draft-ietf-weirds-rdap-query-07.txt   draft-ietf-weirds-rdap-query-08.txt 
Network Working Group A. Newton Network Working Group A. Newton
Internet-Draft ARIN Internet-Draft ARIN
Intended status: Standards Track S. Hollenbeck Intended status: Standards Track S. Hollenbeck
Expires: April 04, 2014 Verisign Labs Expires: May 23, 2014 Verisign Labs
October 01, 2013 November 19, 2013
Registration Data Access Protocol Query Format Registration Data Access Protocol Query Format
draft-ietf-weirds-rdap-query-07 draft-ietf-weirds-rdap-query-08
Abstract Abstract
This document describes uniform patterns to construct HTTP URLs that This document describes uniform patterns to construct HTTP URLs that
may be used to retrieve registration information from registries may be used to retrieve registration information from registries
(including both Regional Internet Registries (RIRs) and Domain Name (including both Regional Internet Registries (RIRs) and Domain Name
Registries (DNRs)) using "RESTful" web access patterns. Registries (DNRs)) using "RESTful" web access patterns.
Status of This Memo Status of This Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 04, 2014. This Internet-Draft will expire on May 23, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 12 skipping to change at page 2, line 12
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Conventions Used in This Document . . . . . . . . . . . . . . 2 1. Conventions Used in This Document . . . . . . . . . . . . . . 2
1.1. Acronyms and Abbreviations . . . . . . . . . . . . . . . 2 1.1. Acronyms and Abbreviations . . . . . . . . . . . . . . . 2
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Path Segment Specification . . . . . . . . . . . . . . . . . 4 3. Path Segment Specification . . . . . . . . . . . . . . . . . 4
3.1. Lookup Path Segment Specification . . . . . . . . . . . . 4 3.1. Lookup Path Segment Specification . . . . . . . . . . . . 4
3.1.1. IP Network Path Segment Specification . . . . . . . . 4 3.1.1. IP Network Path Segment Specification . . . . . . . . 5
3.1.2. Autonomous System Path Segment Specification . . . . 5 3.1.2. Autonomous System Path Segment Specification . . . . 5
3.1.3. Domain Path Segment Specification . . . . . . . . . . 6 3.1.3. Domain Path Segment Specification . . . . . . . . . . 6
3.1.4. Name Server Path Segment Specification . . . . . . . 6 3.1.4. Name Server Path Segment Specification . . . . . . . 7
3.1.5. Entity Path Segment Specification . . . . . . . . . . 7 3.1.5. Entity Path Segment Specification . . . . . . . . . . 7
3.1.6. Help Path Segment Specification . . . . . . . . . . . 7 3.1.6. Help Path Segment Specification . . . . . . . . . . . 7
3.2. Search Path Segment Specification . . . . . . . . . . . . 8 3.2. Search Path Segment Specification . . . . . . . . . . . . 8
3.2.1. Domain Search . . . . . . . . . . . . . . . . . . . . 8 3.2.1. Domain Search . . . . . . . . . . . . . . . . . . . . 8
3.2.2. Name Server Search . . . . . . . . . . . . . . . . . 8 3.2.2. Name Server Search . . . . . . . . . . . . . . . . . 9
3.2.3. Entity Search . . . . . . . . . . . . . . . . . . . . 9 3.2.3. Entity Search . . . . . . . . . . . . . . . . . . . . 9
4. Search Processing . . . . . . . . . . . . . . . . . . . . . . 9 4. Search Processing . . . . . . . . . . . . . . . . . . . . . . 10
5. Extensibility . . . . . . . . . . . . . . . . . . . . . . . . 10 5. Extensibility . . . . . . . . . . . . . . . . . . . . . . . . 11
6. Internationalization Considerations . . . . . . . . . . . . . 11 6. Internationalization Considerations . . . . . . . . . . . . . 11
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 8. Security Considerations . . . . . . . . . . . . . . . . . . . 12
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
10.1. Normative References . . . . . . . . . . . . . . . . . . 12 10.1. Normative References . . . . . . . . . . . . . . . . . . 13
10.2. Informative References . . . . . . . . . . . . . . . . . 14 10.2. Informative References . . . . . . . . . . . . . . . . . 15
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 14 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
1. Conventions Used in This Document 1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
1.1. Acronyms and Abbreviations 1.1. Acronyms and Abbreviations
IDN: Internationalized Domain Name IDN: Internationalized Domain Name
skipping to change at page 3, line 41 skipping to change at page 3, line 41
o registrars by name, and o registrars by name, and
o entities (such as contacts) by identifier. o entities (such as contacts) by identifier.
It is envisioned that each registry will continue to maintain NICNAME It is envisioned that each registry will continue to maintain NICNAME
/WHOIS and/or RESTful web services specific to their needs and those /WHOIS and/or RESTful web services specific to their needs and those
of their constituencies, and the information retrieved through the of their constituencies, and the information retrieved through the
patterns described here may reference such services. patterns described here may reference such services.
