Internet DRAFT - draft-ietf-regext-rdap-rir-search
draft-ietf-regext-rdap-rir-search
Internet Engineering Task Force T. Harrison
Internet-Draft APNIC
Intended status: Standards Track J. Singh
Expires: 3 August 2024 ARIN
31 January 2024
RDAP RIR Search
draft-ietf-regext-rdap-rir-search-07
Abstract
The Registration Data Access Protocol (RDAP) is used by Regional
Internet Registries (RIRs) and Domain Name Registries (DNRs) to
provide access to their resource registration information. The core
specifications for RDAP define basic search functionality, but there
are various IP and ASN-related search options provided by RIRs via
their Whois services for which there is no corresponding RDAP
functionality. This document extends RDAP to support those search
options.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 3 August 2024.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
Harrison & Singh Expires 3 August 2024 [Page 1]
�
Internet-Draft RDAP RIR Search January 2024
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Conventions Used in This Document . . . . . . . . . . . . 3
2. Basic Searches . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Path Segments . . . . . . . . . . . . . . . . . . . . . . 3
2.2. IP Network Search . . . . . . . . . . . . . . . . . . . . 4
2.3. Autonomous System Number Search . . . . . . . . . . . . . 4
3. Relation Searches . . . . . . . . . . . . . . . . . . . . . . 5
3.1. Path Segments . . . . . . . . . . . . . . . . . . . . . . 5
3.2. Relation Search . . . . . . . . . . . . . . . . . . . . . 6
3.2.1. Definitions . . . . . . . . . . . . . . . . . . . . . 6
3.2.2. Relations . . . . . . . . . . . . . . . . . . . . . . 10
3.2.2.1. "up" . . . . . . . . . . . . . . . . . . . . . . 10
3.2.2.2. "down" . . . . . . . . . . . . . . . . . . . . . 10
3.2.2.3. "top" . . . . . . . . . . . . . . . . . . . . . . 10
3.2.2.4. "bottom" . . . . . . . . . . . . . . . . . . . . 11
3.3. Status . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4. Link Relations . . . . . . . . . . . . . . . . . . . . . 12
4. Responding To Searches . . . . . . . . . . . . . . . . . . . 14
5. Reverse Search . . . . . . . . . . . . . . . . . . . . . . . 15
6. RDAP Conformance . . . . . . . . . . . . . . . . . . . . . . 16
7. Privacy Considerations . . . . . . . . . . . . . . . . . . . 17
8. Security Considerations . . . . . . . . . . . . . . . . . . . 17
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17
9.1. RDAP Extensions Registry . . . . . . . . . . . . . . . . 17
9.2. Link Relations Registry . . . . . . . . . . . . . . . . . 18
9.3. RDAP Reverse Search Registry . . . . . . . . . . . . . . 19
9.4. RDAP Reverse Search Mapping Registry . . . . . . . . . . 21
10. Implementation Status . . . . . . . . . . . . . . . . . . . . 22
10.1. APNIC RDAP Implementation . . . . . . . . . . . . . . . 22
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 23
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 23
12.1. Normative References . . . . . . . . . . . . . . . . . . 23
12.2. Informative References . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24
Harrison & Singh Expires 3 August 2024 [Page 2]
�
Internet-Draft RDAP RIR Search January 2024
1. Introduction
The Registration Data Access Protocol (RDAP) [RFC7480] is used by
Regional Internet Registries (RIRs) and Domain Name Registries (DNRs)
to provide access to their resource registration information. The
core specifications for RDAP define basic search functionality, but
this is limited to domains, nameservers, and entities. No searches
were defined for IP networks or autonomous system numbers. In an
effort to have RDAP reach feature parity with the existing RIR Whois
services in this respect, this document defines additional search
options for IP networks and autonomous system numbers.
While this document is in terms of RIRs and DNRs for the sake of
consistency with earlier RDAP documents such as [RFC9082] and
[RFC9083], the functionality described here may be used by any RDAP
server operator that hosts Internet Number Resource (INR) objects,
such as National Internet Registries (NIRs) or Local Internet
Registries (LIRs).
