SlideShare a Scribd company logo

RDAP @ .at

A
Alex Mayrhofer

at ICANN69's virtual Techday, Alex Mayrhofer of nic.at speaks about the current state of .at's RDAP server prototype. The primary goal of the prototype is to the provide the local CERT with in-depth information about .at domain names. The prototype is used to develop and test-drive a few advanced RDAP features and pave the way to a potential public service.

Internet
1 of 16
Download to read offline
1 · www.nic.at ICANN69 vTechDay · Status public RDAP @ .at ICANN69 vTechday ICANN69 vTechDay · Status public 2020-10-19 · Alex Mayrhofer · Head of R&D · alexander.mayrhofer@nic.at
2 · www.nic.at ICANN69 vTechDay · Status public Agenda • RDAP: Brief overview • RDAP @ .at: Project reasoning & goals • High-level Architecture • Implementation details • Current features • Future plans
3 · www.nic.at ICANN69 vTechDay · Status public Registration Data Access Protocol • WHOIS (RFC 954, 1985)  Very simple / old protocol  No encryption  non-ASCII text is hard  No data format  „command line“ protocol • RDAP (RFC 7482, 2015!)  New! Shiny!  Web-based (Encryption, UTF8, Clients)!  Data in structured JSON!
4 · www.nic.at ICANN69 vTechDay · Status public Project Reasoning • The CERT angle  Austrian CERT is an in-house department of the ccTLD  CERT requires access to domain registration details..  Let‘s use RDAP! • The ccTLD angle  RDAP will likely replace WHOIS at some point  Create a prototype-level implementation  Gain experience for potential public service
5 · www.nic.at ICANN69 vTechDay · Status public Project Goals • Create an RDAP server to provide domain registration details to CERT • Integrate with the available data sources • Test-drive „advanced“ RDAP topics  Authentication (OpenID Connect / JWT)  Differentiated Access  Searches
6 · www.nic.at ICANN69 vTechDay · Status public Architecture – Data Sources RDAP core Additional Contacts • RDAP „core“  Provides full (unredacted) domain and entity data • Supplemental contacts  Provides additional entities • Data Warehouse  Searches • How to combine these?
7 · www.nic.at ICANN69 vTechDay · Status public Architecture - Frontend RDAP core Frontend (RDAP Web App) Caching (Redis) OpenID Authentication • Faces the RDAP Clients • Collects data from sources • Assembles responses • Performs authentication / authorization  Differentiated Access  Data Filtering  Access Controls (Search!)  Rate Limiting  Logging / Auditing
8 · www.nic.at ICANN69 vTechDay · Status public Implementation RDAP core • RDAP data provided directly from the Registry database  PostgreSQL database procedures  Directly produces JSON  (same strategy for existing WHOIS server) • Always provides the full (unredacted) data • Doesn‘t care about users, roles, rate limiting („Additional contacts“: PostgreSQL database, accessed via SQL)
9 · www.nic.at ICANN69 vTechDay · Status public Implementation „Frontend“ • „RDAP is a web service“ • Therefore, let‘s use a web framework! • Laravel (PHP)  Extensive Knowledge available in-house  Model/View/Controller pattern  Tons of features, flexible, but steep learning curve
10 · www.nic.at ICANN69 vTechDay · Status public Current Features • „Pipe-through“ of RDAP data from RDAP core source • „Enrich“ registrar information with supplemental contact information • Authentication / Authorization  Currently via nic.at internal authentication infrastructure Who‘s asking?
11 · www.nic.at ICANN69 vTechDay · Status public A few details… • Authentication / Authorization  OpenID Connect  Identity Provider: Keycloak  Existing infrastructure @ nic.at • jCard Handling  This is … tiring..  Sabre vObject PHP library to the rescue • Rate Limiting  Laravel „Middleware“ https://www.keycloak.org/
12 · www.nic.at ICANN69 vTechDay · Status public Frontend Infrastructure • Docker-based, currently 3 containers  Web-Server (nginx)  Scripting-Engine (PHP-FPM) -> Laravel  Caching Layer (Redis) (Frontend only, data Sources are outside of that docker host)
13 · www.nic.at ICANN69 vTechDay · Status public Challenges • jCard is hard to parse / create  Use of Sabre vObject PHP library • Validation / Testing  RDAP has a decently complex structure – are we doing the right thing?  First „validation“ steps with openrdap client  Server is internal, so web-based validation services do not work • Laravel is very flexible and mighty  Some tasks require just a single line of code!  But it also has 4822 buttons to press.. Photo by Leonel Fernandez on Unsplash
14 · www.nic.at ICANN69 vTechDay · Status public Next steps • Machine-to-machine authentication / API Tokens  Probably moving to long-lived JWTs  Addition of a web interface to manage those tokens • Differentiated Access  Goal: Have a „script language“ for filtering + templates  Looking at jq / libjq and respective PHP bindings • Searches  Addition of new data source „Data Ware House“  Conflict between requirements and currently existing RDAP search specifications – custom extension?
15 · www.nic.at ICANN69 vTechDay · Status public Summary / Questions? • We‘ve created an internal RDAP server to expose the .at registration details to the local in-house CERT in a standardized way • This also serves as a prototype to explore the path to a future public service. • The server uses multiple data sources as backends (RDAP core, supplemental contacts DB, data warehouse – searches!) • The RDAP Frontend interacts with the client, assembles/filters responses, and is based on the Laravel PHP framework • Authentication / Authorization is done with OpenID Connect
16 · www.nic.at ICANN69 vTechDay · Status public nic.at GmbH Jakob-Haringer-Str. 8/V · 5020 Salzburg · Austria T +43 662 4669 - 34 · F -29 alexander.mayrhofer@nic.at · www.nic.at

