SlideShare a Scribd company logo

Registration data access protocol what's next? icann53

ICANN
ICANN

This document discusses RDAP (Registration Data Access Protocol) and provides guidance on RDAP compliance. It outlines requirements for RDAP queries, responses, bootstrapping, reporting and more. The document establishes an RDAP profile to map WHOIS requirements to the new RDAP standard in a standardized way.

1 of 49
Download to read offline
RDAP: What’s Next? Francisco Arias & Marc Blanchet | ICANN 53 | 24 June 2015
| 2 Introduction & Background Registry Specifics Registrar Specifics Issues, Conclusion and Next Steps 1 2 3 4 5 6 Agenda RDAP Protocol Compliance Responses
| 3 ¤  Unformatted ¤  Not internationalized ¤  Unauthenticated ¤  Insecure ¤  Unable to provide differentiated service ¤  Non-extensible ¤  No bootstrapping mechanism ¤  Lack of standardized redirection/reference Limitations of (port-43) WHOIS
| 4 ¤  SSAC’s SAC 051 Advisory (19 Sep 2011): The ICANN community should evaluate and adopt a replacement domain name registration data access protocol ¤  Board resolution adopting SAC 051 (28 October 2011) ¤  Roadmap to implement SAC 051 (4 June 2012) ¤  Registration Data Access Protocol (RDAP) community development within IETF working group started in 2012 ¤  Contractual provisions in .com, .name, .biz, .info, .org, 2012 Registry Agreement and 2013 Registrar Accreditation Agreement ¤  RDAP Request for Comments (RFCs) published in March 2015 History on Replacing the WHOIS Protocol
| 5 ¤  Intended to replace the WHOIS (port-43) protocol ¤  Provides flexibility to support various policies ¤  Provide benefits improving on weaknesses in the WHOIS protocol ¤  Designed with the knowledge of a now mature industry RDAP Goals
| 6 ¤ Structured queries and responses ¤ Modern (RESTful API, JSON responses) ¤ Web application friendly ¤ Extensible, while managed ¤ IANA registry to list extensions ¤ Authentication/authorization capabilities ¤ Through standard web ¤ Flexible method for identifying authoritative sources RDAP Features
| 7 ¤  Queries: •  https://example.com/rdap/domain/blah.example.com •  https://example.com/rdap/domains?name=example*.com •  https://example.com/rdap/nameserver/ns1.example.co •  https://example.com/rdap/ip/192.0.2.0 •  https://example.com/rdap/autnum/12 ¤  Responses (two pages long for one response): { "objectClassName" : "domain", "handle" : "XXXX", "ldhName" : "xn--fo-5ja.example", "unicodeName" : "foo.example", "variants" : [ { "relation" : [ "registered", "conjoined" ], "variantNames" : [ { "ldhName" : "xn--fo-cka.example", "unicodeName" : "foo.example" }, { "ldhName" : "xn--fo-fka.example”, RDAP Examples
| 8 ¤ How long after RDAP deployment to turn off (port-43) WHOIS? ¤ Should the requirement to offer web-based (HTML) RDDS remain? ¤ How to map current RDDS (WHOIS) policy and contractual requirements in RDAP? Open Questions
| 9 ¤ Why do we need an RDAP profile? ¤ RFC must, should, etc… ¤ RDAP RFCs are transport protocols ¤ Do not specify which elements are required ¤ What are the details of the elements, etc. ¤ Evolution from WHOIS to RDAP ¤ Mapping the WHOIS ICANN requirements (RA, RAA, Advisories) to the new protocol using RDAP features, including updating terminology (RDDS = WHOIS, web + RDAP) Need for an RDAP Profile
RDAP Protocol Compliance
| 11 Profile Topic Reference The RDAP service MUST be compliant with the following Internet Engineering Task Force (IETF) documents: o RFC7480 - HTTP Usage in the Registration Data Access Protocol (RDAP) o RFC7481 - Security Services for the Registration Data Access Protocol (RDAP) o RFC7482 - Registration Data Access Protocol Query Format (RDAP) o RFC7483 - JSON Responses for the Registration Data Access Protocol (RDAP) o RFC7484 - Finding the Authoritative Registration Data Service (RDAP) RFC7480, 7481, 7482, 7483, 7484 The RDAP service MUST only support HTTPS IAB Statement
| 12 Profile (cont.) Topic Reference The RDAP service MUST support both GET and HEAD types of HTTP methods. HEAD requests are used to verify the existence of an object in the database, as specified in RFC7480 RFC7480, S4.1 RDAP extensions, if used, MUST be registered in the IANA RDAP Extensions registry, as defined in RFC7480 RFC7480, S6 RDAP conformance object: an rdapConformance object MUST be present in the topmost object of every response. It MUST contain the conformance level of the RDAP protocol and of any extension, as specified in RFC7483 RFC7483, S4.1
| 13 Profile (cont.) Topic Reference RDAP services MUST be available over both IPv4 and IPv6 transport RA Spec 6 s1.5, RAA s3.3.1 RDAP servers SHOULD avoid inserting JSON members that are not part of a registered extension RFC7480, s6
Responses to RDAP Queries
| 15 Profile Topic Reference Internationalized (IDN) RDAP queries of domains MUST be supported if the target TLD supports internationalized domains RA S 6 1.4, RAA RDDS 1. and RAA AROS 3, ICANN idn- guidelines-2011-09-02- en Servers MAY include a language identifier member in RDAP objects, with the exception of jCard objects, as described in RFC7483 section 4.4 RFC7483 4.4 RDAP servers MAY answer requests with data in multiple languages, if the data is available RFC7480 9.2
| 16 Profile (cont.) Topic Reference JCard contact objects MAY include language property parameters for the contact names (n, fn), organization (org) and address (adr) properties RFC7483 4.4, RFC6350 5.1, RFC7095 The content of RDAP answers is expected to be the same across all RDDS services RA S 4 1. The case sensitiveness of the data returned in RDAP responses MUST be preserved RDDS Clarification Advisory 19
| 17 Profile (cont.) Topic Reference Leading and trailing space or spaces SHOULD NOT appear in the RDAP data RDDS Clarification Advisory 16. RDAP responses MUST NOT contain carriage return and line feed characters, except in JCard unstructured addresses. As described in RFC7483 section 4.3, large fields such as notices and remarks may be divided in separate strings to improve readability RDDS Clarification Advisory 20 The RDAP server terms of service MUST be specified in the “notices” object in the topmost JSON object of the response RA S 4 1.5 and 1.7.2, RAA RDDS S 1.4.2
| 18 Profile (cont.) Topic Reference In contact entities, the Phone Number elements are inserted as “tel” properties with a “voice” type parameter. Optional Fax Number elements are inserted as “tel” properties with a “fax” type parameter, as specified in RFC6350, the vCard Format Specification RA S 4 1.5.2 and 1.6.2, RAA RDDS S 1.4.2 RDAP Help queries MUST be answered and provide a reference (link) to usage information, policy and other explanatory material RFC7483 7 Truncated responses MUST contain a notices member describing the reason of the truncation. The notices object type MUST be of the form “Response truncated due to {authorization|load|unexplainable reason}” RFC7483 9
| 19 Profile (cont.) Topic Reference Truncated objects MUST contain a remarks member describing the reason of the truncation. The remarks object type MUST follow the form “Result set truncated due to {authorization|load|unexplainable reason}” RFC7483 9
Responses to Domain Name RDAP Queries
| 21 Profile Topic Reference The top-level “notices” object MUST contain the name of the responding server, a short description and a referral URL within its “links” member RA S 4 1.5 and 1.7.2, RAA RDDS S 1.4.2 The top-level "domain" object MUST contain the Domain ID in the “handle” member RA S 4 1.5.2, RAA RDDS S 1.4.2 The top-level "domain" object MUST contain the a-label form of the domain in the “ldhName” member RFC7483 5.3, RDDS Clarification Advisory 5
| 22 Profile (cont.) Topic Reference The top-level "domain" object MUST contain the internationalized Domain Name in u-label form in the “unicodeName” member, if the domain name is an IDN RFC7483 5.3, RDDS Clarification Advisory 6 The top-level domain object MUST contain a list of all current domain statuses in the “status” member. The status MUST be valid status types per IANA’s RDAP JSON Values registry RA S 4 1.8, RAA RDDS S 1.5, RFC7483 4.6, 10.2.2 The domain object MUST contain a publicIDs member to identify the IANA registrar identifier from IANA’s Registrar ID registry. The “type” value of the publicIDs object MUST be equal to "IANA Registrar ID" RA S 4 1.5.2 and 1.10.3, RAA RDDS S 1.4.2, RFC7483 4.8, 5.3
