 8
6. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 8 6. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 8
6.1. RDE Schema . . . . . . . . . . . . . . . . . . . . . . . 8 6.1. RDE Schema . . . . . . . . . . . . . . . . . . . . . . . 8
7. Internationalization Considerations . . . . . . . . . . . . . 10 7. Internationalization Considerations . . . . . . . . . . . . . 10
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
9. Implementation Status . . . . . . . . . . . . . . . . . . . . 11 9. Implementation Status . . . . . . . . . . . . . . . . . . . . 11
9.1. Implementation in the gTLD space . . . . . . . . . . . . 11 9.1. Implementation in the gTLD space . . . . . . . . . . . . 12
10. Security Considerations . . . . . . . . . . . . . . . . . . . 12 10. Security Considerations . . . . . . . . . . . . . . . . . . . 12
11. Privacy Considerations . . . . . . . . . . . . . . . . . . . 13 11. Privacy Considerations . . . . . . . . . . . . . . . . . . . 13
12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
13. Change History . . . . . . . . . . . . . . . . . . . . . . . 13 13. Change History . . . . . . . . . . . . . . . . . . . . . . . 13
13.1. Changes from 00 to 01 . . . . . . . . . . . . . . . . . 13 13.1. Changes from 00 to 01 . . . . . . . . . . . . . . . . . 13
13.2. Changes from 01 to 02 . . . . . . . . . . . . . . . . . 14 13.2. Changes from 01 to 02 . . . . . . . . . . . . . . . . . 14
13.3. Changes from 02 to 03 . . . . . . . . . . . . . . . . . 15 13.3. Changes from 02 to 03 . . . . . . . . . . . . . . . . . 15
13.4. Changes from 03 to 04 . . . . . . . . . . . . . . . . . 15 13.4. Changes from 03 to 04 . . . . . . . . . . . . . . . . . 15
13.5. Changes from 04 to 05 . . . . . . . . . . . . . . . . . 15 13.5. Changes from 04 to 05 . . . . . . . . . . . . . . . . . 15
13.6. Changes from 05 to 06 . . . . . . . . . . . . . . . . . 15 13.6. Changes from 05 to 06 . . . . . . . . . . . . . . . . . 16
13.7. Changes from 06 to 07 . . . . . . . . . . . . . . . . . 15 13.7. Changes from 06 to 07 . . . . . . . . . . . . . . . . . 16
13.8. Changes from 07 to 08 . . . . . . . . . . . . . . . . . 15 13.8. Changes from 07 to 08 . . . . . . . . . . . . . . . . . 16
13.9. Changes from 08 to 09 . . . . . . . . . . . . . . . . . 16 13.9. Changes from 08 to 09 . . . . . . . . . . . . . . . . . 16
13.10. Changes from 09 to 10 . . . . . . . . . . . . . . . . . 16 13.10. Changes from 09 to 10 . . . . . . . . . . . . . . . . . 16
13.11. Changes from 10 to 11 . . . . . . . . . . . . . . . . . 16 13.11. Changes from 10 to 11 . . . . . . . . . . . . . . . . . 16
13.12. Changes from 11 to REGEXT 00 . . . . . . . . . . . . . . 16 13.12. Changes from 11 to REGEXT 00 . . . . . . . . . . . . . . 16
13.13. Changes from version REGEXT 00 to REGEXT 01 . . . . . . 16 13.13. Changes from version REGEXT 00 to REGEXT 01 . . . . . . 16
13.14. Changes from version REGEXT 01 to REGEXT 02 . . . . . . 16 13.14. Changes from version REGEXT 01 to REGEXT 02 . . . . . . 16
13.15. Changes from version REGEXT 02 to REGEXT 03 . . . . . . 16 13.15. Changes from version REGEXT 02 to REGEXT 03 . . . . . . 17
13.16. Changes from version REGEXT 03 to REGEXT 04 . . . . . . 16 13.16. Changes from version REGEXT 03 to REGEXT 04 . . . . . . 17
13.17. Changes from version REGEXT 04 to REGEXT 05 . . . . . . 17 13.17. Changes from version REGEXT 04 to REGEXT 05 . . . . . . 17
13.18. Changes from version REGEXT 05 to REGEXT 06 . . . . . . 17 13.18. Changes from version REGEXT 05 to REGEXT 06 . . . . . . 17
13.19. Changes from version REGEXT 06 to REGEXT 07 . . . . . . 17 13.19. Changes from version REGEXT 06 to REGEXT 07 . . . . . . 17
14. Example of a Full Deposit . . . . . . . . . . . . . . . . . . 17 13.20. Changes from version REGEXT 07 to REGEXT 08 . . . . . . 17
14. Example of a Full Deposit . . . . . . . . . . . . . . . . . . 18
15. Example of a Differential Deposit . . . . . . . . . . . . . . 18 15. Example of a Differential Deposit . . . . . . . . . . . . . . 18
16. Example of a Incremental Deposit . . . . . . . . . . . . . . 19 16. Example of a Incremental Deposit . . . . . . . . . . . . . . 19
17. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 17. References . . . . . . . . . . . . . . . . . . . . . . . . . 20
17.1. Normative References . . . . . . . . . . . . . . . . . . 20 17.1. Normative References . . . . . . . . . . . . . . . . . . 20
17.2. Informative References . . . . . . . . . . . . . . . . . 21 17.2. Informative References . . . . . . . . . . . . . . . . . 21
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 21 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction 1. Introduction