Likewise, future IETF standards may add additional patterns for Likewise, future IETF standards may add additional patterns for
additional query types. A simple pattern namespacing scheme is additional query types. A simple pattern namespacing scheme is
described in Section 5 to accomodate custom extensions that will not described in Section 5 to accommodate custom extensions that will not
interfere with the patterns defined in this document or patterns interfere with the patterns defined in this document or patterns
defined in future IETF standards. defined in future IETF standards.
WHOIS services, in general, are read-only services. Therefore URL WHOIS services, in general, are read-only services. Therefore URL
[RFC3986] patterns specified in this document are only applicable to [RFC3986] patterns specified in this document are only applicable to
the HTTP [RFC2616] GET and HEAD methods. the HTTP [RFC2616] GET and HEAD methods.
This document does not describe the results or entities returned from This document does not describe the results or entities returned from
issuing the described URLs with an HTTP GET. JSON [RFC4627] result issuing the described URLs with an HTTP GET. JSON [RFC4627] result
formatting and processing is described in formatting and processing is described in
skipping to change at page 4, line 20 skipping to change at page 4, line 20
HTTP contains mechanisms for servers to authenticate clients and for HTTP contains mechanisms for servers to authenticate clients and for
clients to authenticate servers (from which authorization schemes may clients to authenticate servers (from which authorization schemes may
be built) so such mechanisms are not described in this document. be built) so such mechanisms are not described in this document.
Policy, provisioning, and processing of authentication and Policy, provisioning, and processing of authentication and
authorization are out-of-scope for this document as deployments will authorization are out-of-scope for this document as deployments will
have to make choices based on local criteria. Specified have to make choices based on local criteria. Specified
authentication mechanisms MUST use HTTP. authentication mechanisms MUST use HTTP.
3. Path Segment Specification 3. Path Segment Specification
The uniform patterns start with a base URL [RFC3986] specified by Uniform query patterns start with a base URL [RFC3986] specified by
each registry or any other service provider offering this service. each registry or any other service provider offering this service.
The base URL is followed by a resource-type-specific path segment. The base URL is followed by a path prefix that identifies a well
The base URL may contain its own path segments (e.g. http:// known [RFC5785] location for per-resource metadata, ".well-known/
example.com/... or http://example.com/rdap/... ). The characters rdap". The path prefix is followed by a path segment that is
used to form a path segment are limited to those that can be used to specific to each type of resource. The characters used to form a
form a URI as specified in RFC 3986 [RFC3986]. path segment are limited to those that can be used to form a URI as
specified in RFC 3986 [RFC3986]. This specification uses the
following base URL and path prefix in examples:
http://example.com/.well-known/rdap
The base URL is specific to each server implementation. The ".well-
known/rdap" path prefix MUST be present.
3.1. Lookup Path Segment Specification 3.1. Lookup Path Segment Specification
The resource type path segments for exact match lookup are: The resource type path segments for exact match lookup are:
o 'ip': Used to identify IP networks and associated data referenced o 'ip': Used to identify IP networks and associated data referenced
using either an IPv4 or IPv6 address. using either an IPv4 or IPv6 address.
o 'autnum': Used to identify autonomous system registrations and o 'autnum': Used to identify autonomous system registrations and
associated data referenced using an AS Plain autonomous system associated data referenced using an AS Plain autonomous system
number. number.
skipping to change at page 5, line 20 skipping to change at page 5, line 28
completely encompasses it in a hierarchy of IP networks. completely encompasses it in a hierarchy of IP networks.
The IPv4 and IPv6 address formats supported in this query are The IPv4 and IPv6 address formats supported in this query are
described in section 3.2.2 of [RFC3986], as IPv4address and described in section 3.2.2 of [RFC3986], as IPv4address and
IPv6address ABNF definitions. Any valid IPv6 text address format IPv6address ABNF definitions. Any valid IPv6 text address format
[RFC4291] can be used, compressed or not compressed. The restricted [RFC4291] can be used, compressed or not compressed. The restricted
rules to write a text representation of an IPv6 address [RFC5952] are rules to write a text representation of an IPv6 address [RFC5952] are
not mandatory. However, the zone id [RFC4007] is not appropriate in not mandatory. However, the zone id [RFC4007] is not appropriate in
this context and therefore prohibited. this context and therefore prohibited.