Recommended

RPKI Trust Anchor
RPKI Trust AnchorRPKI Trust Anchor
RPKI Trust AnchorAPNIC
 
Lantea platform
Lantea platformLantea platform
Lantea platformNeuzilla
 
Managing Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodeManaging Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodenexB Inc.
 
nexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Inc.
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...Junho Suh
 
Telco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalTelco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalJunho Suh
 
Database ingest with Apache NiFi and MiNiFi
Database ingest with Apache NiFi and MiNiFiDatabase ingest with Apache NiFi and MiNiFi
Database ingest with Apache NiFi and MiNiFiLucian Neghina
 
TLD Launch Process Experiences & Registry Onboarding from ICANN 49
TLD Launch Process Experiences & Registry Onboarding from ICANN 49TLD Launch Process Experiences & Registry Onboarding from ICANN 49
TLD Launch Process Experiences & Registry Onboarding from ICANN 49ICANN
 

Recommended

RPKI Trust Anchor
RPKI Trust AnchorRPKI Trust Anchor
RPKI Trust AnchorAPNIC
 
Lantea platform
Lantea platformLantea platform
Lantea platformNeuzilla
 
Managing Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodeManaging Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodenexB Inc.
 
nexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Inc.
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...Junho Suh
 
Telco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalTelco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalJunho Suh
 
Database ingest with Apache NiFi and MiNiFi
Database ingest with Apache NiFi and MiNiFiDatabase ingest with Apache NiFi and MiNiFi
Database ingest with Apache NiFi and MiNiFiLucian Neghina
 
TLD Launch Process Experiences & Registry Onboarding from ICANN 49
TLD Launch Process Experiences & Registry Onboarding from ICANN 49TLD Launch Process Experiences & Registry Onboarding from ICANN 49
TLD Launch Process Experiences & Registry Onboarding from ICANN 49ICANN
 
Identifying third party software with ScanCode
Identifying third party software with ScanCodeIdentifying third party software with ScanCode
Identifying third party software with ScanCodenexB Inc.
 
Open source software governance with DejaCode
Open source software governance with DejaCodeOpen source software governance with DejaCode
Open source software governance with DejaCodenexB Inc.
 
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?PROIDEA
 
Managing Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EraManaging Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EranexB Inc.
 
nexB - Software audit for product release
nexB - Software audit for product releasenexB - Software audit for product release
nexB - Software audit for product releasenexB Inc.
 
Opa microservice authorization
Opa microservice authorizationOpa microservice authorization
Opa microservice authorizationAnders Eknert
 
Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?APNIC
 
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...Neo4j
 
Webinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert MetzgerWebinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert MetzgerVerverica
 
Managing Open Source Software Supply Chains
Managing Open Source Software Supply ChainsManaging Open Source Software Supply Chains
Managing Open Source Software Supply ChainsnexB Inc.
 