Registry Data Escrow is the process by which a registry periodically Registry Data Escrow is the process by which a registry periodically
submits data deposits to a third-party called an escrow agent. These submits data deposits to a third-party called an escrow agent. These
deposits comprise the minimum data needed by a third-party to resume deposits comprise the minimum data needed by a third-party to resume
operations if the registry cannot function and is unable or unwilling operations if the registry cannot function and is unable or unwilling
to facilitate an orderly transfer of service. For example, for a to facilitate an orderly transfer of service. For example, for a
domain name registry or registrar, the data to be deposited would domain name registry or registrar, the data to be deposited would
include all the objects related to registered domain names, e.g., include all the objects related to registered domain names, e.g.,
names, contacts, name servers, etc. names, contacts, name servers, etc.
The goal of data escrow is higher resiliency of registration The goal of data escrow is higher resiliency of registration
services, for the benefit of Internet users. The beneficiaries of a services, for the benefit of Internet users. The beneficiaries of a
registry are not just those registering information there, but all registry are not just those registering information there, but also
relying parties that need to identify the owners of objects. the users of services relying on the registry data.
In the context of domain name registries, registration data escrow is In the context of domain name registries, registration data escrow is
a requirement for generic top-level domains and some country code a requirement for generic top-level domains (e.g., Specification 2 of
top-level domain managers are also currently escrowing data. There the ICANN Base Registry Agreement, see [ICANN-GTLD-RA-20170731]) and
is also a similar requirement for ICANN-accredited domain registrars. some country code top-level domain managers are also currently
escrowing data. There is also a similar requirement for ICANN-
accredited domain registrars.
This document specifies a format for data escrow deposits independent This document specifies a format for data escrow deposits independent
of the objects being escrowed. A specification is required for each of the objects being escrowed. An independent specification is
type of registry/set of objects that is expected to be escrowed. required for each type of registry/set of objects that is expected to
be escrowed.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
Deposit. Deposits can be of three kinds: Full, Differential or Deposit. Deposits can be of three kinds: Full, Differential or
skipping to change at page 4, line 20 skipping to change at page 4, line 22
and complete registry database and will consist of data that reflects and complete registry database and will consist of data that reflects
the state of the registry as of a defined Timeline Watermark for the the state of the registry as of a defined Timeline Watermark for the
deposit. deposit.
Incremental Deposit. Contains data that reflects all transactions Incremental Deposit. Contains data that reflects all transactions
involving the database that were not reflected in the last previous involving the database that were not reflected in the last previous
Full Deposit. Incremental Deposit files will contain information Full Deposit. Incremental Deposit files will contain information
from all database objects that were added, modified or deleted since from all database objects that were added, modified or deleted since
the previous Full Deposit was completed as of its defined Timeline the previous Full Deposit was completed as of its defined Timeline
Watermark. If the Timeline Watermark of an Incremental Deposit were Watermark. If the Timeline Watermark of an Incremental Deposit were
to cover the Timeline Watermark of another (Incremental or to cover (i.e., one or more Incremental or Differential Deposits
Differential) Deposit since the last Full Deposit, the more recent exist for the period between the Timeline Watermark of a Full and an
deposit MUST contain all the transactions of the earlier deposit. Incremental or Differential Deposit) the Timeline Watermark of
another Incremental or Differential Deposit since the last Full
Deposit, the more recent deposit MUST contain all the transactions of
the earlier deposit.
Registrar. See definition of Registrar in [RFC8499]. Registrar. See definition of Registrar in [RFC8499].
Registry. See definition of Registry in [RFC8499]. Registry. See definition of Registry in [RFC8499].
