draft-ietf-repute-media-type-01.txt   draft-ietf-repute-media-type-02.txt 
REPUTE Working Group N. Borenstein REPUTE Working Group N. Borenstein
Internet-Draft Mimecast Internet-Draft Mimecast
Intended status: Standards Track M. Kucherawy Intended status: Standards Track M. Kucherawy
Expires: July 16, 2012 Cloudmark Expires: October 8, 2012 Cloudmark
January 13, 2012 April 6, 2012
A Media Type for Reputation Interchange A Media Type for Reputation Interchange
draft-ietf-repute-media-type-01 draft-ietf-repute-media-type-02
Abstract Abstract
This document defines a media type for exchanging reputation This document defines a media type for exchanging reputation
information about an arbitrary class of object. information about an arbitrary class of object.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 16, 2012. This Internet-Draft will expire on October 8, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology and Definitions . . . . . . . . . . . . . . . . . 3 2. Terminology and Definitions . . . . . . . . . . . . . . . . . 3
2.1. Keywords . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Key Words . . . . . . . . . . . . . . . . . . . . . . . . 3
2.2. Other Definitions . . . . . . . . . . . . . . . . . . . . 3 2.2. Other Definitions . . . . . . . . . . . . . . . . . . . . 3
3. Description . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Description . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.1. XML Schema . . . . . . . . . . . . . . . . . . . . . . . . 6 3.1. Reputon Keys . . . . . . . . . . . . . . . . . . . . . . . 4
3.2. Example Reply . . . . . . . . . . . . . . . . . . . . . . 7 3.2. Reputon Structure . . . . . . . . . . . . . . . . . . . . 5
3.3. Example Reply . . . . . . . . . . . . . . . . . . . . . . 6
4. Scores . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4. Scores . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
5.1. application/reputon Media Type Registration . . . . . . . 8 5.1. application/reputon Media Type Registration . . . . . . . 8
5.2. Reputation Applications Registry . . . . . . . . . . . . . 9 5.2. Reputation Applications Registry . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 6. Security Considerations . . . . . . . . . . . . . . . . . . . 11
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
7.1. Normative References . . . . . . . . . . . . . . . . . . . 11 7.1. Normative References . . . . . . . . . . . . . . . . . . . 11
7.2. Informative References . . . . . . . . . . . . . . . . . . 11 7.2. Informative References . . . . . . . . . . . . . . . . . . 11
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 11 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 12
Appendix B. Public Discussion . . . . . . . . . . . . . . . . . . 12 Appendix B. Public Discussion . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
This memo defines a media type for use when answering a reputation This document defines a media type for use when answering a
query using the "long form" query defined in [I-D.REPUTE-QUERY-HTTP], reputation query using the "long form" query defined in
which uses [HTTP]. It is part of a series defining the overall [I-D.REPUTE-QUERY-HTTP], which uses [HTTP].
reputation query/response structure as well as the concept of
reputation "vocabularies" for particular applications.
Also included is the specification for an IANA registry to contain Also included is the specification for an IANA registry to contain
definitions and symbolic names for known reputation vocabularies. definitions and symbolic names for known reputation applications and
corresponding response sets.
2. Terminology and Definitions 2. Terminology and Definitions
This section defines terms used in the rest of the document. This section defines terms used in the rest of the document.
2.1. Keywords 2.1. Key Words
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [KEYWORDS]. document are to be interpreted as described in [KEYWORDS].
2.2. Other Definitions 2.2. Other Definitions
Other terms of importance in this memo are defined in Other terms of importance in this document are defined in
[I-D.REPUTE-MODEL], the base memo in this document series. [I-D.REPUTE-MODEL], the base document in this document series.
3. Description 3. Description
A new media type, "application/reputon", is defined for the A "reputon" is a single independent object containing reputation
information. A particular query about a subject of interest will
receive one or more reputons in response, depending on the nature of
the data collected and reported by the server.
The format selected for the representaton of a reputon is Javascript
Object Notation (JSON), defined in [JSON]. Accordingly, a new media
type, "application/reputon+json", is defined for the JSON
representation of reputational data, typically in response to a representation of reputational data, typically in response to a
client making a request for such data about some subject. This media client making a request for such data about some subject. This media
type has one optional parameter, "app", which conveys the specific type has one optional parameter, "app", which defines the specific
application of reputation data in use, and may extend the set of data reputation application in whose context the query is made and the
values that can be included in the media object itself. response returned. If absent, a generic reputation query is assumed
for which only a simple reply is allowed.