| 23 Profile (cont.) Topic Reference The domain object MUST contain the Name Servers information for the domain in the nameservers member. Each nameserver object MUST contain the following members: handle, ldhName, status, remarks, links. Each nameserver MAY contain the following members, if known: ipAddresses, unicodeName, port43, events RA S 4 1.5.2, RAA RDDS S 1.4.2, RFC7483 5.2 and 5.3 The domain object MUST contain entities with the following roles (defined in IANA’s RDAP JSON Values registry1), each of them with a handle and valid fields “fn,” “n,” “adr,” “tel,” “email”: registrant, administrative, technical, registrar RA S 4 1.5.2, RAA RDDS S 1.4.2, RDDS Clarification Advisory 27 The domain object MUST contain the following events: An event of evenAction type “registration,” with the Creation Date of the domain. An event of eventAction type “expiration,” with the Domain Expiration date of the domain. An event of evenAction type “last changed” containing the last update date and time RA S 4 1.5.2 and RAA RDDS 1.4.2
| 24 Profile (cont.) Topic Reference The domain object MAY contain the following events: o An event of eventAction type “last transferred,” with the last transferred date of the domain RFC7483 10.2.3 Contact entities SHOULD use jCard structured addresses RDDS Clarification Advisory 20, RFC7095 If, for this domain, variants with a status of “registered” exist, the domain object SHOULD contain a “variants” member (RFC7483 section 10.2.5). The variants relation members MUST be values of the “domain variant relation” type in the IANA RDAP JSON Values registry RFC7483 5.3, RDDS Clarification Advisory 11
| 25 Profile (cont.) Topic Reference The status member value of RDAP nameserver and entity objects MUST conform to the values defined in IANA’s RDAP JSON Values1 of “status” type (originally defined in RFC7483 section 10.2.2) RFC7483 5.3 and 10.2.2 The status member of a domain object MUST use an RDAP status that matches the EPP Status codes listed on ICANN’s EPP Status Code (https:// www.icann.org/resources/pages/epp-status-codes-2014-06-16-en) RFC7483 4.6, 5.3 and 10.2.2. RA S 4 1.5.2 and 1.8, RAA RDDS S 1.4. and 1.5, RDDS Cl. Advisory 7 A domain object MUST contain a “remarks” member with a title “EPP Status Codes,” a description containing the string “For more information on domain status codes, please visit https://icann.org/epp” and a links member with the “https://icann.org/epp” URL RDDS Clarification Advisory 23, ICANN AWIP
| 26 Profile (cont.) Topic Reference The domain object MUST contain the secureDNS member and related data (specified in RFC7483 section 5.3 and annex D), if known by the server RFC7483 5.3, RDDS Cl. Advisory 10., RA S 4 1.5.2, RAA RDDS S 1.4.2 and RAA AROS 1 The returned domain name object MUST contain registrant entities with the “registrant,” “technical” and “administrative” roles RAA RDDS S 1.4.2, RDDS Cl. Advisory 46
Registry Registration Data Directory Services Responses to RDAP Queries
| 28 Profile Topic Reference Registries offering searchable WHOIS service (per exhibit A of their Registry Agreement) MUST support RDAP search requests for domains and entities. Entities MUST be searchable by name search pattern as defined in RFC7482 section 3.2.3 in order to allow for searches by contact name or address. Nameserver object search is optional RA S 4 1.10, RDDS Cl. Advisory 34, 40 Binary search capabilities (AND, OR) MUST be supported, when a RFC defining this capability is available RA S 4 1.10.4
Registry Registration Data Directory Services Reporting Requirements
| 30 Profile Topic Reference Specification 3 of the RA specifies the format and content of the monthly reporting for registry operators. The following fields are added to the Registry Functions Activity Report under section 2: RA S 3 1. and 2
| 31 Profile (cont.)
Registry Registration Data Directory Services Bootstrapping Requirements
| 33 Profile Topic Reference The base URL of RDAP services MUST be registered in the IANA Bootstrap Service Registry for Domain Name Space, as described in RFC7484. A separate entry is required for each TLD RFC7484 4 When the RDAP service base URL need to be changed, the previous URL and the new one MUST remain in operation until the IANA Bootstrap Registry for Domain Name Space is updated RFC7484 4 The bootstrap service entry must be populated only once the RDAP service is available over both IPv4 and IPv6 (A and AAAA records are present RA S 6 1.5, RAA 3.3.1
Registry Registration Data Directory Services Entity RDAP Queries
| 35 Profile Topic Reference Registrar object lookup using an entity search on the “fn” field MUST be supported RA S 4 1.6, 1.10.3 Registries MUST support queries for registrar objects using the IANA ID of the registrar, when a RFC defining this capability is available RA S 4 1.10.4 The returned entity object MAY have a “notices” member containing the name of the responding server, a short description and a referral URL within its “links” member RA S 4 1.6.2
| 36 Profile (cont.) Topic Reference The returned object MUST contain entities with the following roles, each of them with a handle and valid fields “fn,” “n,” “adr,” “tel,” “email”: o Registrar o Administrative (registrar administrative) o Technical (registrar technical) RA S 4 1.6.2, RDDS Cl. Advisory 31 The returned object MUST contain an event of evenAction type “last changed” containing the date and time of the last update
Registry Registration Data Directory Services Nameserver RDAP Queries
| 38 Profile Topic Reference Registries MUST support nameserver queries based on name server’s name or name server’s IP address (applies to glue records only) RA S 4 1.10.3 The Server Name MUST be specified in the ldhName RA S 4 1.7.2, RDDS Cl. Advisory 5. All known glue record IPv4 and IPv6 addresses for the server MUST be listed in the ipAddresses member RA S 4 1.7.2
| 39 Profile (cont.) Topic Reference The unicodeName member MAY be present if the nameserver has an IDN name RDDS Cl. Advisory 6 The returned object MUST contain an entity with the “registrar” role when registry supports host objects RDDS Cl. Advisory 27. The returned object MAY have a “notices” member containing the name of the responding server, a short description and a referral URL within its “links” member RDDS Cl. Advisory 27.
| 40 Profile (cont.) Topic Reference The returned object MAY contain an event of evenAction type “last changed” containing the date and time of the last update
Registrar Registration Data Directory Services Responses to RDAP Domain Name Queries
| 42 Profile Topic Reference The returned domain name object MUST contain registrar entities with the “abuse” roles RDDS Cl. Advisory 50 The returned domain name object MAY contain an entity with the “reseller” role RDDS Cl. Advisory 51
Registrar Registration Data Directory Services RDAP Referrals
| 44 Profile Topic Reference A Registrar that does not possess the information for a particular query MUST redirect the request to an appropriate party, as described in RFC7480 section 5.2 RFC7480 5.2
Remaining Issues
| 46 ¤  Extensible Provisioning Protocol (EPP) status codes not fully mapped into RDAP status codes •  Draft-gould-epp-rdap-status-mapping suggests to add RDAP codes to have a full mapping ¤  Lookup by IANA Registrar ID is not defined in base RDAP RFCs •  To be updated ¤  Logical operators for search criteria (AND, OR, NOT) are not defined in base RDAP RFCs •  To be updated ¤  How to provide Registrar RDAP base URL in the initial Registry RDAP response? •  To be determined Remaining Issues
Conclusion and Next Steps
| 48 ¤ RDAP Profile necessary for gTLD registry and registrar operators to adhere to existing policies and contractual terms ¤ A few issues have been identified around underspecified topics in RFCs ¤ Open question on when to retire WHOIS and whether to keep web-based (HTML) requirement ¤ Question on how to provide reference to registrar data ¤ RDAP Profile to be posted for Community Review Conclusion and Next Steps
| 49 Reach us at: Website: icann.org Thank You and Questions gplus.to/icann weibo.com/ICANNorg flickr.com/photos/icann slideshare.net/icannpresentations twitter.com/icann facebook.com/icannorg linkedin.com/company/icann youtube.com/user/icannnews Engage with ICANN