1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Indentation and whitespace in examples are provided only to
illustrate element relationships, and are not a REQUIRED feature of
this protocol.
"..." in examples is used as shorthand for elements defined outside
of this document.
2. Basic Searches
2.1. Path Segments
The new resource type path segments for basic search (similar to the
searches defined in [RFC9082] and [RFC9083]) are:
'ips': Used to identify an IP network search using a pattern to
match one of a set of IP network attributes.
'autnums': Used to identify an autonomous system number search
using a pattern to match one of a set of autonomous system number
attributes.
Harrison & Singh Expires 3 August 2024 [Page 3]
�
Internet-Draft RDAP RIR Search January 2024
A search pattern matches a value where it equals the string
representation of the value, or where it is a match for the value in
accordance with the partial string matching behaviour defined in
section 4.1 of [RFC9082].
2.2. IP Network Search
Syntax: ips?handle=<handle search pattern>
Syntax: ips?name=<name search pattern>
Searches for IP network information by handle are specified using the
form:
ips?handle=XXXX
XXXX is a search pattern representing an IP network identifier, the
syntax for which is specific to the registration provider. The
following URL would be used to find information for IP networks with
handles matching the "NET-199*" pattern:
https://example.com/rdap/ips?handle=NET-199*
Searches for IP network information by name are specified using the
form:
ips?name=XXXX
XXXX is a search pattern representing an IP network identifier that
is assigned to the network registration by the registration holder.
The following URL would be used to find information for IP networks
with names matching the "NET-EXAMPLE-*" pattern:
https://example.com/rdap/ips?name=NET-EXAMPLE-*
2.3. Autonomous System Number Search
Syntax: autnums?handle=<handle search pattern>
Syntax: autnums?name=<name search pattern>
Searches for autonomous system number information by handle are
specified using the form:
autnums?handle=XXXX
Harrison & Singh Expires 3 August 2024 [Page 4]
�
Internet-Draft RDAP RIR Search January 2024
XXXX is a search pattern representing an autonomous system number
identifier, the syntax for which is specific to the registration
provider. The following URL would be used to find information for
autonomous system numbers with handles matching the "AS1*" pattern:
https://example.com/rdap/autnums?handle=AS1*
Searches for autonomous system number information by name are
specified using the form:
autnums?name=XXXX
XXXX is a search pattern representing an autonomous system number
identifier that is assigned to the autonomous system number
registration by the registration holder. The following URL would be
used to find information for autonomous system numbers with names
matching the "ASN-EXAMPLE-*" pattern:
https://example.com/rdap/autnums?name=ASN-EXAMPLE-*
3. Relation Searches
[RFC9083] contains example objects that make use of the "up" link
relation in order to simplify the process of finding the parent
object for a given object. This section defines searches for finding
objects and sets of objects with respect to their position within a
hierarchy.
3.1. Path Segments
The variables used in the path segments include:
<relation>: A relation type, as defined in Section 3.2.2 of this
document.
<IP address>: An IP address, as defined in Section 3.1.1 of
[RFC9082].
<CIDR prefix> The first address of a CIDR block, as defined in
Section 3.1.1 of [RFC9082].
<CIDR length>: The prefix length for a CIDR block, as defined in
Section 3.1.1 of [RFC9082].
<domain name>: A fully-qualified domain name, as defined in
Section 3.1.3 of [RFC9082].
Harrison & Singh Expires 3 August 2024 [Page 5]
�
Internet-Draft RDAP RIR Search January 2024
<autonomous system number or range> An autonomous system number,
as defined in Section 3.1.2 of [RFC9082], or two such numbers
separated by a single hyphen ('-', US-ASCII value 0x2D), where the
second number is greater than the first.
The new resource type path segments for relation search (similar to
the searches defined in [RFC9082] and [RFC9083]) are:
'ips/rirSearch1/<relation>/<IP address>': Used to identify an IP
network search using a relation and an address to match a set of
IP networks.