Third-Party Beneficiary. Is the organization that, under Third-Party Beneficiary. Is the organization that, under
extraordinary circumstances, would receive the escrow deposits the extraordinary circumstances, would receive the escrow deposits the
registry transferred to the escrow agent. This organization could be registry transferred to the escrow agent. This organization could be
a backup registry, registry regulator, contracting party of the a backup registry, registry regulator, contracting party of the
registry, etc. registry, etc.
skipping to change at page 5, line 47 skipping to change at page 6, line 5
objects that can be recreated by the new registry, particularly those objects that can be recreated by the new registry, particularly those
of delicate confidentiality, e.g., DNSSEC KSK/ZSK private keys. of delicate confidentiality, e.g., DNSSEC KSK/ZSK private keys.
Details that are a matter of policy should be identified as such for Details that are a matter of policy should be identified as such for
the benefit of the implementers. the benefit of the implementers.
Non-technical issues concerning data escrow, such as whether to Non-technical issues concerning data escrow, such as whether to
escrow data and under which purposes the data may be used, are escrow data and under which purposes the data may be used, are
outside of scope of this document. outside of scope of this document.
4. General Conventions 4. Conventions Used in This Document
The XML namespace prefix "rde" is used for the namespace The XML namespace prefix "rde" is used for the namespace
"urn:ietf:params:xml:ns:rde-1.0", but implementations MUST NOT depend "urn:ietf:params:xml:ns:rde-1.0", but implementations MUST NOT depend
on it; instead, they should employ a proper namespace-aware XML on it; instead, they should employ a proper namespace-aware XML
parser and serializer to interpret and output the XML documents. parser and serializer to interpret and output the XML documents.
The XML namespace prefix "rdeObj1" and "rdeObj2" with the The XML namespace prefix "rdeObj1" and "rdeObj2" with the
corresponding namespaces "urn:ietf:params:xml:ns:rdeObj1-1.0" and corresponding namespaces "urn:example:params:xml:ns:rdeObj1-1.0" and
"urn:ietf:params:xml:ns:rdeObj2-1.0" are used as example data escrow "urn:example:params:xml:ns:rdeObj2-1.0" are used as example data
objects. escrow objects.
4.1. Date and Time 4.1. Date and Time
Numerous fields indicate "dates", such as the creation and expiry Numerous fields indicate "dates", such as the creation and expiry
dates for objects. These fields SHALL contain timestamps indicating dates for objects. These fields SHALL contain timestamps indicating
the date and time in UTC, specified in Internet Date/Time Format (see the date and time in UTC, specified in Internet Date/Time Format (see
[RFC3339], Section 5.6) with the time-offset specified as "Z". [RFC3339], Section 5.6) with the time-offset specified as "Z".
5. Protocol Description 5. Protocol Description
The following is a format for data escrow deposits as produced by a The following is a format for data escrow deposits as produced by a
registry. The deposits are represented in XML. Only the format of registry. The deposits are represented in XML. Only the format of
the objects deposited is defined, nothing is prescribed about the the objects deposited is defined. Nothing is prescribed about the
method used to transfer such deposits between the registry and the method used to transfer such deposits between the registry and the
escrow agent or vice versa. escrow agent or vice versa.
The protocol intends to be object agnostic allowing the "overload" of The protocol intends to be object agnostic allowing the "overload" of
abstract elements using the "substitutionGroup" attribute of the XML abstract elements using the "substitutionGroup" attribute of the XML
Schema element to define the actual elements of an object to be Schema element to define the actual elements of an object to be
escrowed. escrowed.
The specification for each object to be escrowed MUST declare the
identifier to be used to reference the object to be deleted or added/
modified.
5.1. Root element <deposit> 5.1. Root element <deposit>
The container or root element for a Registry Data Escrow deposit is The container or root element for a Registry Data Escrow deposit is
<deposit>. <deposit>.
The <deposit> element contains the following attributes: The <deposit> element contains the following attributes:
o A REQUIRED "type" attribute that is used to identify the kind of o A REQUIRED "type" attribute that is used to identify the kind of
deposit: FULL (Full), INCR (Incremental) or DIFF (Differential). deposit:
* FULL: Full.
* INCR: Incremental.