The body of the media type consists of an Extended Markup Language The body of the media type consists of a JSON document that contains
(XML) document that contains the reputation information requested. the reputation information requested. A detailed description of the
An XML schema is included in a later section of this document. expected structure of the reply is provided below.
3.1. Reputon Keys
The key pieces of data found in a reputon for all reputation The key pieces of data found in a reputon for all reputation
applications are defined as follows: applications are defined as follows:
RATER: The identity of the entity providing the reputation RATER: The identity of the entity providing the reputation
information, generally expressed as a DNS domain name. information, typically expressed as a DNS domain name.
ASSERTION: A keyword indicating the specific assertion or claim ASSERTION: A keyword indicating the specific assertion or claim
being rated. In the absence of an "app" parameter, the reputon being rated. In the absence of an "app" parameter on the media
can only indicate generic goodness, with the default assertion type, the reputon can only indicate generic goodness, with the
"IS-GOOD," but each application is expected to define additional default assertion "IS-GOOD," but each application is expected to
ASSERTIONs. define additional ASSERTIONs.
RATED: The identity of the entity being rated. RATED: The identity of the entity being rated. The nature of this
field is application-specific; it could be domain names, email
addresses, driver's license numbers, or anything that uniquely
identifies the entity being rated. Documents that define specific
reputation applications are required to define syntax and
semantics for this field.
RATING: The overall rating score for that entity, expressed as a RATING: The overall rating score for that entity, expressed as a
floating-point number between 0.0 and 1.0 inclusive. See floating-point number between 0.0 and 1.0 inclusive. See
Section 4 for discussion. Section 4 for discussion.
The following are OPTIONAL for all applications, to be used in The following are OPTIONAL for all applications, to be used in
contexts where they are appropriate: contexts where they are appropriate:
CONFIDENCE: The level of confidence the reputation provider has in CONFIDENCE: The level of confidence the reputation provider has in
the value presented being accurate, expressed as a floating-point the value presented being accurate, expressed as a floating-point
number between 0.0 and 1.0 inclusive. number between 0.0 and 1.0 inclusive.
EXTENSION: Contains application-specific extension data. It MUST
NOT be present unless the reputon was introduced using the "app"
parameter to identify a specific reputation application. Valid
values are established by registration of application-specific
extensions with IANA (see Section 5.2).
RATER-AUTHENTICITY: The level of confidence in that identity being RATER-AUTHENTICITY: The level of confidence in that identity being
genuine, expressed as a floating-point number between 0.0 and 1.0 genuine, expressed as a floating-point number between 0.0 and 1.0
inclusive. inclusive.
SAMPLE-SIZE: The number of data points used to compute that score, SAMPLE-SIZE: The number of data points used to compute that score,
possibly an approximation. Expressed as an unsigned 64-bit possibly an approximation. Expressed as an unsigned 64-bit
integer. The units are deliberately not specified, since not all integer. The units are deliberately not specified, since not all
reputation service providers will collect data the same way. reputation service providers will collect data the same way.
Consumers will need to determine out-of-band the units being Consumers will need to determine out-of-band the units being
reported and apply this value accordingly within their local reported and apply this value accordingly within their local
policies. policies.
UPDATED: A timestamp indicating when this value was generated. UPDATED: A timestamp indicating when this value was generated.
Expressed as the number of seconds since January 1, 1970 00:00 Expressed as the number of seconds since January 1, 1970 00:00
UTC. UTC.
A particular application that registers itself with IANA MAY also A particular application that registers itself with IANA MAY also
define extension attribute/value pairs beyond these standard ones. define additional application-specific attribute/value pairs beyond
these standard ones.
Thus, the following simple example (using simple text rather than XML Further, particular application service providers MAY provide local
for brevity): extensions to registered applications. Syntax for these will need to
be specified and accommodated privately between clients and servers.
Content-type: application/reputon 3.2. Reputon Structure
RATER: RatingsRUs.example.com A reputon expressed in JSON consists of an object that itself
RATER-AUTHENTICITY: 1.0 contains zero or more objects whose names are "reputon". Each
ASSERTION: IS-GOOD reputon object is a set of key-value pairs, where the keys are the
RATED: Alex Rodriguez names of particular properties that comprise a reputon (as listed
RATING: 0.99 above, or as provided with specific applications), and values are the
SAMPLE-SIZE: 50000 content associated with those keys. The set of keys that make up a
reputon within a given application are known as that application's
"response set".