'ips/rirSearch1/<relation>/<CIDR prefix>/<CIDR length>': Used to
identify an IP network search using a relation and a range to
match a set of IP networks.
'autnums/rirSearch1/<relation>/<autonomous system number or
range>': Used to identify an autonomous system number search using
a relation and a single ASN or an ASN range to match a set of ASN
objects.
'domains/rirSearch1/<relation>/<domain name>': Used to identify a
reverse domain search using a relation and a reverse domain name
to match a set of reverse domains.
3.2. Relation Search
Syntax: <object class search path
segment>/rirSearch1/<relation>/<object-value>[?status=<status>]
The relation searches defined in this document rely on the syntax
described above. Each search works in the same way for each object
type.
3.2.1. Definitions
An Internet Number Resource (INR) object value (i.e. an IP network
address or range, autonomous system number or number range, or
reverse domain name) may have a "parent" object and one or more
"child" objects. The "parent" object is the next-least-specific
object that exists in the relevant registry, while the "child"
objects are the next-most-specific objects that exist in the relevant
registry. For example, for a registry with the following seven IP
network objects:
Harrison & Singh Expires 3 August 2024 [Page 6]
�
Internet-Draft RDAP RIR Search January 2024
+--------------+
| 192.0.2.0/24 |
+--------------+
/ \
+--------------+ +----------------+
| 192.0.2.0/25 | | 192.0.2.128/25 |
+--------------+ +----------------+
/ / \
+--------------+ +----------------+ +----------------+
| 192.0.2.0/28 | | 192.0.2.128/26 | | 192.0.2.192/26 |
+--------------+ +----------------+ +----------------+
/
+--------------+
| 192.0.2.0/32 |
+--------------+
Figure 1: Example registry objects
the INR object value to parent/child object relationships are:
+==================+================+
| INR object value | Parent object |
+==================+================+
| 192.0.2.0/32 | 192.0.2.0/28 |
+------------------+----------------+
| 192.0.2.0/28 | 192.0.2.0/25 |
+------------------+----------------+
| 192.0.2.64/26 | 192.0.2.0/25 |
+------------------+----------------+
| 192.0.2.128/26 | 192.0.2.128/25 |
+------------------+----------------+
| 192.0.2.192/26 | 192.0.2.128/25 |
+------------------+----------------+
| 192.0.2.128/25 | 192.0.2.0/24 |
+------------------+----------------+
| 192.0.2.0/25 | 192.0.2.0/24 |
+------------------+----------------+
| 192.0.2.0/24 | N/A |
+------------------+----------------+
Table 1: Parent objects
Harrison & Singh Expires 3 August 2024 [Page 7]
�
Internet-Draft RDAP RIR Search January 2024
+==================+================================+
| INR object value | Child objects |
+==================+================================+
| 192.0.2.0/24 | 192.0.2.0/25, 192.0.2.128/25 |
+------------------+--------------------------------+
| 192.0.2.0/25 | 192.0.2.0/28 |
+------------------+--------------------------------+
| 192.0.2.128/25 | 192.0.2.128/26, 192.0.2.192/26 |
+------------------+--------------------------------+
| 192.0.2.64/26 | N/A |
+------------------+--------------------------------+
| 192.0.2.128/26 | N/A |
+------------------+--------------------------------+
| 192.0.2.192/26 | N/A |
+------------------+--------------------------------+
| 192.0.2.0/28 | 192.0.2.0/32 |
+------------------+--------------------------------+
| 192.0.2.0/32 | N/A |
+------------------+--------------------------------+
Table 2: Child objects
Along similar lines, each INR object value may have a "top" object,
being the least-specific covering object that exists in the registry,
and one or more "bottom" objects, being the most-specific objects
that entirely cover the INR object value when taken together. Given
the registry defined in the previous paragraph, the top and bottom
object relationships are:
Harrison & Singh Expires 3 August 2024 [Page 8]
�
Internet-Draft RDAP RIR Search January 2024
+==================+==============+
| INR object value | Top object |
+==================+==============+
| 192.0.2.0/32 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.0/28 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.64/26 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.128/26 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.192/26 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.128/25 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.0/25 | 192.0.2.0/24 |