This is an example URL for the most specific network containing For example, the following URL would be used to find information for
192.0.2.0: the most specific network containing 192.0.2.0:
/ip/192.0.2.0 http://example.com/.well-known/rdap/ip/192.0.2.0
This is an example of a URL the most specific network containing The following URL would be used to find information for the most
192.0.2.0/24: specific network containing 192.0.2.0/24:
/ip/192.0.2.0/24 http://example.com/.well-known/rdap/ip/192.0.2.0/24
This is an example URL for the most specific network containing The following URL would be used to find information for the most
2001:db8:1:1::1: specific network containing 2001:db8::0:
/ip/2001:db8:1:1::1 http://example.com/.well-known/rdap/ip/2001:db8::0
3.1.2. Autonomous System Path Segment Specification 3.1.2. Autonomous System Path Segment Specification
Syntax: autnum/<autonomous system number> Syntax: autnum/<autonomous system number>
Queries for information regarding autonomous system number Queries for information regarding autonomous system number
registrations are of the form /autnum/XXX/... where XXX is an AS registrations are of the form /autnum/XXX/... where XXX is an AS
Plain autonomous system number [RFC5396]. In some registries, Plain autonomous system number [RFC5396]. In some registries,
registration of autonomous system numbers is done on an individual registration of autonomous system numbers is done on an individual
number basis, while other registries may register blocks of number basis, while other registries may register blocks of
autonomous system numbers. The semantics of this query are such that autonomous system numbers. The semantics of this query are such that
if a number falls within a range of registered blocks, the target of if a number falls within a range of registered blocks, the target of
the query is the block registration, and that individual number the query is the block registration, and that individual number
registrations are considered a block of numbers with a size of 1. registrations are considered a block of numbers with a size of 1.
For example, to find information on autonomous system number 65551, For example, the following URL would be used to find information
the following path would be used: describing autonomous system number 12 (a number within a range of
registered blocks):
/autnum/65551 http://example.com/.well-known/rdap/autnum/12
The following path would be used to find information on 4-byte
The following URL would be used to find information describing 4-byte
autonomous system number 65538: autonomous system number 65538:
/autnum/65538 http://example.com/.well-known/rdap/autnum/65538
3.1.3. Domain Path Segment Specification 3.1.3. Domain Path Segment Specification
Syntax: domain/<domain name> Syntax: domain/<domain name>
Queries for domain information are of the form /domain/XXXX/..., Queries for domain information are of the form /domain/XXXX/...,
where XXXX is a fully-qualified domain name [RFC4343] in either the where XXXX is a fully-qualified domain name [RFC4343] in either the
in-addr.arpa or ip6.arpa zones (for RIRs) or a fully-qualified domain in-addr.arpa or ip6.arpa zones (for RIRs) or a fully-qualified domain
name in a zone administered by the server operator (for DNRs). name in a zone administered by the server operator (for DNRs).
Internationalized domain names represented in either A-label or Internationalized domain names represented in either A-label or
U-label format [RFC5890] are also valid domain names. IDN labels U-label format [RFC5890] are also valid domain names. IDN labels
SHOULD NOT be represented as a mixture of A-labels and U-labels. SHOULD NOT be represented as a mixture of A-labels and U-labels.
If the client sends the server an IDN in U-label format, servers that If the client sends the server an IDN in U-label format, servers that
support IDNs MUST convert the IDN into A-label format and perform support IDNs MUST convert the IDN into A-label format and perform
IDNA processing as specified in RFC 5891 [RFC5891]. The server IDNA processing as specified in RFC 5891 [RFC5891]. The server
should perform an exact match lookup using the A-label. should perform an exact match lookup using the A-label.
The following path would be used to find information describing the The following URL would be used to find information describing the
zone serving the network 192.0.2/24: zone serving the network 192.0.2/24:
/domain/2.0.192.in-addr.arpa http://example.com/.well-known/rdap/domain/2.0.192.in-addr.arpa
The following path would be used to find information describing the The following URL would be used to find information describing the
zone serving the network 2001:db8:1::/48: zone serving the network 2001:db8:1::/48:
/domain/1.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa http://example.com/.well-known/rdap/domain/
1.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa
The following path would be used to find information for the
example.com domain name:
/domain/example.com The following URL would be used to find information for the
blah.example.com domain name:
The following path would be used to find information for the http://example.com/.well-known/rdap/domain/blah.example.com
xn--xemple-9ua.example IDN: The following URL would be used to find information for the
xn--fo-5ja.example IDN:
/domain/xn--xemple-9ua.example http://example.com/.well-known/rdap/domain/xn--fo-5ja.example
3.1.4. Name Server Path Segment Specification 3.1.4. Name Server Path Segment Specification
Syntax: nameserver/<name server name> Syntax: nameserver/<name server name>
The <name server name> parameter represents a fully qualified name as The <name server name> parameter represents a fully qualified name as
specified in RFC 952 [RFC0952] and RFC 1123 [RFC1123]. specified in RFC 952 [RFC0952] and RFC 1123 [RFC1123].
Internationalized names represented in either A-label or U-label Internationalized names represented in either A-label or U-label
format [RFC5890] are also valid name server names. IDN labels SHOULD format [RFC5890] are also valid name server names. IDN labels SHOULD
NOT be represented as a mixture of A-labels and U-labels. NOT be represented as a mixture of A-labels and U-labels.