Recommended

ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS ReplacementICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN
 
ccTLD BEST PRACTICE
ccTLD BEST PRACTICEccTLD BEST PRACTICE
ccTLD BEST PRACTICE
Francis Amaning
 
OpenChain, SPDX and FOSSology
OpenChain, SPDX and FOSSologyOpenChain, SPDX and FOSSology
OpenChain, SPDX and FOSSology
Shane Coughlan
 
Icann Presentation @OBP Milano 18 novembre2009
Icann Presentation @OBP Milano 18 novembre2009Icann Presentation @OBP Milano 18 novembre2009
Icann Presentation @OBP Milano 18 novembre2009Register.it
 
introduction to ldap
introduction to ldapintroduction to ldap
introduction to ldap
Thevakumar Presanth
 
Thick whois policy implementation meeting with the irt icann53
Thick whois policy implementation meeting with the irt icann53Thick whois policy implementation meeting with the irt icann53
Thick whois policy implementation meeting with the irt icann53ICANN
 
31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI
APNIC
 
btNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPbtNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAP
APNIC
 

Recommended

ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS ReplacementICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN 51: Deploying the IETF’s WHOIS Replacement
ICANN
 
ccTLD BEST PRACTICE
ccTLD BEST PRACTICEccTLD BEST PRACTICE
ccTLD BEST PRACTICE
Francis Amaning
 
OpenChain, SPDX and FOSSology
OpenChain, SPDX and FOSSologyOpenChain, SPDX and FOSSology
OpenChain, SPDX and FOSSology
Shane Coughlan
 
Icann Presentation @OBP Milano 18 novembre2009
Icann Presentation @OBP Milano 18 novembre2009Icann Presentation @OBP Milano 18 novembre2009
Icann Presentation @OBP Milano 18 novembre2009Register.it
 
introduction to ldap
introduction to ldapintroduction to ldap
introduction to ldap
Thevakumar Presanth
 