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The ServicesLynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The ServicesLynx Project
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with DejacodenexB Inc.
 
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - OverviewLynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - OverviewLynx Project
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBnexB Inc.
 
Securing global routing system and operators approach
Securing global routing system and operators approachSecuring global routing system and operators approach
Securing global routing system and operators approachAPNIC
 
The missing signalling layer for WebRTC
The missing signalling layer for WebRTCThe missing signalling layer for WebRTC
The missing signalling layer for WebRTCWebRTCConferenceJapan
 
DEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIsDEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIsCisco DevNet
 
14121725(1).ppt
14121725(1).ppt14121725(1).ppt
14121725(1).pptAStainsLivingstone
 
Peering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for PeeringPeering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for PeeringAPNIC
 
OASIS OAXAL Presentation
OASIS OAXAL PresentationOASIS OAXAL Presentation
OASIS OAXAL PresentationAndrzej Zydroń MBCS
 
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationAPNIC
 
btNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPbtNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPAPNIC
 

More Related Content

What's hot

Identifying third party software with ScanCode
Identifying third party software with ScanCodeIdentifying third party software with ScanCode
Identifying third party software with ScanCodenexB Inc.
 
Open source software governance with DejaCode
Open source software governance with DejaCodeOpen source software governance with DejaCode
Open source software governance with DejaCodenexB Inc.
 
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?PROIDEA
 
Managing Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EraManaging Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EranexB Inc.
 
nexB - Software audit for product release
nexB - Software audit for product releasenexB - Software audit for product release
nexB - Software audit for product releasenexB Inc.
 
Opa microservice authorization
Opa microservice authorizationOpa microservice authorization
Opa microservice authorizationAnders Eknert
 
Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?APNIC
 
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...Neo4j
 
Webinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert MetzgerWebinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert MetzgerVerverica
 
Managing Open Source Software Supply Chains
Managing Open Source Software Supply ChainsManaging Open Source Software Supply Chains
Managing Open Source Software Supply ChainsnexB Inc.
 
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The ServicesLynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The ServicesLynx Project
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with DejacodenexB Inc.
 
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - OverviewLynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - OverviewLynx Project
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBnexB Inc.
 
Securing global routing system and operators approach
Securing global routing system and operators approachSecuring global routing system and operators approach
Securing global routing system and operators approachAPNIC
 
The missing signalling layer for WebRTC
The missing signalling layer for WebRTCThe missing signalling layer for WebRTC
The missing signalling layer for WebRTCWebRTCConferenceJapan
 
DEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIsDEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIsCisco DevNet
 
Peering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for PeeringPeering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for PeeringAPNIC
 

What's hot (20)

Identifying third party software with ScanCode
Identifying third party software with ScanCodeIdentifying third party software with ScanCode
Identifying third party software with ScanCode
 
Open source software governance with DejaCode
Open source software governance with DejaCodeOpen source software governance with DejaCode
Open source software governance with DejaCode
 
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
PLNOG 9: Ivan Pepelnjak - OpenFlow and SDN: hype, useful tools or panacea?
 
Managing Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EraManaging Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub Era
 
nexB - Software audit for product release
nexB - Software audit for product releasenexB - Software audit for product release
nexB - Software audit for product release
 
Opa microservice authorization
Opa microservice authorizationOpa microservice authorization
Opa microservice authorization
 
Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?
 
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
Neo4j GraphTalks Milan - CONOSCERE ED INTEGRARE CON SUCCESSO NEO4J NELLA TUA ...
 
Webinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert MetzgerWebinar: How to contribute to Apache Flink - Robert Metzger
Webinar: How to contribute to Apache Flink - Robert Metzger
 
Managing Open Source Software Supply Chains
Managing Open Source Software Supply ChainsManaging Open Source Software Supply Chains
Managing Open Source Software Supply Chains
 
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The ServicesLynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
Lynx Webinar #4: Lynx Services Platform (LySP) - Part 2 - The Services
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with Dejacode
 
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - OverviewLynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
Lynx Webinar #3: Lynx Services Platform (LySP) - Part 1 - Overview
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
 
Securing global routing system and operators approach
Securing global routing system and operators approachSecuring global routing system and operators approach
Securing global routing system and operators approach
 
The missing signalling layer for WebRTC
The missing signalling layer for WebRTCThe missing signalling layer for WebRTC
The missing signalling layer for WebRTC
 
DEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIsDEVNET-1166 Open SDN Controller APIs
DEVNET-1166 Open SDN Controller APIs
 
14121725(1).ppt
14121725(1).ppt14121725(1).ppt
14121725(1).ppt
 
Peering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for PeeringPeering Asia 2.0: RPKI for Peering
Peering Asia 2.0: RPKI for Peering
 
OASIS OAXAL Presentation
OASIS OAXAL PresentationOASIS OAXAL Presentation
OASIS OAXAL Presentation
 

Similar to RDAP @ .at

ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationAPNIC
 
btNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPbtNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPAPNIC
 
31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKIAPNIC
 
RESTful web
RESTful webRESTful web
RESTful webAlvin Qi
 
SANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationSANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationAPNIC
 
ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS ReplacementICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS ReplacementICANN
 
MyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesMyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesAPNIC
 
The Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesThe Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesMyNOG
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftRX-M Enterprises LLC
 
Restful风格ž„web服务架构
Restful风格ž„web服务架构Restful风格ž„web服务架构
Restful风格ž„web服务架构Benjamin Tan
 
Api FUNdamentals #MHA2017
Api FUNdamentals #MHA2017Api FUNdamentals #MHA2017
Api FUNdamentals #MHA2017JoEllen Carter
 
Better Search and Business Analytics at Southern Glazer’s Wine & Spirits
Better Search and Business Analytics at Southern Glazer’s Wine & SpiritsBetter Search and Business Analytics at Southern Glazer’s Wine & Spirits
Better Search and Business Analytics at Southern Glazer’s Wine & SpiritsElasticsearch
 
Edward King SPEDDEXES 2014
Edward King SPEDDEXES 2014Edward King SPEDDEXES 2014
Edward King SPEDDEXES 2014aceas13tern
 
Modern web application development with java ee 7
Modern web application development with java ee 7Modern web application development with java ee 7
Modern web application development with java ee 7Shekhar Gulati
 
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...Jean Vanderdonckt
 
Stateful Interaction In Serverless Architecture With Redis: Pyounguk Cho
Stateful Interaction In Serverless Architecture With Redis: Pyounguk ChoStateful Interaction In Serverless Architecture With Redis: Pyounguk Cho
Stateful Interaction In Serverless Architecture With Redis: Pyounguk ChoRedis Labs
 
Api fundamentals
Api fundamentalsApi fundamentals
Api fundamentalsAgileDenver
 
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...Dart Past Your Competition by Getting Your Digital Experience into Market Fas...
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...Perficient, Inc.
 

Similar to RDAP @ .at (20)

ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
 
btNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPbtNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAP
 
31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI
 
RESTful web
RESTful webRESTful web
RESTful web
 
SANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationSANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generation
 
ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS ReplacementICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS Replacement
 
MyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesMyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry Services
 
The Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesThe Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry Services
 
Building high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache ThriftBuilding high performance microservices in finance with Apache Thrift
Building high performance microservices in finance with Apache Thrift
 
Restful风格ž„web服务架构
Restful风格ž„web服务架构Restful风格ž„web服务架构
Restful风格ž„web服务架构
 
Understanding Web services
Understanding Web servicesUnderstanding Web services
Understanding Web services
 
Novinky v Oracle Database 18c
Novinky v Oracle Database 18cNovinky v Oracle Database 18c
Novinky v Oracle Database 18c
 
Api FUNdamentals #MHA2017
Api FUNdamentals #MHA2017Api FUNdamentals #MHA2017
Api FUNdamentals #MHA2017
 
Better Search and Business Analytics at Southern Glazer’s Wine & Spirits
Better Search and Business Analytics at Southern Glazer’s Wine & SpiritsBetter Search and Business Analytics at Southern Glazer’s Wine & Spirits
Better Search and Business Analytics at Southern Glazer’s Wine & Spirits
 
Edward King SPEDDEXES 2014
Edward King SPEDDEXES 2014Edward King SPEDDEXES 2014
Edward King SPEDDEXES 2014
 
Modern web application development with java ee 7
Modern web application development with java ee 7Modern web application development with java ee 7
Modern web application development with java ee 7
 
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
An Open Source Workbench for Prototyping Multimodal Interactions Based on Off...
 