If the client sends the server an IDN in U-label format, servers that If the client sends the server an IDN in U-label format, servers that
support IDNs MUST convert the IDN into A-label format and perform support IDNs MUST convert the IDN into A-label format and perform
IDNA processing as specified in RFC 5891 [RFC5891]. The server IDNA processing as specified in RFC 5891 [RFC5891]. The server
should perform an exact match lookup using the A-label. should perform an exact match lookup using the A-label.
The following path would be used to find information for the The following URL would be used to find information for the
ns1.example.com name server: ns1.example.com name server:
/nameserver/ns1.example.com http://example.com/.well-known/rdap/nameserver/ns1.example.com
The following path would be used to find information for the The following URL would be used to find information for the
ns1.xn--xemple-9ua.example name server: ns1.xn--fo-5ja.example name server:
/nameserver/ns1.xn--xemple-9ua.example http://example.com/.well-known/rdap/nameserver/ns1.xn--fo-5ja.example
3.1.5. Entity Path Segment Specification 3.1.5. Entity Path Segment Specification
Syntax: entity/<handle> Syntax: entity/<handle>
The <handle> parameter represents an entity (such as a contact, The <handle> parameter represents an entity (such as a contact,
registrant, or registrar) identifier. For example, for some DNRs registrant, or registrar) identifier. For example, for some DNRs
contact identifiers are specified in RFC 5730 [RFC5730] and RFC 5733 contact identifiers are specified in RFC 5730 [RFC5730] and RFC 5733
[RFC5733]. [RFC5733].
The following path would be used to find information for the entity The following URL would be used to find information for the entity
associated with handle CID-4005: associated with handle XXXX:
/entity/CID-4005 http://example.com/.well-known/rdap/entity/XXXX
3.1.6. Help Path Segment Specification 3.1.6. Help Path Segment Specification
Syntax: help Syntax: help
The help path segment can be used to request helpful information The help path segment can be used to request helpful information
(command syntax, terms of service, privacy policy, rate limiting (command syntax, terms of service, privacy policy, rate limiting
policy, supported authentication methods, supported extensions, policy, supported authentication methods, supported extensions,
technical support contact, etc.) from an RDAP server. The response technical support contact, etc.) from an RDAP server. The response
to "help" should provide basic information that a client needs to to "help" should provide basic information that a client needs to
successfully use the service. The following path would be used to successfully use the service. The following URL would be used to
return "help" information: return "help" information:
/help http://example.com/.well-known/rdap/help
3.2. Search Path Segment Specification 3.2. Search Path Segment Specification
The resource type path segments for search are: The resource type path segments for search are:
o 'domains': Used to identify a domain name information search using o 'domains': Used to identify a domain name information search using
a pattern to match a fully-qualified domain name. a pattern to match a fully-qualified domain name.
o 'nameservers': Used to identify a name server information search o 'nameservers': Used to identify a name server information search
using a pattern to match a host name. using a pattern to match a host name.
o 'entities': Used to identify an entity information search using a o 'entities': Used to identify an entity information search using a
skipping to change at page 8, line 36 skipping to change at page 8, line 45
3.2.1. Domain Search 3.2.1. Domain Search
Syntax: domains?name=<domain search pattern> Syntax: domains?name=<domain search pattern>
Searches for domain information are of the form Searches for domain information are of the form
/domains?name=XXXX /domains?name=XXXX
where XXXX is a search pattern representing a domain name in where XXXX is a search pattern representing a domain name in
"letters, digits, hyphen" format [RFC5890] in a zone administered by "letters, digits, hyphen" format [RFC5890] in a zone administered by
the server operator of a DNR. The following path would be used to the server operator of a DNR. The following URL would be used to
find DNR information for domain names matching the "example*.com" find DNR information for domain names matching the "example*.com"
pattern: pattern:
/domains?name=example*.com http://example.com/.well-known/rdap/domains?name=example*.com
Internationalized Domain Names (IDNs) in U-label format [RFC5890] can Internationalized Domain Names (IDNs) in U-label format [RFC5890] can
also be used as search patterns (see Section 4). Searches for these also be used as search patterns (see Section 4). Searches for these
names are of the form /domains?name=XXXX, where XXXX is a search names are of the form /domains?name=XXXX, where XXXX is a search
pattern representing a domain name in U-label format [RFC5890]. pattern representing a domain name in U-label format [RFC5890].
3.2.2. Name Server Search 3.2.2. Name Server Search
Syntax: nameservers?name=<nameserver search pattern> Syntax: nameservers?name=<nameserver search pattern>
Searches for name server information are of the form Searches for name server information are of the form
skipping to change at page 9, line 4 skipping to change at page 9, line 14
Internationalized Domain Names (IDNs) in U-label format [RFC5890] can Internationalized Domain Names (IDNs) in U-label format [RFC5890] can
also be used as search patterns (see Section 4). Searches for these also be used as search patterns (see Section 4). Searches for these
names are of the form /domains?name=XXXX, where XXXX is a search names are of the form /domains?name=XXXX, where XXXX is a search
pattern representing a domain name in U-label format [RFC5890]. pattern representing a domain name in U-label format [RFC5890].