* DIFF: Differential.
o A REQUIRED "id" attribute that is used to uniquely identify the o A REQUIRED "id" attribute that is used to uniquely identify the
escrow deposit. Each registry is responsible for maintaining its escrow deposit. Each registry is responsible for maintaining its
own escrow deposits' identifier space to ensure uniqueness. own escrow deposits' identifier space to ensure uniqueness.
o A "prevId" attribute that can be used to identify the previous o A "prevId" attribute that can be used to identify the previous
Incremental, Differential or Full Deposit. This attribute is Incremental, Differential or Full Deposit. This attribute is
REQUIRED in Differential Deposits ("DIFF" type), is OPTIONAL in REQUIRED in Differential Deposits ("DIFF" type), is OPTIONAL in
Incremental Deposits ("INCR" type), and is not used in Full Incremental Deposits ("INCR" type), and is not used in Full
Deposits ("FULL" type). Deposits ("FULL" type).
skipping to change at page 7, line 13 skipping to change at page 7, line 31
party and a new escrow deposit needs to be generated by the party and a new escrow deposit needs to be generated by the
registry for that specific date. The first time a deposit is registry for that specific date. The first time a deposit is
generated the attribute is either omitted or MUST be "0". If a generated the attribute is either omitted or MUST be "0". If a
deposit needs to be generated again, the attribute MUST be set to deposit needs to be generated again, the attribute MUST be set to
"1", and so on. "1", and so on.
The <deposit> element contains the following the child elements: The <deposit> element contains the following the child elements:
5.1.1. Child <watermark> element 5.1.1. Child <watermark> element
A REQUIRED <watermark> element contains the data-time corresponding A REQUIRED <watermark> element contains the date-time corresponding
to the Timeline Watermark of the deposit. to the Timeline Watermark of the deposit.
5.1.2. Child <rdeMenu> element 5.1.2. Child <rdeMenu> element
This element contains auxiliary information of the data escrow This element contains auxiliary information of the data escrow
deposit. deposit.
A REQUIRED <rdeMenu> element contains the following child elements: A REQUIRED <rdeMenu> element contains the following child elements:
o A REQUIRED <version> element that identifies the RDE protocol o A REQUIRED <version> element that identifies the RDE protocol
version, this value MUST be 1.0. version, this value MUST be 1.0.
o One or more <objURI> elements that contain namespace URIs o One or more <objURI> elements that contain namespace URIs
representing the <contents> and <deletes> element objects. representing the <contents> and <deletes> element objects.
5.1.3. Child <deletes> element 5.1.3. Child <deletes> element
This element SHOULD be present in deposits of type Incremental or For Differential Deposits, this element contains the list of objects
Differential. It contains the list of objects that were deleted that have been deleted since the previous deposit of any type. For
since the base previous deposit. Each object in this section SHALL Incremental Deposits, this element contains the list of objects that
contain an ID for the object deleted. have been deleted since the previous Full Deposit.
This section of the deposit MUST NOT be present in Full Deposits. This section of the deposit MUST NOT be present in Full Deposits.
When rebuilding a registry it MUST be ignored if present in a Full
Deposit.
The specification for each object to be escrowed MUST declare the
identifier to be used to reference the object to be deleted.
5.1.4. Child <contents> element 5.1.4. Child <contents> element
This element of the deposit contains the objects in the deposit. It For Full Deposits this element contains all objects. For
SHOULD be present in all type of deposits. It contains the data for Differential Deposits, this element contains the list of objects that
the objects to be escrowed. The actual objects have to be specified have been added or modified since the previous deposit of any type.
individually. For Incremental Deposits, this element contains the list of objects
that have been added or modified since the previous Full Deposit.
In the case of Incremental or Differential Deposits, the objects 5.2. Rebuilding the registry from data escrow deposits
indicate whether the object was added or modified after the base
previous deposit. In order to distinguish between one and the other,
it will be sufficient to check existence of the referenced object in
the previous deposit.
When applying Incremental or Differential Deposits (when rebuilding When applying Incremental or Differential Deposits (when rebuilding
the registry from data escrow deposits) the relative order of the the registry from data escrow deposits), the relative order of the
<deletes> elements is important, as is the relative order of the <deletes> and <contents> elements is important because dependencies
<contents> elements. All the <deletes> elements MUST be applied may exist between the objects. All the <deletes> elements MUST be
first, in the order that they appear. All the <contents> elements applied first, in the order that they appear. All the <contents>
MUST be applied next, in the order that they appear. elements MUST be applied next, in the order that they appear.
If an object is present in the <contents> section of several deposits If an object is present in the <contents> or <deletes> section of
(e.g. Full and Differential) the registry data from the latest several deposits (e.g. Full and Differential) the registry data from
deposit (as defined by the Timeline Watermark) SHOULD be used when the latest deposit (as defined by the Timeline Watermark) SHOULD be
rebuilding the registry. used when rebuilding the registry. An object SHOULD NOT exist
multiple times either in the <contents> or <deletes> elements in a
single deposit.