Stateful Interaction In Serverless Architecture With Redis: Pyounguk Cho
Stateful Interaction In Serverless Architecture With Redis: Pyounguk ChoStateful Interaction In Serverless Architecture With Redis: Pyounguk Cho
Stateful Interaction In Serverless Architecture With Redis: Pyounguk Cho
 
Api fundamentals
Api fundamentalsApi fundamentals
Api fundamentals
 
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...Dart Past Your Competition by Getting Your Digital Experience into Market Fas...
Dart Past Your Competition by Getting Your Digital Experience into Market Fas...
 

More from Alex Mayrhofer

Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?
Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?
Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?Alex Mayrhofer
 
RRDG Data Sharing Specifications
RRDG Data Sharing SpecificationsRRDG Data Sharing Specifications
RRDG Data Sharing SpecificationsAlex Mayrhofer
 
DNS Magnitude - DNSheads Vienna #6
DNS Magnitude - DNSheads Vienna #6DNS Magnitude - DNSheads Vienna #6
DNS Magnitude - DNSheads Vienna #6Alex Mayrhofer
 
Encrypted DNS research @ nic.at
Encrypted DNS research @ nic.atEncrypted DNS research @ nic.at
Encrypted DNS research @ nic.atAlex Mayrhofer
 
Encrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSEncrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSAlex Mayrhofer
 

More from Alex Mayrhofer (7)

Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?
Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?
Die Registry als Kristallkugel - verrät uns das DNS etwas über die Zukunft?
 
RRDG Data Sharing Specifications
RRDG Data Sharing SpecificationsRRDG Data Sharing Specifications
RRDG Data Sharing Specifications
 
DNS Magnitude - DNSheads Vienna #6
DNS Magnitude - DNSheads Vienna #6DNS Magnitude - DNSheads Vienna #6
DNS Magnitude - DNSheads Vienna #6
 
DNSheads Vienna #6
DNSheads Vienna #6DNSheads Vienna #6
DNSheads Vienna #6
 
Encrypted DNS research @ nic.at
Encrypted DNS research @ nic.atEncrypted DNS research @ nic.at
Encrypted DNS research @ nic.at
 
DNSheads Vienna #5
DNSheads Vienna #5DNSheads Vienna #5
DNSheads Vienna #5
 
Encrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPSEncrypted DNS - DNS over TLS / DNS over HTTPS
Encrypted DNS - DNS over TLS / DNS over HTTPS
 

Recently uploaded

Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...SUHANI PANDEY
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...kajalverma014
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 

Recently uploaded (20)

Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Bilaspur Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 