3.2.2. Name Server Search 3.2.2. Name Server Search
Syntax: nameservers?name=<nameserver search pattern> Syntax: nameservers?name=<nameserver search pattern>
Searches for name server information are of the form Searches for name server information are of the form
/nameservers?name=XXXX /nameservers?name=XXXX
where XXXX is a search pattern representing a host name in "letters, where XXXX is a search pattern representing a host name in "letters,
digits, hyphen" format [RFC5890] in a zone administered by the server digits, hyphen" format [RFC5890] in a zone administered by the server
operator of a DNR. The following path would be used to find DNR operator of a DNR. The following URL would be used to find DNR
information for name server names matching the "ns1.example*.com" information for name server names matching the "ns1.example*.com"
pattern: pattern:
/nameservers?name=ns1.example*.com http://example.com/.well-known/rdap/nameservers?name=ns1.example*.com
Internationalized name server names in U-label format [RFC5890] can Internationalized name server names in U-label format [RFC5890] can
also be used as search patterns (see Section 4). Searches for these also be used as search patterns (see Section 4). Searches for these
names are of the form /nameservers?name=XXXX, where XXXX is a search names are of the form /nameservers?name=XXXX, where XXXX is a search
pattern representing a name server name in U-label format [RFC5890]. pattern representing a name server name in U-label format [RFC5890].
3.2.3. Entity Search 3.2.3. Entity Search
Syntax: entities?fn=<entity name search pattern> Syntax: entities?fn=<entity name search pattern>
Syntax: entities?handle=<entity handle search pattern> Syntax: entities?handle=<entity handle search pattern>
Searches for entity information by name are of the form Searches for entity information by name are of the form
/entities?fn=XXXX /entities?fn=XXXX
where XXXX is a search pattern representing an entity name as where XXXX is a search pattern representing an entity name as
specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The
following path would be used to find information for entity names following URL would be used to find information for entity names
matching the "Bobby Joe*" pattern. matching the "Bobby Joe*" pattern.
/entities?fn=Bobby%20Joe* http://example.com/.well-known/rdap/entities?fn=Bobby%20Joe*
Searches for entity information by handle are of the form Searches for entity information by handle are of the form
/entities?handle=XXXX /entities?handle=XXXX
where XXXX is a search pattern representing an entity handle as where XXXX is a search pattern representing an entity handle as
specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The specified in Section 6.1 of [I-D.ietf-weirds-json-response]. The
following path would be used to find information for entity names following URL would be used to find information for entity names
matching the "CID-40*" pattern. matching the "CID-40*" pattern.
/entities?handle=CID-40* http://example.com/.well-known/rdap/entities?handle=CID-40*
URLs MUST be properly encoded according to the rules of [RFC3986]. URLs MUST be properly encoded according to the rules of [RFC3986].
In the example above, "Bobby Joe*" is encoded to "Bobby%20Joe*". In the example above, "Bobby Joe*" is encoded to "Bobby%20Joe*".
4. Search Processing 4. Search Processing
Partial string searching uses the asterisk ('*', ASCII value 0x002A) Partial string searching uses the asterisk ('*', ASCII value 0x002A)
character to match zero or more trailing characters. Additional character to match zero or more trailing characters. A character
pattern matching processing is beyond the scope of this string representing a top-level domain MAY be concatenated to the end
specification. of the search pattern to limit the scope of the search. For example,
the search pattern "exam*" will match "example.com" and
"example.net". The search pattern "exam*.com" will match
"example.com". Additional pattern matching processing is beyond the
scope of this specification.
If a server receives a search request but cannot process the request If a server receives a search request but cannot process the request
because it does not support a particular style of partial match because it does not support a particular style of partial match
searching, it SHOULD return an HTTP 422 [RFC4918] error. When searching, it SHOULD return an HTTP 422 [RFC4918] error. When
returning a 422 error, the server MAY also return an error response returning a 422 error, the server MAY also return an error response
body as specified in Section 7 of [I-D.ietf-weirds-json-response] if body as specified in Section 7 of [I-D.ietf-weirds-json-response] if
the requested media type is one that is specified in the requested media type is one that is specified in
[I-D.ietf-weirds-using-http]. [I-D.ietf-weirds-using-http].
Because Unicode characters may be combined with another Unicode Partial matching is not feasible across combinations of Unicode
character or characters, partial matching is not feasible across characters because Unicode characters can be combined with another
combinations of Unicode characters. Servers SHOULD NOT partially Unicode character or characters. Servers SHOULD NOT partially match
match combinations of Unicode characters where a Unicode character combinations of Unicode characters where a Unicode character may be
may be legally combined with another Unicode character or characters. legally combined with another Unicode character or characters.