+------------------+--------------+
| 192.0.2.0/24 | N/A |
+------------------+--------------+
Table 3: Top objects
+==================+===========================================+
| INR object value | Bottom objects |
+==================+===========================================+
| 192.0.2.0/24 | 192.0.2.0/25, 192.0.2.0/28, 192.0.2.0/32, |
| | 192.0.2.128/26, 192.0.2.192/26 |
+------------------+-------------------------------------------+
| 192.0.2.0/25 | 192.0.2.0/25, 192.0.2.0/28, 192.0.2.0/32 |
+------------------+-------------------------------------------+
| 192.0.2.128/25 | 192.0.2.128/26, 192.0.2.192/26 |
+------------------+-------------------------------------------+
| 192.0.2.64/26 | N/A |
+------------------+-------------------------------------------+
| 192.0.2.128/26 | N/A |
+------------------+-------------------------------------------+
| 192.0.2.192/26 | N/A |
+------------------+-------------------------------------------+
| 192.0.2.0/28 | 192.0.2.0/28, 192.0.2.0/32 |
+------------------+-------------------------------------------+
| 192.0.2.0/31 | 192.0.2.0/28, 192.0.2.0/32 |
+------------------+-------------------------------------------+
| 192.0.2.0/32 | N/A |
+------------------+-------------------------------------------+
Table 4: Bottom objects
Harrison & Singh Expires 3 August 2024 [Page 9]
�
Internet-Draft RDAP RIR Search January 2024
If there are no more-specific objects for a given INR object value,
then the set of bottom objects for that INR object value will be
empty. 192.0.2.0/32 is an example of such an INR object value.
It is not necessarily the case that the bottom objects for a given
INR object value will be disjoint. For example, 192.0.2.0/28's
bottom objects are 192.0.2.0/28 and 192.0.2.0/32. 192.0.2.0/32 is
included because it is one of the most-specific objects (i.e. an
object at the bottom of the object hierarchy) for 192.0.2.0/28, while
192.0.2.0/28 itself is included because it is the most-specific
object for the other addresses within the range (i.e. those aside
from 192.0.2.0/32).
The bottom objects for a given INR object value may include an object
that is less-specific than that INR object value. For example,
192.0.2.0/31 is an INR object value that has a more-specific object,
being 192.0.2.0/32, so the set of bottom objects must include at
least that object. The most-specific object that covers the residual
(i.e. 192.0.2.1/32) is 192.0.2.0/28, so it is included in the results
as well.
3.2.2. Relations
3.2.2.1. "up"
If the server receives a search containing the relation value "up",
it will return the parent object for the specified INR object value.
If no such object exists, it will return an empty search response.
3.2.2.2. "down"
If the server receives a search containing the relation value "down",
it will return the child objects for the specified INR object value.
If no such objects exist, it will return an empty search response.
Per the definitions section, this includes only immediate child
objects.
3.2.2.3. "top"
If the server receives a search containing the relation value "top",
it will return the top object for the specified INR object value. If
no such object exists, it will return an empty search response.
Harrison & Singh Expires 3 August 2024 [Page 10]
�
Internet-Draft RDAP RIR Search January 2024
3.2.2.4. "bottom"
If the server receives a search containing the relation value
"bottom", it will return the bottom objects for the specified INR
object value. If no such objects exist, it will return an empty
search response.
3.3. Status
If the "status" argument is provided, then response processing will
proceed as though all objects without the specified status had first
been removed from the database. For example, if the registry objects
from section 3.2.1 had the following statuses:
+================+==========+
| Object | Status |
+================+==========+
| 192.0.2.0/25 | active |
+----------------+----------+
| 192.0.2.128/25 | inactive |
+----------------+----------+
| 192.0.2.128/26 | active |
+----------------+----------+
| 192.0.2.192/26 | active |
+----------------+----------+
Table 5: Statuses
then a server receiving a "child" object query with the INR object
value 192.0.2.0/24 and a "status" argument of "active" would return
the objects 192.0.2.0/25, 192.0.2.128/26, and 192.0.2.192/26.
