draft-ietf-weirds-rdap-sec-06.txt   draft-ietf-weirds-rdap-sec-07.txt 
Internet Engineering Task Force S. Hollenbeck Internet Engineering Task Force S. Hollenbeck
Internet-Draft Verisign Labs Internet-Draft Verisign Labs
Intended status: Standards Track N. Kong Intended status: Standards Track N. Kong
Expires: August 14, 2014 CNNIC Expires: February 6, 2015 CNNIC
February 10, 2014 August 5, 2014
Security Services for the Registration Data Access Protocol Security Services for the Registration Data Access Protocol
draft-ietf-weirds-rdap-sec-06 draft-ietf-weirds-rdap-sec-07
Abstract Abstract
The Registration Data Access Protocol (RDAP) provides "RESTful" web The Registration Data Access Protocol (RDAP) provides "RESTful" web
services to retrieve registration metadata from domain name and services to retrieve registration metadata from domain name and
regional internet registries. This document describes information regional internet registries. This document describes information
security services including authentication, authorization, security services including authentication, authorization,
availability, data confidentiality, and data integrity for RDAP. availability, data confidentiality, and data integrity for RDAP.
Status of This Memo Status of This Memo
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 14, 2014. This Internet-Draft will expire on February 6, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 8, line 44 skipping to change at page 8, line 44
Stephen Farrell, Tony Hansen, Peter Koch, Murray Kucherawy, Barry Stephen Farrell, Tony Hansen, Peter Koch, Murray Kucherawy, Barry
Leiba, Andrew Newton, and Linlin Zhou. Leiba, Andrew Newton, and Linlin Zhou.
7. References 7. References
7.1. Normative References 7.1. Normative References
[I-D.ietf-weirds-json-response] [I-D.ietf-weirds-json-response]
Newton, A. and S. Hollenbeck, "JSON Responses for the Newton, A. and S. Hollenbeck, "JSON Responses for the
Registration Data Access Protocol (RDAP)", draft-ietf- Registration Data Access Protocol (RDAP)", draft-ietf-
weirds-json-response-06 (work in progress), October 2013. weirds-json-response-07 (work in progress), April 2014.
[I-D.ietf-weirds-rdap-query] [I-D.ietf-weirds-rdap-query]
Newton, A. and S. Hollenbeck, "Registration Data Access Newton, A. and S. Hollenbeck, "Registration Data Access
Protocol Query Format", draft-ietf-weirds-rdap-query-10 Protocol Query Format", draft-ietf-weirds-rdap-query-11
(work in progress), February 2014. (work in progress), July 2014.
[I-D.ietf-weirds-using-http] [I-D.ietf-weirds-using-http]
Newton, A., Ellacott, B., and N. Kong, "HTTP usage in the Newton, A., Ellacott, B., and N. Kong, "HTTP usage in the
Registration Data Access Protocol (RDAP)", draft-ietf- Registration Data Access Protocol (RDAP)", draft-ietf-
weirds-using-http-08 (work in progress), February 2014. weirds-using-http-08 (work in progress), February 2014.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
skipping to change at page 10, line 41 skipping to change at page 10, line 41
to "An RDAP server MUST provide granular access controls (that is, to "An RDAP server MUST provide granular access controls (that is,
on a per registration data object basis) in order to implement on a per registration data object basis) in order to implement
authorization policies"; move RFCs 4732, 5280, and 6749 from authorization policies"; move RFCs 4732, 5280, and 6749 from
normative to informative subsection. normative to informative subsection.
-05: Address IETF last call comments: Added text to Section 3.1.1 to -05: Address IETF last call comments: Added text to Section 3.1.1 to
recommend the use of HTTP over TLS. Modified Section 3.2 to recommend the use of HTTP over TLS. Modified Section 3.2 to
clarify granular access control text. Added additional Security clarify granular access control text. Added additional Security
Considerations. Made references to RFC 5246 and OpenID Considerations. Made references to RFC 5246 and OpenID
informative. Minor typo fixes. informative. Minor typo fixes.
-06: Keepalive refresh. No content updates. -06: Keepalive refresh. No content updates.
-07: Keepalive refresh. No content updates.
Authors' Addresses Authors' Addresses
Scott Hollenbeck Scott Hollenbeck
Verisign Labs Verisign Labs
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
US US
Email: shollenbeck@verisign.com Email: shollenbeck@verisign.com
 End of changes. 6 change blocks. 
7 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/