Thus, the following simple example:
Content-type: application/reputon+json
{
"reputon":
{
"rater": "RatingsRUs.example.com",
"rater-authenticity": 1.0,
"assertion": "IS-GOOD",
"rated": "Alex Rodriguez",
"rating": 0.99,
"sample-size": 50000
}
}
...indicates we are absolutely sure (1.0) that the entity ...indicates we are absolutely sure (1.0) that the entity
"RatingsRUs.example.com" consolidated 50000 data points (perhaps from "RatingsRUs.example.com" consolidated 50000 data points (perhaps from
everyone in Yankee Stadium) and concluded that Alex Rodriguez is very everyone in Yankee Stadium) and concluded that Alex Rodriguez is very
very good (0.99) at something. It doesn't tell us what he's good at, very good (0.99) at something. It doesn't tell us what he's good at,
and while it might be playing baseball, it could just as well be and while it might be playing baseball, it could just as well be
paying his taxes on time. paying his taxes on time.
A more sophisticated usage would define a baseball application with a A more sophisticated usage would define a baseball application with a
vocabulary of specific assertions, so that this example: response set of specific assertions, so that this example:
Content-type: application/reputon; app="baseball" Content-type: application/reputon+json; app="baseball"
RATER: baseball-reference.example.com {
RATER-AUTHENTICITY: 1.0 "reputon":
ASSERTION: HITS-FOR-POWER {
RATED: Alex Rodriguez "rater": "baseball-reference.example.com",
RATING: 0.99 "rater-authenticity": 1.0,
SAMPLE-SIZE: 50000 "assertion": "HITS-FOR-POWER",
"rated": "Alex Rodriguez",
"rating": 0.99,
"sample-size": 50000
}
}
...would indicate that 50000 fans polled by the entity baseball- ...would indicate that 50000 fans polled by the entity baseball-
reference.example.com rate A-Rod very highly in hitting for power, reference.example.com rate A-Rod very highly in hitting for power,
whereas this example: whereas this example:
Content-type: application/reputon; app="baseball" Content-type: application/reputon+json; app="baseball"
RATER: baseball-reference.example.com {
RATER-AUTHENTICITY: 1.0 "reputon":
ASSERTION: CLUTCH-HITTER {
RATED: Alex Rodriguez "RATER": "baseball-reference.example.com",
RATING: 0.4 "RATER-AUTHENTICITY": 1.0,
SAMPLE-SIZE: 50000 "ASSERTION": "CLUTCH-HITTER",
"RATED": "Alex Rodriguez",
"RATING": 0.4,
"SAMPLE-SIZE": 50000
}
}
...would indicate that a similar poll indicated a somewhat weaker ...would indicate that a similar poll indicated a somewhat weaker
consensus that A-Rod tends to choke in critical baseball situations. consensus that A-Rod tends to choke in critical baseball situations.
In practice, most usage of reputons is expected to make use of the In practice, most usage of reputons is expected to make use of the
"app" parameter to target an application-specific set of assertions. "app" parameter to target an application-specific set of assertions.