Status filtering is useful, for example, where the client is trying
to find the delegation from an RIR to an RIR account holder: by using
the "top" relation with a "status" of "active", the delegation from
IANA to the RIR will be ignored, and the client will receive the
delegation from the RIR to the account holder in the response
instead.
By default, any valid status value may be used for status filtering.
Server operators MAY opt not to support "status" filtering for the
"down" and "bottom" link relations, in which case the server should
respond with a HTTP 501 (Not Implemented) [RFC9110] response code if
it receives such a request. Server operators MAY also opt not to
support "status" filtering for values other than "active" for the
"up" and "top" link relations, in which case the server should
respond with a HTTP 501 (Not Implemented) [RFC9110] response code if
it receives such a request.
Harrison & Singh Expires 3 August 2024 [Page 11]
�
Internet-Draft RDAP RIR Search January 2024
3.4. Link Relations
Each of the relations defined in section 3.2.2 has a corresponding
link relation that can be used for a link object contained within
another RDAP object. When constructing these link objects, the
server MUST set link targets that yield the same response as for the
corresponding search. The following is an elided example of a
response that makes use of those link relations:
{
"startAddress": "192.0.2.0",
"endAddress": "192.0.2.127",
...
"links": [
...,
{
"value": "https://rdap.example.com/ip/192.0.2.0/25",
"rel": "up",
"href": "https://rdap.example.com/ips/rirSearch1/up/192.0.2.0/25",
"type": "application/rdap+json"
},
{
"value": "https://rdap.example.com/ip/192.0.2.0/25",
"rel": "down",
"href": "https://rdap.example.com/ips/rirSearch1/down/192.0.2.0/25",
"type": "application/rdap+json"
},
{
"value": "https://rdap.example.com/ip/192.0.2.0/25",
"rel": "top",
"href": "https://rdap.example.com/ips/rirSearch1/top/192.0.2.0/25",
"type": "application/rdap+json"
},
{
"value": "https://rdap.example.com/ip/192.0.2.0/25",
"rel": "bottom",
"href": "https://rdap.example.com/ips/rirSearch1/bottom/192.0.2.0/25",
"type": "application/rdap+json"
}
]
}
Figure 2: Example links
Harrison & Singh Expires 3 August 2024 [Page 12]
�
Internet-Draft RDAP RIR Search January 2024
Two additional link relations are defined that correspond to relation
searches with a "status" of "active": "top-active" and "up-active".
No other status-specific link relations are defined, because the only
known use cases for status filtering involve the "top" and "up"
relations and the "active" status.
Since the "top" and "up" link relations resolve to a single object,
it is possible to simply include that object's link in the "href"
attribute in the link object. The following is an elided example of
a response that uses this approach:
{
"startAddress": "192.0.2.0",
"endAddress": "192.0.2.127",
...
"links": [
...,
{
"value": "https://rdap.example.com/ip/192.0.2.0/25",
"rel": "up",
"href": "https://rdap.example.com/192.0.2.0/24",
"type": "application/rdap+json"
}
]
}
Figure 3: Example single object links
This section mandates specific behaviour for the "up" link relation,
but does not define that link relation (see [RFC8288]). This is
acceptable, because this behaviour:
does not conflict with the current description of the link
relation; and
is not generally applicable, but instead limited to the context of
RDAP INR objects only.
Use of these link relations in responses is OPTIONAL. The absence in
a response of a link for a specific relation does not necessarily
mean that the corresponding object does not exist or that the
corresponding search will return no results.