When rebuilding a registry, the <deletes> section MUST be ignored if
present in a Full Deposit.
6. Formal Syntax 6. Formal Syntax
RDE is specified in XML Schema notation. The formal syntax presented
here is a complete schema representation of RDE suitable for
automated validation of RDE XML instances.
The BEGIN and END tags are not part of the schema; they are used to
note the beginning and ending of the schema for URI registration
purposes.
6.1. RDE Schema 6.1. RDE Schema
BEGIN BEGIN
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<schema targetNamespace="urn:ietf:params:xml:ns:rde-1.0" <schema targetNamespace="urn:ietf:params:xml:ns:rde-1.0"
xmlns:rde="urn:ietf:params:xml:ns:rde-1.0" xmlns:rde="urn:ietf:params:xml:ns:rde-1.0"
xmlns="http://www.w3.org/2001/XMLSchema" xmlns="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"> elementFormDefault="qualified">
<annotation> <annotation>
<documentation> <documentation>
Registry Data Escrow schema Registry Data Escrow schema
</documentation> </documentation>
</annotation> </annotation>
<!-- Root element --> <!-- Root element -->
<element name="deposit" type="rde:escrowDepositType"/> <element name="deposit" type="rde:escrowDepositType"/>
<!-- RDE types --> <!-- RDE types -->
skipping to change at page 10, line 18 skipping to change at page 10, line 39
</simpleType> </simpleType>
<!-- A RDE version number is a dotted pair of decimal numbers --> <!-- A RDE version number is a dotted pair of decimal numbers -->
<simpleType name="versionType"> <simpleType name="versionType">
<restriction base="token"> <restriction base="token">
<pattern value="[1-9]+\.[0-9]+"/> <pattern value="[1-9]+\.[0-9]+"/>
<enumeration value="1.0"/> <enumeration value="1.0"/>
</restriction> </restriction>
</simpleType> </simpleType>
<!-- Auxiliary element to identify a registrar -->
<simpleType name="clIDType">
<restriction base="token">
<minLength value="3"/>
<maxLength value="16"/>
</restriction>
</simpleType>
<complexType name="rrType">
<simpleContent>
<extension base="rde:clIDType">
<attribute name="client" type="rde:clIDType"/>
</extension>
</simpleContent>
</complexType>
</schema> </schema>
END END
7. Internationalization Considerations 7. Internationalization Considerations
Data escrow deposits are represented in XML, which provides native Data escrow deposits are represented in XML, which provides native
support for encoding information using the Unicode character set and support for encoding information using the Unicode character set and
its more compact representations including UTF-8. Conformant XML its more compact representations including UTF-8. Conformant XML
processors recognize both UTF-8 and UTF-16. Though XML includes processors recognize both UTF-8 and UTF-16. Though XML includes
provisions to identify and use other character encodings through use provisions to identify and use other character encodings through use
skipping to change at page 11, line 9 skipping to change at page 11, line 15
8. IANA Considerations 8. IANA Considerations
This document uses URNs to describe XML namespaces and XML schemas This document uses URNs to describe XML namespaces and XML schemas
conforming to a registry mechanism described in [RFC3688]. Two URI conforming to a registry mechanism described in [RFC3688]. Two URI
assignments have been registered by the IANA. assignments have been registered by the IANA.
Registration request for the RDE namespace: Registration request for the RDE namespace:
URI: urn:ietf:params:xml:ns:rde-1.0 URI: urn:ietf:params:xml:ns:rde-1.0
Registrant Contact: IETF <regext@ietf.org> Registrant Contact: IESG <regext@ietf.org>
Note to RFC Editor: Please remove the email address from the RFC
after IANA records it.
XML: None. Namespace URIs do not represent an XML specification. XML: None. Namespace URIs do not represent an XML specification.
Registration request for the RDE XML schema: Registration request for the RDE XML schema:
URI: urn:ietf:params:xml:schema:rde-1.0 URI: urn:ietf:params:xml:schema:rde-1.0
Registrant Contact: IETF <regext@ietf.org> Registrant Contact: IESG <regext@ietf.org>
Note to RFC Editor: Please remove the email address from the RFC
after IANA records it.
See the "Formal Syntax" section of this document. See the "Formal Syntax" section of this document.
9. Implementation Status 9. Implementation Status
Note to RFC Editor: Please remove this section and the reference to Note to RFC Editor: Please remove this section and the reference to
RFC 7942 [RFC7942] before publication. RFC 7942 [RFC7942] before publication.