Thick whois policy implementation meeting with the irt icann53
Thick whois policy implementation meeting with the irt icann53Thick whois policy implementation meeting with the irt icann53
Thick whois policy implementation meeting with the irt icann53ICANN
 
31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI31st TWNC IP OPM and TWNOG: RDAP and RPKI
31st TWNC IP OPM and TWNOG: RDAP and RPKI
APNIC
 
btNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAPbtNOG 6: Next Generation Internet Registry Services - RDAP
btNOG 6: Next Generation Internet Registry Services - RDAP
APNIC
 
Sip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaperSip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaper
sirajsamad
 
SANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationSANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generation
APNIC
 
IANA: Who, What, Why?
IANA: Who, What, Why?IANA: Who, What, Why?
IANA: Who, What, Why?
APNIC
 
SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs
APNIC
 
RPKI Tutorial
RPKI Tutorial RPKI Tutorial
RPKI Tutorial
Bangladesh Network Operators Group
 
RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)
Fakrul Alam
 
Ukgovld registry-intro
Ukgovld registry-introUkgovld registry-intro
Ukgovld registry-introDave Reynolds
 
LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...
Nandana Mihindukulasooriya
 
RPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP MirroringRPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP Mirroring
APNIC
 
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
APNIC
 
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang WangApache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Databricks
 
Registry improvements update
Registry improvements updateRegistry improvements update
Registry improvements update
APNIC
 
Open API Architectural Choices Considerations
Open API Architectural Choices ConsiderationsOpen API Architectural Choices Considerations
Open API Architectural Choices Considerations
Dominiek ter Heide
 
IRR Tutorial and RPKI Demo
IRR Tutorial and RPKI DemoIRR Tutorial and RPKI Demo
IRR Tutorial and RPKI Demo
APNIC
 
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
APNIC
 
MyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesMyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry Services
APNIC
 
The Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesThe Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry Services
MyNOG
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentation
Naveen Jakhar, I.T.S
 
Registry Technical Training
Registry Technical TrainingRegistry Technical Training
Registry Technical Training
Dave Reynolds
 
A year on the Semantic Web @ W3C
A year on the Semantic Web @ W3CA year on the Semantic Web @ W3C
A year on the Semantic Web @ W3C
Ivan Herman
 
Call for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PTCall for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PT
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZHCall for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZH
ICANN
 

More Related Content

Similar to Registration data access protocol what's next? icann53

Sip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaperSip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaper
sirajsamad
 
SANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationSANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generation
APNIC
 
IANA: Who, What, Why?
IANA: Who, What, Why?IANA: Who, What, Why?
IANA: Who, What, Why?
APNIC
 
SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs
APNIC
 
RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)
Fakrul Alam
 
Ukgovld registry-intro
Ukgovld registry-introUkgovld registry-intro
Ukgovld registry-introDave Reynolds
 
LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...
Nandana Mihindukulasooriya
 
RPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP MirroringRPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP Mirroring
APNIC
 
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
APNIC
 
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang WangApache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Databricks
 
Registry improvements update
Registry improvements updateRegistry improvements update
Registry improvements update
APNIC
 
Open API Architectural Choices Considerations
Open API Architectural Choices ConsiderationsOpen API Architectural Choices Considerations
Open API Architectural Choices Considerations
Dominiek ter Heide
 
IRR Tutorial and RPKI Demo
IRR Tutorial and RPKI DemoIRR Tutorial and RPKI Demo
IRR Tutorial and RPKI Demo
APNIC
 
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
APNIC
 
MyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesMyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry Services
APNIC
 
The Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesThe Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry Services
MyNOG
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentation
Naveen Jakhar, I.T.S
 
Registry Technical Training
Registry Technical TrainingRegistry Technical Training
Registry Technical Training
Dave Reynolds
 
A year on the Semantic Web @ W3C
A year on the Semantic Web @ W3CA year on the Semantic Web @ W3C
A year on the Semantic Web @ W3C
Ivan Herman
 

Similar to Registration data access protocol what's next? icann53 (20)

Sip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaperSip server technicaloverviewwhitepaper
Sip server technicaloverviewwhitepaper
 
SANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generationSANOG 34: Internet number registry services - the next generation
SANOG 34: Internet number registry services - the next generation
 
IANA: Who, What, Why?
IANA: Who, What, Why?IANA: Who, What, Why?
IANA: Who, What, Why?
 
SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs SANOG 33: APNIC Routing Registry and ROAs
SANOG 33: APNIC Routing Registry and ROAs
 
RPKI Tutorial
RPKI Tutorial RPKI Tutorial
RPKI Tutorial
 
RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)RPKI (Resource Public Key Infrastructure)
RPKI (Resource Public Key Infrastructure)
 
Ukgovld registry-intro
Ukgovld registry-introUkgovld registry-intro
Ukgovld registry-intro
 
LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...LDP4j: A framework for the development of interoperable read-write Linked Da...
LDP4j: A framework for the development of interoperable read-write Linked Da...
 
RPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP MirroringRPKI RTAs and RDAP Mirroring
RPKI RTAs and RDAP Mirroring
 
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next GenerationThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
ThaiNOG Day 2019: Internet Number Registry Services, the Next Generation
 
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang WangApache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
Apache Spark Data Source V2 with Wenchen Fan and Gengliang Wang
 
Registry improvements update
Registry improvements updateRegistry improvements update
Registry improvements update
 
Open API Architectural Choices Considerations
Open API Architectural Choices ConsiderationsOpen API Architectural Choices Considerations
Open API Architectural Choices Considerations
 
IRR Tutorial and RPKI Demo
IRR Tutorial and RPKI DemoIRR Tutorial and RPKI Demo
IRR Tutorial and RPKI Demo
 
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
Internet Routing Registry Tutorial, by Nurul Islam Roman [APRICOT 2015]
 
MyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry ServicesMyNOG 8: Next Generation Internet Number Registry Services
MyNOG 8: Next Generation Internet Number Registry Services
 
The Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry ServicesThe Next Generation Internet Number Registry Services
The Next Generation Internet Number Registry Services
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentation
 
Registry Technical Training
Registry Technical TrainingRegistry Technical Training
Registry Technical Training
 
A year on the Semantic Web @ W3C
A year on the Semantic Web @ W3CA year on the Semantic Web @ W3C
A year on the Semantic Web @ W3C
 

More from ICANN

Call for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PTCall for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PT
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZHCall for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZH
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_ES
Call for Volunteers: Accountability & Transparency Review Team_ESCall for Volunteers: Accountability & Transparency Review Team_ES
Call for Volunteers: Accountability & Transparency Review Team_ES
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_AR
Call for Volunteers: Accountability & Transparency Review Team_ARCall for Volunteers: Accountability & Transparency Review Team_AR
Call for Volunteers: Accountability & Transparency Review Team_AR
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_FR
Call for Volunteers: Accountability & Transparency Review Team_FRCall for Volunteers: Accountability & Transparency Review Team_FR
Call for Volunteers: Accountability & Transparency Review Team_FR
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team_RU
Call for Volunteers: Accountability & Transparency Review Team_RUCall for Volunteers: Accountability & Transparency Review Team_RU
Call for Volunteers: Accountability & Transparency Review Team_RU
ICANN
 
Call for Volunteers: Accountability & Transparency Review Team
Call for Volunteers: Accountability & Transparency Review TeamCall for Volunteers: Accountability & Transparency Review Team
Call for Volunteers: Accountability & Transparency Review Team
ICANN
 
ICANN Expected Standards of Behavior | French
ICANN Expected Standards of Behavior | FrenchICANN Expected Standards of Behavior | French
ICANN Expected Standards of Behavior | French
ICANN
 
ICANN Expected Standards of Behavior
ICANN Expected Standards of BehaviorICANN Expected Standards of Behavior
ICANN Expected Standards of Behavior
ICANN
 
ICANN Expected Standards of Behavior | Russian
ICANN Expected Standards of Behavior | RussianICANN Expected Standards of Behavior | Russian
ICANN Expected Standards of Behavior | Russian
ICANN
 
ICANN Expected Standards of Behavior | Arabic
ICANN Expected Standards of Behavior | ArabicICANN Expected Standards of Behavior | Arabic
ICANN Expected Standards of Behavior | Arabic
ICANN
 
ICANN Expected Standards of Behavior | Chinese
ICANN Expected Standards of Behavior | ChineseICANN Expected Standards of Behavior | Chinese
ICANN Expected Standards of Behavior | Chinese
ICANN
 
ICANN Expected Standards of Behavior | Spanish
ICANN Expected Standards of Behavior | SpanishICANN Expected Standards of Behavior | Spanish
ICANN Expected Standards of Behavior | Spanish
ICANN
 
Policy Development Process Infographic Turkish
Policy Development Process Infographic TurkishPolicy Development Process Infographic Turkish
Policy Development Process Infographic Turkish
ICANN
 
Policy Development Process Infographic Russian
Policy Development Process Infographic RussianPolicy Development Process Infographic Russian
Policy Development Process Infographic Russian
ICANN
 
Policy Development Process Infographic Portuguese
Policy Development Process Infographic PortuguesePolicy Development Process Infographic Portuguese
Policy Development Process Infographic Portuguese
ICANN
 
Policy Development Process Infographic Spanish
Policy Development Process Infographic SpanishPolicy Development Process Infographic Spanish
Policy Development Process Infographic Spanish
ICANN
 
Policy Development Process Infographic French
Policy Development Process Infographic FrenchPolicy Development Process Infographic French
Policy Development Process Infographic French
ICANN
 
Policy Development Process Infographic English
Policy Development Process Infographic EnglishPolicy Development Process Infographic English
Policy Development Process Infographic English
ICANN
 
Policy Development Process Infographic Chinese
Policy Development Process Infographic ChinesePolicy Development Process Infographic Chinese
Policy Development Process Infographic Chinese
ICANN
 

More from ICANN (20)

Call for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PTCall for Volunteers: Accountability & Transparency Review Team_PT
Call for Volunteers: Accountability & Transparency Review Team_PT
 
Call for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZHCall for Volunteers: Accountability & Transparency Review Team_ZH
Call for Volunteers: Accountability & Transparency Review Team_ZH
 
Call for Volunteers: Accountability & Transparency Review Team_ES
Call for Volunteers: Accountability & Transparency Review Team_ESCall for Volunteers: Accountability & Transparency Review Team_ES
Call for Volunteers: Accountability & Transparency Review Team_ES
 
Call for Volunteers: Accountability & Transparency Review Team_AR
Call for Volunteers: Accountability & Transparency Review Team_ARCall for Volunteers: Accountability & Transparency Review Team_AR
Call for Volunteers: Accountability & Transparency Review Team_AR
 
Call for Volunteers: Accountability & Transparency Review Team_FR
Call for Volunteers: Accountability & Transparency Review Team_FRCall for Volunteers: Accountability & Transparency Review Team_FR
Call for Volunteers: Accountability & Transparency Review Team_FR
 
Call for Volunteers: Accountability & Transparency Review Team_RU
Call for Volunteers: Accountability & Transparency Review Team_RUCall for Volunteers: Accountability & Transparency Review Team_RU
Call for Volunteers: Accountability & Transparency Review Team_RU
 
Call for Volunteers: Accountability & Transparency Review Team
Call for Volunteers: Accountability & Transparency Review TeamCall for Volunteers: Accountability & Transparency Review Team
Call for Volunteers: Accountability & Transparency Review Team
 
ICANN Expected Standards of Behavior | French
ICANN Expected Standards of Behavior | FrenchICANN Expected Standards of Behavior | French
ICANN Expected Standards of Behavior | French
 
ICANN Expected Standards of Behavior
ICANN Expected Standards of BehaviorICANN Expected Standards of Behavior
ICANN Expected Standards of Behavior
 
ICANN Expected Standards of Behavior | Russian
ICANN Expected Standards of Behavior | RussianICANN Expected Standards of Behavior | Russian
ICANN Expected Standards of Behavior | Russian
 