Harrison & Singh Expires 3 August 2024 [Page 13]
�
Internet-Draft RDAP RIR Search January 2024
4. Responding To Searches
As with [RFC9083], responses to the IP network and autonomous system
number searches defined in the previous sections take the form of an
array of object instances, where each instance is an appropriate
object class for the search (i.e., a search beginning with /ips
yields an array of IP network object instances, and a search
beginning with /autnums yields an array of autonomous system number
object instances). The IP network object and autonomous system
number object types are defined in sections 5.4 and 5.5 of [RFC9083].
The object instance arrays are contained within the response object.
The names of the arrays are as follows:
for /ips searches, the array is "ipSearchResults"; and
for /autnums searches, the array is "autnumSearchResults".
The following is an elided example of a response to an IP network
search:
{
"rdapConformance": [ "rdap_level_0", "rirSearch1",
"ips", "ipSearchResults", ... ],
...
"ipSearchResults": [
{
"objectClassName": "ip network",
"handle": "XXXX-RIR",
"startAddress": "192.0.2.0",
"endAddress": "192.0.2.127",
...
},
{
"objectClassName": "ip network",
"handle": "YYYY-RIR",
"startAddress": "192.0.2.0",
"endAddress": "192.0.2.255",
...
}
]
}
Figure 4: IP network search response
The following is an elided example of a response to an autonomous
system number search:
Harrison & Singh Expires 3 August 2024 [Page 14]
�
Internet-Draft RDAP RIR Search January 2024
{
"rdapConformance": [ "rdap_level_0", "rirSearch1",
"autnums", "autnumSearchResults", ... ],
...
"autnumSearchResults": [
{
"objectClassName": "autnum",
"handle": "XXXX-RIR",
"startAutnum": 64496,
"endAutnum": 64496,
...
},
{
"objectClassName": "autnum",
"handle": "YYYY-RIR",
"startAddress": "64497",
"endAddress": "64497",
...
}
]
}
Figure 5: ASN search response
Responses for relation searches for reverse domain objects have the
same form as for a standard domain search response, per [RFC9083].
If the search can be processed by the server, but there are no
results for the search, then the server returns a HTTP 200 (OK)
response code, with the body of the response containing an empty
results array.
5. Reverse Search
RDAP reverse search is defined by
[I-D.ietf-regext-rdap-reverse-search]. That document limits reverse
search to domains, nameservers, and entities. This document extends
reverse search to cover IP networks and autonomous system numbers as
well.
If a server receives a reverse search query with a searchable
resource type (per the definition of that term in
[I-D.ietf-regext-rdap-reverse-search]) of "ips", then the reverse
search will be performed on the IP network objects from its data
store. Similarly, if a server receives a reverse search query with a
searchable resource type of "autnums", then the reverse search will
be performed on the autonomous system number objects from its data
store.
Harrison & Singh Expires 3 August 2024 [Page 15]
�
Internet-Draft RDAP RIR Search January 2024
Additionally, Section 9 includes requests to register new entries for
IP network and autonomous system number searches in the RDAP Reverse
Search and RDAP Reverse Search Mapping IANA registries.
6. RDAP Conformance
A server that supports the functionality specified in this document
MUST include additional string literals in the rdapConformance array
of its responses, in accordance with the following:
any response that includes an IP network basic search link, an IP
network relation search link, or an IP network reverse search
link, includes the "rirSearch1" and "ips" literals;
any response for an IP network basic search request, an IP network
relation search request, or an IP network reverse search request
includes the "rirSearch1", "ips", and "ipSearchResults" literals;
any response that includes an ASN basic search link, an ASN
relation search link, or an ASN reverse search link includes the
"rirSearch1" and "autnums" literals;
any response for an ASN basic search request, an ASN relation
search request, or an ASN reverse search request includes the
"rirSearch1", "autnums", and "autnumSearchResults" literals;
any response that includes a domain relation search link includes
the "rirSearch1" literal;
any response for a domain relation search request includes the
"rirSearch1" literal; and
a response to a "/help" request includes the "rirSearch1", "ips",
"ipSearchResults", "autnums", and "autnumSearchResults" literals.
Although responses will generally not include all of the
rdapConformance string literals defined in this document, that is not
meant to imply that a server can support only a portion of the
functionality defined in this document.