Clients should avoid submitting a partial match search of Unicode Clients should avoid submitting a partial match search of Unicode
characters where a Unicode character may be legally combined with characters where a Unicode character may be legally combined with
another Unicode character or characters. Partial match searches with another Unicode character or characters. Partial match searches with
incomplete combinations of characters where a character must be incomplete combinations of characters where a character must be
combined with another character or characters are invalid. Partial combined with another character or characters are invalid. Partial
match searches with characters that may be combined with another match searches with characters that may be combined with another
character or characters are to be considered non-combined characters character or characters are to be considered non-combined characters
(that is, if character x may be combined with character y but (that is, if character x may be combined with character y but
character y is not submitted in the search string then character x is character y is not submitted in the search string then character x is
a complete character and no combinations of character x are to be a complete character and no combinations of character x are to be
searched). searched).
Because Unicode characters may be combined with another Unicode Servers can expect to receive search patterns from clients that
character or characters, partial matching requires that a server contain character strings encoded in different forms supported by
maintain a list of valid character combinations to be considered a HTTP. It is entirely possible to apply filters and normalization
match. When comparing DNS U-labels, servers SHOULD use the code rules to search patterns prior to making character comparisons, but
points specified in [RFC5892] to determine partial matches. When this type of processing is more typically needed to determine the
comparing entity names, servers SHOULD use the normalization rules validity of registered strings than to match patterns. Servers
and code points specified by [I-D.ietf-precis-nickname] to determine SHOULD thus accept any search pattern that is otherwise properly
partial matches. encoded. If the pattern consists entirely of ASCII characters,
servers SHOULD use case-insensitive prefix matching against ASCII
labels to determine partial matches. If the text in the pattern is
or can be converted to a U-label, servers SHOULD use prefix matching
against U-labels to determine partial matches.
Conceptually, a name-record in a database may include a link to an
associated name-record, which may include a link to another such
record, and so on. If an implementation is to return more than one
name-record in response to a query, information from the records
thereby identified is returned.
Note that this model includes arrangements for associated names,
including those that are linked by policy mechanisms and names bound
together for some other purposes. Note also that returning
information that was not explicitly selected by an exact-match
lookup, including additional names that match a relatively fuzzy
search as well as lists of names that are linked together, may cause
privacy issues.
5. Extensibility 5. Extensibility
This document describes path segment specifications for a limited This document describes path segment specifications for a limited
number of objects commonly registered in both RIRs and DNRs. It does number of objects commonly registered in both RIRs and DNRs. It does
not attempt to describe path segments for all of the objects not attempt to describe path segments for all of the objects
registered in all registries. Custom path segments can be created registered in all registries. Custom path segments can be created
for objects not specified here using the process described in for objects not specified here using the process described in
Section 6 of "HTTP usage in the Registration Data Access Protocol Section 6 of "HTTP usage in the Registration Data Access Protocol
(RDAP)" [I-D.ietf-weirds-using-http]. (RDAP)" [I-D.ietf-weirds-using-http].
skipping to change at page 11, line 32 skipping to change at page 12, line 18
Internationalized domain and name server names can contain character Internationalized domain and name server names can contain character
variants and variant labels as described in RFC 4290 [RFC4290]. variants and variant labels as described in RFC 4290 [RFC4290].
Clients that support queries for internationalized domain and name Clients that support queries for internationalized domain and name
server names MUST accept service provider responses that describe server names MUST accept service provider responses that describe
variants as specified in "JSON Responses for the Registration Data variants as specified in "JSON Responses for the Registration Data
Access Protocol" [I-D.ietf-weirds-json-response]. Access Protocol" [I-D.ietf-weirds-json-response].
7. IANA Considerations 7. IANA Considerations
This document does not specify any IANA actions. IANA is requested to register the "rdap" well-known URI suffix
following the procedures identified in RFC 5785 [RFC5785].
URI suffix: "rdap"
Change controller: IETF
Specification document: This document, Section 3.
Related information: None
8. Security Considerations 8. Security Considerations
Security services for the operations specified in this document are Security services for the operations specified in this document are
described in "Security Services for the Registration Data Access described in "Security Services for the Registration Data Access
Protocol" [I-D.ietf-weirds-rdap-sec]. Protocol" [I-D.ietf-weirds-rdap-sec].
Search functionality typically requires more server resources (such Search functionality typically requires more server resources (such
as memory, CPU cycles, and network bandwidth) when compared to basic as memory, CPU cycles, and network bandwidth) when compared to basic
lookup functionality. This increases the risk of server resource lookup functionality. This increases the risk of server resource
skipping to change at page 12, line 5 skipping to change at page 12, line 49
can be mitigated by developing and implementing controls to restrict can be mitigated by developing and implementing controls to restrict
search functionality to identified and authorized clients. If those search functionality to identified and authorized clients. If those
clients behave badly, their search privileges can be suspended or clients behave badly, their search privileges can be suspended or
revoked. Rate limiting as described in Section 5.5 of "HTTP usage in revoked. Rate limiting as described in Section 5.5 of "HTTP usage in
the Registration Data Access Protocol (RDAP)" the Registration Data Access Protocol (RDAP)"
[I-D.ietf-weirds-using-http] can also be used to control the rate of [I-D.ietf-weirds-using-http] can also be used to control the rate of
received search requests. Server operators can also reduce their received search requests. Server operators can also reduce their
risk by restricting the amount of information returned in response to risk by restricting the amount of information returned in response to
a search request. a search request.