3.1. XML Schema 3.3. Example Reply
The following XML schema describes the format of the reply:
<?xml version="1.0" encoding="ISO-8859-1" ?%gt;
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
<!-- definition of local types -->
<xs:simpleType name="exttype">
<xs:restriction base="xs:token">
<xs:pattern value="\w+(-\w*)*:\s?[\w\p{P}]+"/>
<xs:/restriction>
<xs:/simpleType>
<!-- definition of simple elements -->
<xs:element name="rater" type="xs:token"/>
<xs:element name="rater-authenticity" type="xs:decimal"/>
<xs:element name="assertion" type="xs:token"/>
<xs:element name="extension" type="exttype"/>
<xs:element name="rated" type="xs:token"/>
<xs:element name="rating" type="xs:decimal"/>
<xs:element name="confidence" type="xs:decimal"/>
<xs:element name="sample-size" type="xs:positiveInteger"/>
<xs:element name="updated" type="xs:positiveInteger"/>
<!-- definition of complex elements -->
<xs:complexType name="assertiontype">
<xs:sequence>
<xs:element ref="rater" minOccurs="1"/>
<xs:element ref="rater-authenticity" minOccurs="1"/>
<xs:element ref="assertion" minOccurs="1"/>
<xs:element ref="extension"/>
<xs:element ref="rated" minOccurs="1"/>
<xs:element ref="rating" minOccurs="1"/>
<xs:element ref="confidence" minOccurs="1"/>
<xs:element ref="sample-size" minOccurs="1"/>
<xs:element ref="updated" minOccurs="1"/>
<xs:/sequence>
<xs:/complexType>
<xs:complexType name="reporttype">
<xs:sequence>
<xs:element name="reputon" type="assertiontype"
maxOccurs="unbounded" minOccurs="1"/>
<xs:/sequence>
<xs:/complexType>
<xs:element name="reputation" type="reporttype"/>
</xs:schema>
3.2. Example Reply
The following is an example reputon generated using this schema, The following is an example reputon generated using this schema,
including the media type definition line: including the media type definition line:
Content-Type: application/reputon; app="email" Content-Type: application/reputon+json; app="email-id"
<?xml version="1.0" encoding="US-ASCII"?>
<reputation> {
<reputon> "reputon":
<rater>rep.example.net</rater> {
<rater-authenticity>0.95</rater-authenticity> "rater": "rep.example.net",
<assertion>SENDS-SPAM</assertion> "rater-authenticity": 0.95,
<extension>IDENTITY: DKIM</extension> "assertion": "SPAM",
<rated>example.com</rated> "identity": "DKIM",
<rating>0.0012</rating> "rated": "example.com",
<sample-size>16938213</sample-size> "rating": 0.012,
<updated>1317795852</updated> "sample-size": 16938213,
</reputon> "updated": 1317795852
</reputation> }
}
Here, reputation agent "rep.example.net" is asserting within the Here, reputation agent "rep.example.net" is asserting within the
context of email that "example.com" appears to send spam 1.2% of the context of the "email-id" application that "example.com" appears to
time, based on just short of 17 million messages analyzed or reported be associated with spam 1.2% of the time, based on just short of 17
to date. The identity "example.com", the subject of the query, is million messages analyzed or reported to date. The "email-id"
extracted from the analyzed messages using the [DKIM] "d=" parameter application has declared the extension key "identity" to indicate how
for messages where signatures validate. The reputation agent is 95% the subject identifier was used in the observed data, establishing
confident of this result. (See [I-D.REPUTE-EMAIL-IDENTIFIERS] for some more specific semantics for the "rating" value. In this case,
details about the registered email identifiers vocabulary.) the extension is used to show the identity "example.com", the subject
of the query, is extracted from the analyzed messages using the
[DKIM] "d=" parameter for messages where signatures validate. The
reputation agent is 95% confident of this result. (See
[I-D.REPUTE-EMAIL-IDENTIFIERS] for details about the registered email
identifiers application.)
4. Scores 4. Scores
The score presented as the value in the RATING parameter appears as a The score presented as the value in the RATING parameter appears as a
floating point value between 0.0 and 1.0 inclusive. The intent is floating point value between 0.0 and 1.0 inclusive. The intent is
that the definition of an assertion within an application will that the definition of an assertion within an application will
declare what the anchor values 0.0 and 1.0 specifically mean. declare what the anchor values 0.0 and 1.0 specifically mean.
Generally speaking, 1.0 implies full agreement with the assertion, Generally speaking, 1.0 implies full agreement with the assertion,
while 0.0 indicates no support for the assertion. while 0.0 indicates no support for the assertion.
skipping to change at page 8, line 10 skipping to change at page 8, line 7
generating scores, to which all reputation service providers for that generating scores, to which all reputation service providers for that
application space must adhere. This will allow a client to change application space must adhere. This will allow a client to change
which reputation service provider is being queried for a given which reputation service provider is being queried for a given
without having to learn through some out-of-band method what the new without having to learn through some out-of-band method what the new
provider's values mean. For example, a registration might state that provider's values mean. For example, a registration might state that
ratings are linear, which would mean a score of "x" is twice as ratings are linear, which would mean a score of "x" is twice as
strong as a value of "x/2". strong as a value of "x/2".
5. IANA Considerations 5. IANA Considerations
This memo presents two actions for IANA, namely the creation of the This document presents two actions for IANA, namely the creation of
new media type "application/reputon" and the creation of a registry the new media type "application/reputon+json" and the creation of a
for reputation application types. Another memo in this series registry for reputation application types. Another document in this
creates an initial registry entry for the latter. series creates an initial registry entry for the latter.