This section records the status of known implementations of the This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this protocol defined by this specification at the time of posting of this
skipping to change at page 12, line 40 skipping to change at page 12, line 51
registry from deposits without intervention from the original registry from deposits without intervention from the original
registry. registry.
Depending on local policies, some elements or, most likely, the whole Depending on local policies, some elements or, most likely, the whole
deposit will be considered confidential. As such, the registry deposit will be considered confidential. As such, the registry
transmitting the data to the escrow agent SHOULD take all the transmitting the data to the escrow agent SHOULD take all the
necessary precautions such as encrypting the data itself and/or the necessary precautions such as encrypting the data itself and/or the
transport channel to avoid inadvertent disclosure of private data. transport channel to avoid inadvertent disclosure of private data.
Authentication of the parties passing data escrow deposit files is Authentication of the parties passing data escrow deposit files is
also of the utmost importance. The escrow agent SHOULD properly also of the utmost importance. The escrow agent MUST properly
authenticate the identity of the registry before accepting data authenticate the identity of the registry before accepting data
escrow deposits. In a similar manner, the registry SHOULD escrow deposits. In a similar manner, the registry MUST authenticate
authenticate the identity of the escrow agent before submitting any the identity of the escrow agent before submitting any data.
data.
Additionally, the registry and the escrow agent SHOULD use integrity Additionally, the registry and the escrow agent MUST use integrity
checking mechanisms to ensure the data transmitted is what the source checking mechanisms to ensure the data transmitted is what the source
intended. Validation of the contents by the escrow agent is intended. Validation of the contents by the escrow agent is
RECOMMENDED to ensure not only that the file was transmitted RECOMMENDED to ensure not only that the file was transmitted
correctly from the registry, but also that the contents are correctly from the registry, but also that the contents are
"meaningful". "meaningful".
Note: if Transport Layer Security (TLS) is used when providing an
escrow services, the recommendations in [RFC7525] MUST be
implemented.
11. Privacy Considerations 11. Privacy Considerations
This specification defines a format that may be used to escrow This specification defines a format that may be used to escrow
personal data. The process of data escrow is governed by a legal personal data. The process of data escrow is governed by a legal
document agreed by the parties, and such legal document must regulate document agreed by the parties, and such legal document must ensure
the particularities regarding the protection of personal data. that privacy-sensitive and/or personal data receives the required
protection.
12. Acknowledgments 12. Acknowledgments
Special suggestions that have been incorporated into this document Special suggestions that have been incorporated into this document
were provided by James Gould, Edward Lewis, Jaap Akkerhuis, Lawrence were provided by James Gould, Edward Lewis, Jaap Akkerhuis, Lawrence
Conroy, Marc Groeneweg, Michael Young, Chris Wright, Patrick Mevzek, Conroy, Marc Groeneweg, Michael Young, Chris Wright, Patrick Mevzek,
Stephen Morris, Scott Hollenbeck, Stephane Bortzmeyer, Warren Kumari, Stephen Morris, Scott Hollenbeck, Stephane Bortzmeyer, Warren Kumari,
Paul Hoffman, Vika Mpisane, Bernie Hoeneisen, Jim Galvin, Andrew Paul Hoffman, Vika Mpisane, Bernie Hoeneisen, Jim Galvin, Andrew
Sullivan, Hiro Hotta, Christopher Browne, Daniel Kalchev, David Sullivan, Hiro Hotta, Christopher Browne, Daniel Kalchev, David
Conrad, James Mitchell, Francisco Obispo, Bhadresh Modi and Alexander Conrad, James Mitchell, Francisco Obispo, Bhadresh Modi and Alexander
skipping to change at page 17, line 31 skipping to change at page 17, line 43
2. Text added to define that version MUST be 1.0. 2. Text added to define that version MUST be 1.0.
3. Normative SHOULD replaced should in the second paragraph in the 3. Normative SHOULD replaced should in the second paragraph in the
security section. security section.