Search functionality also increases the privacy risk of disclosing
object relationships that might not otherwise be obvious. For
example, a search that returns IDN variants [RFC6927] that do not
explicitly match a client-provided search pattern can disclose
information about registered domain names that might not be otherwise
available. Implementers need to consider the policy and privacy
implications of returning information that was not explicitly
requested.
9. Acknowledgements 9. Acknowledgements
This document is derived from original work on RIR query formats This document is derived from original work on RIR query formats
developed by Byron J. Ellacott of APNIC, Arturo L. Servin of LACNIC, developed by Byron J. Ellacott of APNIC, Arturo L. Servin of LACNIC,
Kaveh Ranjbar of the RIPE NCC, and Andrew L. Newton of ARIN. Kaveh Ranjbar of the RIPE NCC, and Andrew L. Newton of ARIN.
Additionally, this document incorporates DNR query formats originally Additionally, this document incorporates DNR query formats originally
described by Francisco Arias and Steve Sheng of ICANN and Scott described by Francisco Arias and Steve Sheng of ICANN and Scott
Hollenbeck of Verisign. Hollenbeck of Verisign Labs.
The authors would like to acknowledge the following individuals for The authors would like to acknowledge the following individuals for
their contributions to this document: Francisco Arias, Marc Blanchet, their contributions to this document: Francisco Arias, Marc Blanchet,
Ernie Dainow, Jean-Philippe Dionne, Behnam Esfahbod, Edward Lewis, Ernie Dainow, Jean-Philippe Dionne, Behnam Esfahbod, John Klensin,
and John Levine. Edward Lewis, and John Levine.
10. References 10. References
10.1. Normative References 10.1. Normative References
[I-D.ietf-precis-nickname]
Saint-Andre, P., "Preparation and Comparison of
Nicknames", draft-ietf-precis-nickname-06 (work in
progress), July 2013.
[I-D.ietf-weirds-json-response] [I-D.ietf-weirds-json-response]
Newton, A. and S. Hollenbeck, "JSON Responses for the Newton, A. and S. Hollenbeck, "JSON Responses for the
Registration Data Access Protocol (RDAP)", draft-ietf- Registration Data Access Protocol (RDAP)", draft-ietf-
weirds-json-response-05 (work in progress), August 2013. weirds-json-response-06 (work in progress), October 2013.
[I-D.ietf-weirds-rdap-sec] [I-D.ietf-weirds-rdap-sec]
Hollenbeck, S. and N. Kong, "Security Services for the Hollenbeck, S. and N. Kong, "Security Services for the
Registration Data Access Protocol", draft-ietf-weirds- Registration Data Access Protocol", draft-ietf-weirds-
rdap-sec-05 (work in progress), August 2013. rdap-sec-05 (work in progress), August 2013.
[I-D.ietf-weirds-using-http] [I-D.ietf-weirds-using-http]
Newton, A., Ellacott, B., and N. Kong, "HTTP usage in the Newton, A., Ellacott, B., and N. Kong, "HTTP usage in the
Registration Data Access Protocol (RDAP)", draft-ietf- Registration Data Access Protocol (RDAP)", draft-ietf-
weirds-using-http-07 (work in progress), July 2013. weirds-using-http-07 (work in progress), July 2013.
skipping to change at page 13, line 42 skipping to change at page 14, line 42
[RFC5396] Huston, G. and G. Michaelson, "Textual Representation of [RFC5396] Huston, G. and G. Michaelson, "Textual Representation of
Autonomous System (AS) Numbers", RFC 5396, December 2008. Autonomous System (AS) Numbers", RFC 5396, December 2008.
[RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)",
STD 69, RFC 5730, August 2009. STD 69, RFC 5730, August 2009.
[RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Contact Mapping", STD 69, RFC 5733, August 2009. Contact Mapping", STD 69, RFC 5733, August 2009.
[RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known
Uniform Resource Identifiers (URIs)", RFC 5785, April
2010.
[RFC5890] Klensin, J., "Internationalized Domain Names for [RFC5890] Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework", Applications (IDNA): Definitions and Document Framework",
RFC 5890, August 2010. RFC 5890, August 2010.
[RFC5891] Klensin, J., "Internationalized Domain Names in [RFC5891] Klensin, J., "Internationalized Domain Names in
Applications (IDNA): Protocol", RFC 5891, August 2010. Applications (IDNA): Protocol", RFC 5891, August 2010.
[RFC5892] Faltstrom, P., "The Unicode Code Points and
Internationalized Domain Names for Applications (IDNA)",
RFC 5892, August 2010.
[RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6
Address Text Representation", RFC 5952, August 2010. Address Text Representation", RFC 5952, August 2010.