ICANN Expected Standards of Behavior | Arabic
ICANN Expected Standards of Behavior | ArabicICANN Expected Standards of Behavior | Arabic
ICANN Expected Standards of Behavior | Arabic
 
ICANN Expected Standards of Behavior | Chinese
ICANN Expected Standards of Behavior | ChineseICANN Expected Standards of Behavior | Chinese
ICANN Expected Standards of Behavior | Chinese
 
ICANN Expected Standards of Behavior | Spanish
ICANN Expected Standards of Behavior | SpanishICANN Expected Standards of Behavior | Spanish
ICANN Expected Standards of Behavior | Spanish
 
Policy Development Process Infographic Turkish
Policy Development Process Infographic TurkishPolicy Development Process Infographic Turkish
Policy Development Process Infographic Turkish
 
Policy Development Process Infographic Russian
Policy Development Process Infographic RussianPolicy Development Process Infographic Russian
Policy Development Process Infographic Russian
 
Policy Development Process Infographic Portuguese
Policy Development Process Infographic PortuguesePolicy Development Process Infographic Portuguese
Policy Development Process Infographic Portuguese
 
Policy Development Process Infographic Spanish
Policy Development Process Infographic SpanishPolicy Development Process Infographic Spanish
Policy Development Process Infographic Spanish
 
Policy Development Process Infographic French
Policy Development Process Infographic FrenchPolicy Development Process Infographic French
Policy Development Process Infographic French
 
Policy Development Process Infographic English
Policy Development Process Infographic EnglishPolicy Development Process Infographic English
Policy Development Process Infographic English
 
Policy Development Process Infographic Chinese
Policy Development Process Infographic ChinesePolicy Development Process Infographic Chinese
Policy Development Process Infographic Chinese
 