13.19. Changes from version REGEXT 06 to REGEXT 07 13.19. Changes from version REGEXT 06 to REGEXT 07
1. Registration contact changed in section 8. 1. Registration contact changed in section 8.
13.20. Changes from version REGEXT 07 to REGEXT 08
1. Changes based on the feedback provided here:
https://mailarchive.ietf.org/arch/msg/regext/hDLz2ym4oR-ukA4Fm-
QJ8FzaxxE
2. Changes based on the feedback provided here:
https://mailarchive.ietf.org/arch/msg/regext/780Xw-
z1RMRb79nmZ6ABmRTo1fU
3. Changes based on the feedback provided here:
https://mailarchive.ietf.org/arch/msg/regext/
YnPnrSedrCcgQ2AXbjBTuQzqMds
4. Changes based on the feedback provided here:
https://mailarchive.ietf.org/arch/msg/regext/
BiV0NHi_k7cYwTiLdLwVgqEcFuo
14. Example of a Full Deposit 14. Example of a Full Deposit
Example of a Full Deposit with the two example objects rdeObj1 and Example of a Full Deposit with the two example objects rdeObj1 and
rdeObj2: rdeObj2:
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rde:deposit <rde:deposit
xmlns:rde="urn:ietf:params:xml:ns:rde-1.0" xmlns:rde="urn:ietf:params:xml:ns:rde-1.0"
xmlns:rdeObj1="urn:ietf:params:xml:ns:rdeObj1-1.0" xmlns:rdeObj1="urn:example:params:xml:ns:rdeObj1-1.0"
xmlns:rdeObj2="urn:ietf:params:xml:ns:rdeObj2-1.0" xmlns:rdeObj2="urn:example:params:xml:ns:rdeObj2-1.0"
type="FULL" type="FULL"
id="20191017001"> id="20191018001">
<rde:watermark>2019-10-18T00:00:00Z</rde:watermark> <rde:watermark>2019-10-17T23:59:59Z</rde:watermark>
<rde:rdeMenu> <rde:rdeMenu>
<rde:version>1.0</rde:version> <rde:version>1.0</rde:version>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj1-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj1-1.0</rde:objURI>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj2-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj2-1.0</rde:objURI>
</rde:rdeMenu> </rde:rdeMenu>
<rde:contents> <rde:contents>
<rdeObj1:rdeObj1> <rdeObj1:rdeObj1>
<rdeObj1:name>EXAMPLE</rdeObj1:name> <rdeObj1:name>EXAMPLE</rdeObj1:name>
</rdeObj1:rdeObj1> </rdeObj1:rdeObj1>
<rdeObj2:rdeObj2> <rdeObj2:rdeObj2>
<rdeObj2:id>fsh8013-EXAMPLE</rdeObj2:id> <rdeObj2:id>fsh8013-EXAMPLE</rdeObj2:id>
</rdeObj2:rdeObj2> </rdeObj2:rdeObj2>
</rde:contents> </rde:contents>
</rde:deposit> </rde:deposit>
15. Example of a Differential Deposit 15. Example of a Differential Deposit
Example of a Differential Deposit with the two example objects Example of a Differential Deposit with the two example objects
rdeObj1 and rdeObj2: rdeObj1 and rdeObj2:
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rde:deposit <rde:deposit
xmlns:rde="urn:ietf:params:xml:ns:rde-1.0" xmlns:rde="urn:ietf:params:xml:ns:rde-1.0"
xmlns:rdeObj1="urn:ietf:params:xml:ns:rdeObj1-1.0" xmlns:rdeObj1="urn:example:params:xml:ns:rdeObj1-1.0"
xmlns:rdeObj2="urn:ietf:params:xml:ns:rdeObj2-1.0" xmlns:rdeObj2="urn:example:params:xml:ns:rdeObj2-1.0"
type="DIFF" type="DIFF"
id="20191017001" prevId="20191016001"> id="20191019001" prevId="20191018001">
<rde:watermark>2019-10-18T00:00:00Z</rde:watermark> <rde:watermark>2019-10-18T23:59:59Z</rde:watermark>
<rde:rdeMenu> <rde:rdeMenu>
<rde:version>1.0</rde:version> <rde:version>1.0</rde:version>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj1-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj1-1.0</rde:objURI>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj2-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj2-1.0</rde:objURI>
</rde:rdeMenu> </rde:rdeMenu>
<rde:contents> <rde:contents>
<rdeObj1:rdeObj1> <rdeObj1:rdeObj1>
<rdeObj1:name>EXAMPLE2</rdeObj1:name> <rdeObj1:name>EXAMPLE2</rdeObj1:name>
</rdeObj1:rdeObj1> </rdeObj1:rdeObj1>
<rdeObj2:rdeObj2> <rdeObj2:rdeObj2>
<rdeObj2:id>sh8014-EXAMPLE</rdeObj2:id> <rdeObj2:id>sh8014-EXAMPLE</rdeObj2:id>
</rdeObj2:rdeObj2> </rdeObj2:rdeObj2>