5.1. application/reputon Media Type Registration 5.1. application/reputon Media Type Registration
This section provides the media type registration application from This section provides the media type registration application from
[MIME-REG] for processing by IANA: [MIME-REG] for processing by IANA:
To: ietf-types@iana.org To: ietf-types@iana.org
Subject: Registration of media type application/reputon Subject: Registration of media type application/reputon
Type name: application Type name: application
Subtype name: reputon Subtype name: reputon+json
Required parameters: none Required parameters: none
Optional parameters: Optional parameters:
app: Names the reputation application in use within the reputon, app: Names the reputation application in use within the reputon,
which defines the valid assertions and any extensions that may which defines the valid assertions and any extensions that may
also be valid (i.e., the vocabulary) for that application. also be valid (i.e., the response set) for that application.
These MUST be registered with IANA. These MUST be registered with IANA.
Encoding considerations: "7bit" encoding is sufficient and MUST be Encoding considerations: "7bit" encoding is sufficient and MUST be
used to maintain readability when viewed by non-MIME mail readers. used to maintain readability when viewed by non-MIME mail readers.
Security considerations: See Section 6 of [this document]. Security considerations: See Section 6 of [this document].
Interoperability considerations: Implementers MUST ignore any "app" Interoperability considerations: Implementers MUST ignore any "app"
values, attribute/value pairs, or vocabulary items they do not values, attribute/value pairs, or response set items they do not
support. support.
Published specification: [this document] Published specification: [this document]
Applications that use this media type: Any application that wishes Applications that use this media type: Any application that wishes
to query a service that provides reputation data using the "long to query a service that provides reputation data using the "long
form" defined in [I-D.REPUTE-QUERY-HTTP]. The example application form" defined in [I-D.REPUTE-QUERY-HTTP]. The example application
is one that provides reputation expressions about DNS domain names is one that provides reputation expressions about DNS domain names
found in email messages. found in email messages.
Additional information: The value of the "app" parameter MUST also Additional information: The value of the "app" parameter MUST also
be registered with IANA. be registered with IANA.
Person and email address to contact for further information: Person and email address to contact for further information:
skipping to change at page 9, line 33 skipping to change at page 9, line 28
Nathaniel Borenstein Nathaniel Borenstein
Murray S. Kucherawy Murray S. Kucherawy
Change controller: IESG Change controller: IESG
5.2. Reputation Applications Registry 5.2. Reputation Applications Registry
IANA is requested to create the "Reputation Applications" registry. IANA is requested to create the "Reputation Applications" registry.
This registry will contain names of applications used with the This registry will contain names of applications used with the
application/reputon media type, as defined by this memo. application/reputon+json media type (and other media types that carry
reputons), as defined by this document.
New registrations or updates MUST be published in accordance with the New registrations or updates MUST be published in accordance with the
"Specification Required" guidelines as described in "Specification Required" guidelines as described in
[IANA-CONSIDERATIONS]. [IANA-CONSIDERATIONS].
New registrations and updates MUST contain the following information: New registrations and updates MUST contain the following information:
1. Name of the application being registered or updated 1. Name of the application being registered or updated
2. Short description of the application (i.e., the class of entity 2. Short description of the application (i.e., the class of entity
skipping to change at page 10, line 12 skipping to change at page 10, line 7
4. New or updated status, which MUST be one of: 4. New or updated status, which MUST be one of:
current: The application is in current use current: The application is in current use
deprecated: The application is in current use but its use is deprecated: The application is in current use but its use is
discouraged discouraged
historic: The application is no longer in current use historic: The application is no longer in current use
5. An optional table of query parameters that are specific to this 5. A description of the subject of a query within this reputation,
and a legal syntax for the same
6. An optional table of query parameters that are specific to this
application; each table entry must include: application; each table entry must include:
Name: Name of the query parameter Name: Name of the query parameter
Status: (as above) Status: (as above)
Description: A short description of the purpose of this Description: A short description of the purpose of this
parameter parameter
Syntax: A reference to a description of valid syntax for the Syntax: A reference to a description of valid syntax for the
skipping to change at page 10, line 38 skipping to change at page 10, line 36
1. A list of one or more assertions registered within this 1. A list of one or more assertions registered within this
application; each table entry must include: application; each table entry must include:
Name: Name of the assertion Name: Name of the assertion
Description: A short description of the assertion, with specific Description: A short description of the assertion, with specific
meanings for values of 0.0 and 1.0 meanings for values of 0.0 and 1.0
Scale: A short description of the scale used in computing the Scale: A short description of the scale used in computing the
value (see Section 4 of this memo) value (see Section 4 of this document)
A document creating a reputation application MAY include:
1. A list of one or more response set extension keys for use within
this application; each table entry must include:
Name: Name of the extension key
Description: A short description of the key's intended meaning
Syntax: A description of valid values that can appear associated
with the key
6. Security Considerations 6. Security Considerations
This memo describes security considerations introduced by the media This section describes security considerations introduced by the
type defined here. media type and content syntax defined here.