Registration data access protocol what's next? icann53

  • 1. RDAP: What’s Next? Francisco Arias & Marc Blanchet | ICANN 53 | 24 June 2015
  • 2. | 2 Introduction & Background Registry Specifics Registrar Specifics Issues, Conclusion and Next Steps 1 2 3 4 5 6 Agenda RDAP Protocol Compliance Responses
  • 3. | 3 ¤  Unformatted ¤  Not internationalized ¤  Unauthenticated ¤  Insecure ¤  Unable to provide differentiated service ¤  Non-extensible ¤  No bootstrapping mechanism ¤  Lack of standardized redirection/reference Limitations of (port-43) WHOIS
  • 4. | 4 ¤  SSAC’s SAC 051 Advisory (19 Sep 2011): The ICANN community should evaluate and adopt a replacement domain name registration data access protocol ¤  Board resolution adopting SAC 051 (28 October 2011) ¤  Roadmap to implement SAC 051 (4 June 2012) ¤  Registration Data Access Protocol (RDAP) community development within IETF working group started in 2012 ¤  Contractual provisions in .com, .name, .biz, .info, .org, 2012 Registry Agreement and 2013 Registrar Accreditation Agreement ¤  RDAP Request for Comments (RFCs) published in March 2015 History on Replacing the WHOIS Protocol
  • 5. | 5 ¤  Intended to replace the WHOIS (port-43) protocol ¤  Provides flexibility to support various policies ¤  Provide benefits improving on weaknesses in the WHOIS protocol ¤  Designed with the knowledge of a now mature industry RDAP Goals
  • 6. | 6 ¤ Structured queries and responses ¤ Modern (RESTful API, JSON responses) ¤ Web application friendly ¤ Extensible, while managed ¤ IANA registry to list extensions ¤ Authentication/authorization capabilities ¤ Through standard web ¤ Flexible method for identifying authoritative sources RDAP Features
  • 7. | 7 ¤  Queries: •  https://example.com/rdap/domain/blah.example.com •  https://example.com/rdap/domains?name=example*.com •  https://example.com/rdap/nameserver/ns1.example.co •  https://example.com/rdap/ip/192.0.2.0 •  https://example.com/rdap/autnum/12 ¤  Responses (two pages long for one response): { "objectClassName" : "domain", "handle" : "XXXX", "ldhName" : "xn--fo-5ja.example", "unicodeName" : "foo.example", "variants" : [ { "relation" : [ "registered", "conjoined" ], "variantNames" : [ { "ldhName" : "xn--fo-cka.example", "unicodeName" : "foo.example" }, { "ldhName" : "xn--fo-fka.example”, RDAP Examples
  • 8. | 8 ¤ How long after RDAP deployment to turn off (port-43) WHOIS? ¤ Should the requirement to offer web-based (HTML) RDDS remain? ¤ How to map current RDDS (WHOIS) policy and contractual requirements in RDAP? Open Questions
  • 9. | 9 ¤ Why do we need an RDAP profile? ¤ RFC must, should, etc… ¤ RDAP RFCs are transport protocols ¤ Do not specify which elements are required ¤ What are the details of the elements, etc. ¤ Evolution from WHOIS to RDAP ¤ Mapping the WHOIS ICANN requirements (RA, RAA, Advisories) to the new protocol using RDAP features, including updating terminology (RDDS = WHOIS, web + RDAP) Need for an RDAP Profile
  • 11. | 11 Profile Topic Reference The RDAP service MUST be compliant with the following Internet Engineering Task Force (IETF) documents: o RFC7480 - HTTP Usage in the Registration Data Access Protocol (RDAP) o RFC7481 - Security Services for the Registration Data Access Protocol (RDAP) o RFC7482 - Registration Data Access Protocol Query Format (RDAP) o RFC7483 - JSON Responses for the Registration Data Access Protocol (RDAP) o RFC7484 - Finding the Authoritative Registration Data Service (RDAP) RFC7480, 7481, 7482, 7483, 7484 The RDAP service MUST only support HTTPS IAB Statement
  • 12. | 12 Profile (cont.) Topic Reference The RDAP service MUST support both GET and HEAD types of HTTP methods. HEAD requests are used to verify the existence of an object in the database, as specified in RFC7480 RFC7480, S4.1 RDAP extensions, if used, MUST be registered in the IANA RDAP Extensions registry, as defined in RFC7480 RFC7480, S6 RDAP conformance object: an rdapConformance object MUST be present in the topmost object of every response. It MUST contain the conformance level of the RDAP protocol and of any extension, as specified in RFC7483 RFC7483, S4.1
  • 13. | 13 Profile (cont.) Topic Reference RDAP services MUST be available over both IPv4 and IPv6 transport RA Spec 6 s1.5, RAA s3.3.1 RDAP servers SHOULD avoid inserting JSON members that are not part of a registered extension RFC7480, s6
  • 14. Responses to RDAP Queries
  • 15. | 15 Profile Topic Reference Internationalized (IDN) RDAP queries of domains MUST be supported if the target TLD supports internationalized domains RA S 6 1.4, RAA RDDS 1. and RAA AROS 3, ICANN idn- guidelines-2011-09-02- en Servers MAY include a language identifier member in RDAP objects, with the exception of jCard objects, as described in RFC7483 section 4.4 RFC7483 4.4 RDAP servers MAY answer requests with data in multiple languages, if the data is available RFC7480 9.2
  • 16. | 16 Profile (cont.) Topic Reference JCard contact objects MAY include language property parameters for the contact names (n, fn), organization (org) and address (adr) properties RFC7483 4.4, RFC6350 5.1, RFC7095 The content of RDAP answers is expected to be the same across all RDDS services RA S 4 1. The case sensitiveness of the data returned in RDAP responses MUST be preserved RDDS Clarification Advisory 19
  • 17. | 17 Profile (cont.) Topic Reference Leading and trailing space or spaces SHOULD NOT appear in the RDAP data RDDS Clarification Advisory 16. RDAP responses MUST NOT contain carriage return and line feed characters, except in JCard unstructured addresses. As described in RFC7483 section 4.3, large fields such as notices and remarks may be divided in separate strings to improve readability RDDS Clarification Advisory 20 The RDAP server terms of service MUST be specified in the “notices” object in the topmost JSON object of the response RA S 4 1.5 and 1.7.2, RAA RDDS S 1.4.2
  • 18. | 18 Profile (cont.) Topic Reference In contact entities, the Phone Number elements are inserted as “tel” properties with a “voice” type parameter. Optional Fax Number elements are inserted as “tel” properties with a “fax” type parameter, as specified in RFC6350, the vCard Format Specification RA S 4 1.5.2 and 1.6.2, RAA RDDS S 1.4.2 RDAP Help queries MUST be answered and provide a reference (link) to usage information, policy and other explanatory material RFC7483 7 Truncated responses MUST contain a notices member describing the reason of the truncation. The notices object type MUST be of the form “Response truncated due to {authorization|load|unexplainable reason}” RFC7483 9
  • 19. | 19 Profile (cont.) Topic Reference Truncated objects MUST contain a remarks member describing the reason of the truncation. The remarks object type MUST follow the form “Result set truncated due to {authorization|load|unexplainable reason}” RFC7483 9
  • 20. Responses to Domain Name RDAP Queries
  • 21. | 21 Profile Topic Reference The top-level “notices” object MUST contain the name of the responding server, a short description and a referral URL within its “links” member RA S 4 1.5 and 1.7.2, RAA RDDS S 1.4.2 The top-level "domain" object MUST contain the Domain ID in the “handle” member RA S 4 1.5.2, RAA RDDS S 1.4.2 The top-level "domain" object MUST contain the a-label form of the domain in the “ldhName” member RFC7483 5.3, RDDS Clarification Advisory 5
  • 22. | 22 Profile (cont.) Topic Reference The top-level "domain" object MUST contain the internationalized Domain Name in u-label form in the “unicodeName” member, if the domain name is an IDN RFC7483 5.3, RDDS Clarification Advisory 6 The top-level domain object MUST contain a list of all current domain statuses in the “status” member. The status MUST be valid status types per IANA’s RDAP JSON Values registry RA S 4 1.8, RAA RDDS S 1.5, RFC7483 4.6, 10.2.2 The domain object MUST contain a publicIDs member to identify the IANA registrar identifier from IANA’s Registrar ID registry. The “type” value of the publicIDs object MUST be equal to "IANA Registrar ID" RA S 4 1.5.2 and 1.10.3, RAA RDDS S 1.4.2, RFC7483 4.8, 5.3