</rde:contents> </rde:contents>
</rde:deposit> </rde:deposit>
16. Example of a Incremental Deposit 16. Example of a Incremental Deposit
Example of an Incremental Deposit with the two example objects Example of an Incremental Deposit with the two example objects
rdeObj1 and rdeObj2: rdeObj1 and rdeObj2:
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<rde:deposit <rde:deposit
xmlns:rde="urn:ietf:params:xml:ns:rde-1.0" xmlns:rde="urn:ietf:params:xml:ns:rde-1.0"
xmlns:rdeObj1="urn:ietf:params:xml:ns:rdeObj1-1.0" xmlns:rdeObj1="urn:example:params:xml:ns:rdeObj1-1.0"
xmlns:rdeObj2="urn:ietf:params:xml:ns:rdeObj2-1.0" xmlns:rdeObj2="urn:example:params:xml:ns:rdeObj2-1.0"
type="INCR" type="INCR"
id="20191017001" prevId="20191010001"> id="20200317001" prevId="20200314001">
<rde:watermark>2019-10-18T00:00:00Z</rde:watermark> <rde:watermark>2020-03-16T23:59:59Z</rde:watermark>
<rde:rdeMenu> <rde:rdeMenu>
<rde:version>1.0</rde:version> <rde:version>1.0</rde:version>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj1-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj1-1.0</rde:objURI>
<rde:objURI>urn:ietf:params:xml:ns:rdeObj2-1.0</rde:objURI> <rde:objURI>urn:example:params:xml:ns:rdeObj2-1.0</rde:objURI>
</rde:rdeMenu> </rde:rdeMenu>
<rde:deletes> <rde:deletes>
<rdeObj1:delete> <rdeObj1:delete>
<rdeObj1:name>EXAMPLE1</rdeObj1:name> <rdeObj1:name>EXAMPLE1</rdeObj1:name>
</rdeObj1:delete> </rdeObj1:delete>
<rdeObj2:delete> <rdeObj2:delete>
<rdeObj2:id>fsh8013-EXAMPLE</rdeObj2:id> <rdeObj2:id>fsh8013-EXAMPLE</rdeObj2:id>
</rdeObj2:delete> </rdeObj2:delete>
</rde:deletes> </rde:deletes>
<rde:contents> <rde:contents>
skipping to change at page 21, line 28 skipping to change at page 21, line 28
xmlschema-1-20041028", October 2004, xmlschema-1-20041028", October 2004,
<https://www.w3.org/TR/2004/REC-xmlschema-1-20041028/>. <https://www.w3.org/TR/2004/REC-xmlschema-1-20041028/>.
[W3C.REC-xmlschema-2-20041028] [W3C.REC-xmlschema-2-20041028]
Biron, P. and A. Malhotra, "XML Schema Part 2: Datatypes Biron, P. and A. Malhotra, "XML Schema Part 2: Datatypes
Second Edition REC-xmlschema-2-20041028", October 2004, Second Edition REC-xmlschema-2-20041028", October 2004,
<https://www.w3.org/TR/2004/REC-xmlschema-2-20041028/>. <https://www.w3.org/TR/2004/REC-xmlschema-2-20041028/>.
17.2. Informative References 17.2. Informative References
[ICANN-GTLD-RA-20170731]
ICANN, "Base Registry Agreement 2017-07-31", July 2017,
<https://newgtlds.icann.org/sites/default/files/
agreements/agreement-approved-31jul17-en.pdf>.
[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
DOI 10.17487/RFC3688, January 2004, DOI 10.17487/RFC3688, January 2004,
<https://www.rfc-editor.org/info/rfc3688>. <https://www.rfc-editor.org/info/rfc3688>.
[RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre,
"Recommendations for Secure Use of Transport Layer
Security (TLS) and Datagram Transport Layer Security
(DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May
2015, <https://www.rfc-editor.org/info/rfc7525>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205, Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016, RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>. <https://www.rfc-editor.org/info/rfc7942>.
Author's Address Author's Address
Gustavo Lozano Gustavo Lozano
Internet Corporation for Assigned Names and Numbers Internet Corporation for Assigned Names and Numbers
12025 Waterfront Drive, Suite 300 12025 Waterfront Drive, Suite 300
Los Angeles 90292 Los Angeles 90292
United States of America United States of America
Phone: +1.310.823.9358 Phone: +1.310.823.9358
Email: gustavo.lozano@icann.org Email: gustavo.lozano@icann.org
 End of changes. 50 change blocks. 
104 lines changed or deleted 149 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/