RDAP @ .at

  • 1. 1 · www.nic.at ICANN69 vTechDay · Status public RDAP @ .at ICANN69 vTechday ICANN69 vTechDay · Status public 2020-10-19 · Alex Mayrhofer · Head of R&D · alexander.mayrhofer@nic.at
  • 2. 2 · www.nic.at ICANN69 vTechDay · Status public Agenda • RDAP: Brief overview • RDAP @ .at: Project reasoning & goals • High-level Architecture • Implementation details • Current features • Future plans
  • 3. 3 · www.nic.at ICANN69 vTechDay · Status public Registration Data Access Protocol • WHOIS (RFC 954, 1985)  Very simple / old protocol  No encryption  non-ASCII text is hard  No data format  „command line“ protocol • RDAP (RFC 7482, 2015!)  New! Shiny!  Web-based (Encryption, UTF8, Clients)!  Data in structured JSON!
  • 4. 4 · www.nic.at ICANN69 vTechDay · Status public Project Reasoning • The CERT angle  Austrian CERT is an in-house department of the ccTLD  CERT requires access to domain registration details..  Let‘s use RDAP! • The ccTLD angle  RDAP will likely replace WHOIS at some point  Create a prototype-level implementation  Gain experience for potential public service
  • 5. 5 · www.nic.at ICANN69 vTechDay · Status public Project Goals • Create an RDAP server to provide domain registration details to CERT • Integrate with the available data sources • Test-drive „advanced“ RDAP topics  Authentication (OpenID Connect / JWT)  Differentiated Access  Searches
  • 6. 6 · www.nic.at ICANN69 vTechDay · Status public Architecture – Data Sources RDAP core Additional Contacts • RDAP „core“  Provides full (unredacted) domain and entity data • Supplemental contacts  Provides additional entities • Data Warehouse  Searches • How to combine these?
  • 7. 7 · www.nic.at ICANN69 vTechDay · Status public Architecture - Frontend RDAP core Frontend (RDAP Web App) Caching (Redis) OpenID Authentication • Faces the RDAP Clients • Collects data from sources • Assembles responses • Performs authentication / authorization  Differentiated Access  Data Filtering  Access Controls (Search!)  Rate Limiting  Logging / Auditing
  • 8. 8 · www.nic.at ICANN69 vTechDay · Status public Implementation RDAP core • RDAP data provided directly from the Registry database  PostgreSQL database procedures  Directly produces JSON  (same strategy for existing WHOIS server) • Always provides the full (unredacted) data • Doesn‘t care about users, roles, rate limiting („Additional contacts“: PostgreSQL database, accessed via SQL)
  • 9. 9 · www.nic.at ICANN69 vTechDay · Status public Implementation „Frontend“ • „RDAP is a web service“ • Therefore, let‘s use a web framework! • Laravel (PHP)  Extensive Knowledge available in-house  Model/View/Controller pattern  Tons of features, flexible, but steep learning curve
  • 10. 10 · www.nic.at ICANN69 vTechDay · Status public Current Features • „Pipe-through“ of RDAP data from RDAP core source • „Enrich“ registrar information with supplemental contact information • Authentication / Authorization  Currently via nic.at internal authentication infrastructure Who‘s asking?
  • 11. 11 · www.nic.at ICANN69 vTechDay · Status public A few details… • Authentication / Authorization  OpenID Connect  Identity Provider: Keycloak  Existing infrastructure @ nic.at • jCard Handling  This is … tiring..  Sabre vObject PHP library to the rescue • Rate Limiting  Laravel „Middleware“ https://www.keycloak.org/
  • 12. 12 · www.nic.at ICANN69 vTechDay · Status public Frontend Infrastructure • Docker-based, currently 3 containers  Web-Server (nginx)  Scripting-Engine (PHP-FPM) -> Laravel  Caching Layer (Redis) (Frontend only, data Sources are outside of that docker host)
  • 13. 13 · www.nic.at ICANN69 vTechDay · Status public Challenges • jCard is hard to parse / create  Use of Sabre vObject PHP library • Validation / Testing  RDAP has a decently complex structure – are we doing the right thing?  First „validation“ steps with openrdap client  Server is internal, so web-based validation services do not work • Laravel is very flexible and mighty  Some tasks require just a single line of code!  But it also has 4822 buttons to press.. Photo by Leonel Fernandez on Unsplash
  • 14. 14 · www.nic.at ICANN69 vTechDay · Status public Next steps • Machine-to-machine authentication / API Tokens  Probably moving to long-lived JWTs  Addition of a web interface to manage those tokens • Differentiated Access  Goal: Have a „script language“ for filtering + templates  Looking at jq / libjq and respective PHP bindings • Searches  Addition of new data source „Data Ware House“  Conflict between requirements and currently existing RDAP search specifications – custom extension?
  • 15. 15 · www.nic.at ICANN69 vTechDay · Status public Summary / Questions? • We‘ve created an internal RDAP server to expose the .at registration details to the local in-house CERT in a standardized way • This also serves as a prototype to explore the path to a future public service. • The server uses multiple data sources as backends (RDAP core, supplemental contacts DB, data warehouse – searches!) • The RDAP Frontend interacts with the client, assembles/filters responses, and is based on the Laravel PHP framework • Authentication / Authorization is done with OpenID Connect
  • 16. 16 · www.nic.at ICANN69 vTechDay · Status public nic.at GmbH Jakob-Haringer-Str. 8/V · 5020 Salzburg · Austria T +43 662 4669 - 34 · F -29 alexander.mayrhofer@nic.at · www.nic.at