  • 23. | 23 Profile (cont.) Topic Reference The domain object MUST contain the Name Servers information for the domain in the nameservers member. Each nameserver object MUST contain the following members: handle, ldhName, status, remarks, links. Each nameserver MAY contain the following members, if known: ipAddresses, unicodeName, port43, events RA S 4 1.5.2, RAA RDDS S 1.4.2, RFC7483 5.2 and 5.3 The domain object MUST contain entities with the following roles (defined in IANA’s RDAP JSON Values registry1), each of them with a handle and valid fields “fn,” “n,” “adr,” “tel,” “email”: registrant, administrative, technical, registrar RA S 4 1.5.2, RAA RDDS S 1.4.2, RDDS Clarification Advisory 27 The domain object MUST contain the following events: An event of evenAction type “registration,” with the Creation Date of the domain. An event of eventAction type “expiration,” with the Domain Expiration date of the domain. An event of evenAction type “last changed” containing the last update date and time RA S 4 1.5.2 and RAA RDDS 1.4.2
  • 24. | 24 Profile (cont.) Topic Reference The domain object MAY contain the following events: o An event of eventAction type “last transferred,” with the last transferred date of the domain RFC7483 10.2.3 Contact entities SHOULD use jCard structured addresses RDDS Clarification Advisory 20, RFC7095 If, for this domain, variants with a status of “registered” exist, the domain object SHOULD contain a “variants” member (RFC7483 section 10.2.5). The variants relation members MUST be values of the “domain variant relation” type in the IANA RDAP JSON Values registry RFC7483 5.3, RDDS Clarification Advisory 11
  • 25. | 25 Profile (cont.) Topic Reference The status member value of RDAP nameserver and entity objects MUST conform to the values defined in IANA’s RDAP JSON Values1 of “status” type (originally defined in RFC7483 section 10.2.2) RFC7483 5.3 and 10.2.2 The status member of a domain object MUST use an RDAP status that matches the EPP Status codes listed on ICANN’s EPP Status Code (https:// www.icann.org/resources/pages/epp-status-codes-2014-06-16-en) RFC7483 4.6, 5.3 and 10.2.2. RA S 4 1.5.2 and 1.8, RAA RDDS S 1.4. and 1.5, RDDS Cl. Advisory 7 A domain object MUST contain a “remarks” member with a title “EPP Status Codes,” a description containing the string “For more information on domain status codes, please visit https://icann.org/epp” and a links member with the “https://icann.org/epp” URL RDDS Clarification Advisory 23, ICANN AWIP
  • 26. | 26 Profile (cont.) Topic Reference The domain object MUST contain the secureDNS member and related data (specified in RFC7483 section 5.3 and annex D), if known by the server RFC7483 5.3, RDDS Cl. Advisory 10., RA S 4 1.5.2, RAA RDDS S 1.4.2 and RAA AROS 1 The returned domain name object MUST contain registrant entities with the “registrant,” “technical” and “administrative” roles RAA RDDS S 1.4.2, RDDS Cl. Advisory 46
  • 27. Registry Registration Data Directory Services Responses to RDAP Queries
  • 28. | 28 Profile Topic Reference Registries offering searchable WHOIS service (per exhibit A of their Registry Agreement) MUST support RDAP search requests for domains and entities. Entities MUST be searchable by name search pattern as defined in RFC7482 section 3.2.3 in order to allow for searches by contact name or address. Nameserver object search is optional RA S 4 1.10, RDDS Cl. Advisory 34, 40 Binary search capabilities (AND, OR) MUST be supported, when a RFC defining this capability is available RA S 4 1.10.4
  • 29. Registry Registration Data Directory Services Reporting Requirements
  • 30. | 30 Profile Topic Reference Specification 3 of the RA specifies the format and content of the monthly reporting for registry operators. The following fields are added to the Registry Functions Activity Report under section 2: RA S 3 1. and 2
  • 32. Registry Registration Data Directory Services Bootstrapping Requirements
  • 33. | 33 Profile Topic Reference The base URL of RDAP services MUST be registered in the IANA Bootstrap Service Registry for Domain Name Space, as described in RFC7484. A separate entry is required for each TLD RFC7484 4 When the RDAP service base URL need to be changed, the previous URL and the new one MUST remain in operation until the IANA Bootstrap Registry for Domain Name Space is updated RFC7484 4 The bootstrap service entry must be populated only once the RDAP service is available over both IPv4 and IPv6 (A and AAAA records are present RA S 6 1.5, RAA 3.3.1
  • 34. Registry Registration Data Directory Services Entity RDAP Queries
  • 35. | 35 Profile Topic Reference Registrar object lookup using an entity search on the “fn” field MUST be supported RA S 4 1.6, 1.10.3 Registries MUST support queries for registrar objects using the IANA ID of the registrar, when a RFC defining this capability is available RA S 4 1.10.4 The returned entity object MAY have a “notices” member containing the name of the responding server, a short description and a referral URL within its “links” member RA S 4 1.6.2
  • 36. | 36 Profile (cont.) Topic Reference The returned object MUST contain entities with the following roles, each of them with a handle and valid fields “fn,” “n,” “adr,” “tel,” “email”: o Registrar o Administrative (registrar administrative) o Technical (registrar technical) RA S 4 1.6.2, RDDS Cl. Advisory 31 The returned object MUST contain an event of evenAction type “last changed” containing the date and time of the last update
  • 37. Registry Registration Data Directory Services Nameserver RDAP Queries
  • 38. | 38 Profile Topic Reference Registries MUST support nameserver queries based on name server’s name or name server’s IP address (applies to glue records only) RA S 4 1.10.3 The Server Name MUST be specified in the ldhName RA S 4 1.7.2, RDDS Cl. Advisory 5. All known glue record IPv4 and IPv6 addresses for the server MUST be listed in the ipAddresses member RA S 4 1.7.2
  • 39. | 39 Profile (cont.) Topic Reference The unicodeName member MAY be present if the nameserver has an IDN name RDDS Cl. Advisory 6 The returned object MUST contain an entity with the “registrar” role when registry supports host objects RDDS Cl. Advisory 27. The returned object MAY have a “notices” member containing the name of the responding server, a short description and a referral URL within its “links” member RDDS Cl. Advisory 27.
  • 40. | 40 Profile (cont.) Topic Reference The returned object MAY contain an event of evenAction type “last changed” containing the date and time of the last update
  • 41. Registrar Registration Data Directory Services Responses to RDAP Domain Name Queries
  • 42. | 42 Profile Topic Reference The returned domain name object MUST contain registrar entities with the “abuse” roles RDDS Cl. Advisory 50 The returned domain name object MAY contain an entity with the “reseller” role RDDS Cl. Advisory 51
  • 43. Registrar Registration Data Directory Services RDAP Referrals
  • 44. | 44 Profile Topic Reference A Registrar that does not possess the information for a particular query MUST redirect the request to an appropriate party, as described in RFC7480 section 5.2 RFC7480 5.2
  • 46. | 46 ¤  Extensible Provisioning Protocol (EPP) status codes not fully mapped into RDAP status codes •  Draft-gould-epp-rdap-status-mapping suggests to add RDAP codes to have a full mapping ¤  Lookup by IANA Registrar ID is not defined in base RDAP RFCs •  To be updated ¤  Logical operators for search criteria (AND, OR, NOT) are not defined in base RDAP RFCs •  To be updated ¤  How to provide Registrar RDAP base URL in the initial Registry RDAP response? •  To be determined Remaining Issues
  • 48. | 48 ¤ RDAP Profile necessary for gTLD registry and registrar operators to adhere to existing policies and contractual terms ¤ A few issues have been identified around underspecified topics in RFCs ¤ Open question on when to retire WHOIS and whether to keep web-based (HTML) requirement ¤ Question on how to provide reference to registrar data ¤ RDAP Profile to be posted for Community Review Conclusion and Next Steps
  • 49. | 49 Reach us at: Website: icann.org Thank You and Questions gplus.to/icann weibo.com/ICANNorg flickr.com/photos/icann slideshare.net/icannpresentations twitter.com/icann facebook.com/icannorg linkedin.com/company/icann youtube.com/user/icannnews Engage with ICANN