[TBD] [TBD]
7. References 7. References
7.1. Normative References 7.1. Normative References
[I-D.REPUTE-MODEL] [I-D.REPUTE-MODEL]
Borenstein, N. and M. Kucherawy, "A Model for Reputation Borenstein, N. and M. Kucherawy, "A Model for Reputation
Interchange", I-D draft-kucherawy-reputation-model, Interchange", draft-ietf-repute-model (work in progress),
June 2011. June 2011.
[I-D.REPUTE-QUERY-HTTP] [I-D.REPUTE-QUERY-HTTP]
Borenstein, N. and M. Kucherawy, "Reputation Data Borenstein, N. and M. Kucherawy, "Reputation Data
Interchange using HTTP and XML", Interchange using HTTP and XML",
I-D draft-ietf-repute-query-http, November 2011. draft-ietf-repute-query-http (work in progress),
November 2011.
[JSON] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006.
[KEYWORDS] [KEYWORDS]
Bradner, S., "Key words for use in RFCs to Indicate Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
7.2. Informative References 7.2. Informative References
[DKIM] Crocker, D., Ed., Hansen, T., Ed., and M. Kucherawy, Ed., [DKIM] Crocker, D., Ed., Hansen, T., Ed., and M. Kucherawy, Ed.,
"DomainKeys Identified Mail (DKIM) Signatures", RFC 6376, "DomainKeys Identified Mail (DKIM) Signatures", RFC 6376,
September 2011. September 2011.
[HTTP] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [HTTP] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
[I-D.REPUTE-EMAIL-IDENTIFIERS] [I-D.REPUTE-EMAIL-IDENTIFIERS]
Borenstein, N. and M. Kucherawy, "A Reputation Vocabulary Borenstein, N. and M. Kucherawy, "A Reputation Vocabulary
for Email Identifiers", for Email Identifiers",
I-D draft-ietf-repute-email-identifiers, November 2011. draft-ietf-repute-email-identifiers (work in progress),
November 2011.
[IANA-CONSIDERATIONS] [IANA-CONSIDERATIONS]
Narten, T. and H. Alvestrand, "Guidelines for Writing an Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", RFC 5226, May 2008. IANA Considerations Section in RFCs", RFC 5226, May 2008.
[MIME-REG] [MIME-REG]
Freed, N. and J. Klensin, "Media Type Specifications and Freed, N. and J. Klensin, "Media Type Specifications and
Registration Procedures", RFC 4288, December 2005. Registration Procedures", RFC 4288, December 2005.
Appendix A. Acknowledgments Appendix A. Acknowledgments
The authors wish to acknowledge the contributions of the following to The authors wish to acknowledge the contributions of the following to
this specification: Frank Ellermann, Tony Hansen, Jeff Hodges, John this specification: Frank Ellermann, Tony Hansen, Jeff Hodges, John
Levine, David F. Skoll, and Mykyta Yevstifeyev. Levine, David F. Skoll, and Mykyta Yevstifeyev.
Appendix B. Public Discussion Appendix B. Public Discussion
Public discussion of this suite of memos takes place on the Public discussion of this suite of documents takes place on the
domainrep@ietf.org mailing list. See domainrep@ietf.org mailing list. See
https://www.ietf.org/mailman/listinfo/domainrep. https://www.ietf.org/mailman/listinfo/domainrep.
Authors' Addresses Authors' Addresses
Nathaniel Borenstein Nathaniel Borenstein
Mimecast Mimecast
203 Crescent St., Suite 303 203 Crescent St., Suite 303
Waltham, MA 02453 Waltham, MA 02453
USA USA
 End of changes. 45 change blocks. 
152 lines changed or deleted 167 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/