10.2. Informative References 10.2. Informative References
[REST] Fielding, R. and R. Taylor, "Principled Design of the [REST] Fielding, R. and R. Taylor, "Principled Design of the
Modern Web Architecture", ACM Transactions on Internet Modern Web Architecture", ACM Transactions on Internet
Technology Vol. 2, No. 2, May 2002. Technology Vol. 2, No. 2, May 2002.
[RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912,
September 2004. September 2004.
[RFC4007] Deering, S., Haberman, B., Jinmei, T., Nordmark, E., and [RFC4007] Deering, S., Haberman, B., Jinmei, T., Nordmark, E., and
B. Zill, "IPv6 Scoped Address Architecture", RFC 4007, B. Zill, "IPv6 Scoped Address Architecture", RFC 4007,
March 2005. March 2005.
[RFC4627] Crockford, D., "The application/json Media Type for [RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006. JavaScript Object Notation (JSON)", RFC 4627, July 2006.
[RFC6927] Levine, J. and P. Hoffman, "Variants in Second-Level Names
Registered in Top-Level Domains", RFC 6927, May 2013.
Appendix A. Change Log Appendix A. Change Log
Initial -00: Adopted as working group document. Initial -00: Adopted as working group document.
-01: Added "Conventions Used in This Document" section. Added -01: Added "Conventions Used in This Document" section. Added
normative reference to draft-ietf-weirds-rdap-sec and some normative reference to draft-ietf-weirds-rdap-sec and some
wrapping text in the Security Considerations section. wrapping text in the Security Considerations section.
-02: Removed "unified" from the title. Rewrote the last paragraph -02: Removed "unified" from the title. Rewrote the last paragraph
of section 2. Edited the first paragraph of section 3 to more of section 2. Edited the first paragraph of section 3 to more
clearly note that only one path segement is provided. Added clearly note that only one path segment is provided. Added
"bitmask" to "length" in section 3.1. Changed "lowest IP network" "bitmask" to "length" in section 3.1. Changed "lowest IP network"
to "smallest IP network" in section 3.1. Added "asplain" to the to "smallest IP network" in section 3.1. Added "asplain" to the
description of autonomous system numbers in section 3.2. Minor description of autonomous system numbers in section 3.2. Minor
change from "semantics is" to "semantics are" in section 3.2. change from "semantics is" to "semantics are" in section 3.2.
Changed the last sentence in section 4 to more clearly specify Changed the last sentence in section 4 to more clearly specify
error response behavior. Added acknowledgements. Added a error response behavior. Added acknowledgements. Added a
paragraph in the introduction regarding future IETF standards and paragraph in the introduction regarding future IETF standards and
extensibility. extensibility.
-03: Changed 'query' to 'lookup' in document title to better -03: Changed 'query' to 'lookup' in document title to better
describe the 'exact match lookup' purpose of this document. describe the 'exact match lookup' purpose of this document.
skipping to change at page 14, line 50 skipping to change at page 16, line 4
extensibility. extensibility.
-03: Changed 'query' to 'lookup' in document title to better -03: Changed 'query' to 'lookup' in document title to better
describe the 'exact match lookup' purpose of this document. describe the 'exact match lookup' purpose of this document.
Included a multitude of minor additions and clarifications Included a multitude of minor additions and clarifications
provided by Marc Blanchet and Jean-Philippe Dionne. Modified the provided by Marc Blanchet and Jean-Philippe Dionne. Modified the
domain and name server sections to include support for IDN domain and name server sections to include support for IDN
U-labels. U-labels.
-04: Updated the domain and name server sections to use .example IDN -04: Updated the domain and name server sections to use .example IDN
U-labels. Added text to note that mixed IDN labels SHOULD NOT be U-labels. Added text to note that mixed IDN labels SHOULD NOT be
used. Fixed broken sentences in Section 6. used. Fixed broken sentences in Section 6.
-05: Added "help" path segment. -05: Added "help" path segment.
-06: Added search text and removed or edited old search text. -06: Added search text and removed or edited old search text.
-07: Fixed query parameter typo by replacing "/?" with "?". Changed -07: Fixed query parameter typo by replacing "/?" with "?". Changed
"asplain" to "AS Plain". Added entity search by handle. "asplain" to "AS Plain". Added entity search by handle.
Corrected section references. Updated IDN search text. Corrected section references. Updated IDN search text.
-08: Revised URI formats and added IANA instructions to create a
registry entry for the "rdap" well-known prefix. Revised search
processing text and added search privacy consideration.
Synchronized examples with response draft.
Authors' Addresses Authors' Addresses
Andrew Lee Newton Andrew Lee Newton
American Registry for Internet Numbers American Registry for Internet Numbers
3635 Concorde Parkway 3635 Concorde Parkway
Chantilly, VA 20151 Chantilly, VA 20151
US US
Email: andy@arin.net Email: andy@arin.net
 End of changes. 64 change blocks. 
103 lines changed or deleted 152 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/