The "ips", "autnums", "ipSearchResults", and "autnumSearchResults"
extension identifiers are included here due to the requirements set
out in [RFC7480], [RFC9082], and [RFC9083] that an RDAP extension
identifier be used as a prefix in new path segments and JSON members
introduced by the extension, and those strings are used as such as
part of the basic searches defined in this document. Furthermore,
using these strings as path segments helps to increase consistency
among the basic searches for the core RDAP object types.
Harrison & Singh Expires 3 August 2024 [Page 16]
�
Internet-Draft RDAP RIR Search January 2024
As with the other core object classes (entity, domain, and
nameserver), other documents may define additional reverse searches
with IP networks and ASNs as the searchable resource type by
registering those in the IANA RDAP reverse search registries.
Because a given extension identifier must correspond to a single
extension, though, any document making use of IP networks or ASNs as
the searchable resource type must also implement the functionality
described in this document.
7. Privacy Considerations
The search functionality defined in this document may affect the
privacy of entities in the registry (and elsewhere) in various ways:
see [RFC6973] for a general treatment of privacy in protocol
specifications. Server operators should be aware of the tradeoffs
that result from implementation of this functionality.
Many jurisdictions have laws or regulations that restrict the use of
"Personal Data", per the definition in [RFC6973]. Given that, server
operators should ascertain whether the regulatory environment in
which they operate permits implementation of the functionality
defined in this document.
8. Security Considerations
[RFC7481] describes security requirements and considerations for RDAP
generally.
9. IANA Considerations
9.1. RDAP Extensions Registry
IANA is requested to register the following values in the RDAP
Extensions Registry:
* Extension identifier: rirSearch1
* Registry operator: Any
* Published specification: [this document]
* Contact: IETF <iesg@ietf.org>
* Intended usage: This extension identifier is used for INR-specific
search operations.
* Extension identifier: ips
Harrison & Singh Expires 3 August 2024 [Page 17]
�
Internet-Draft RDAP RIR Search January 2024
* Registry operator: Any
* Published specification: [this document]
* Contact: IETF <iesg@ietf.org>
* Intended usage: This extension identifier is used for INR-specific
search operations.
* Extension identifier: autnums
* Registry operator: Any
* Published specification: [this document]
* Contact: IETF <iesg@ietf.org>
* Intended usage: This extension identifier is used for INR-specific
search operations.
* Extension identifier: ipSearchResults
* Registry operator: Any
* Published specification: [this document]
* Contact: IETF <iesg@ietf.org>
* Intended usage: This extension identifier is used for INR-specific
search operations.
* Extension identifier: autnumSearchResults
* Registry operator: Any
* Published specification: [this document]
* Contact: IETF <iesg@ietf.org>
* Intended usage: This extension identifier is used for INR-specific
search operations.
9.2. Link Relations Registry
IANA is requested to register the following values in the Link
Relations Registry:
* Relation Name: up-active
Harrison & Singh Expires 3 August 2024 [Page 18]
�
Internet-Draft RDAP RIR Search January 2024
* Description: Refers to an RDAP parent document that has a status
of "active" in a hierarchy of documents.
* Reference: [this document]
* Relation Name: down
* Description: Refers to a set of child documents in a hierarchy of
documents.
* Reference: [this document]
* Relation Name: top
* Description: Refers to the topmost parent document in a hierarchy
of documents.
* Reference: [this document]
* Relation Name: top-active
* Description: Refers to the topmost RDAP parent document that has a
status of "active" in a hierarchy of documents.
* Reference: [this document]
* Relation Name: bottom
* Description: Refers to the set of child documents that do not
themselves have child documents, in a hierarchy of documents.
* Reference: [this document]
9.3. RDAP Reverse Search Registry
IANA is requested to register the following entries in the "RDAP
Reverse Search" registry:
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: fn
Description: The server supports the IP/autnum search based on the
full name (a.k.a formatted name) of an associated entity.
Registrant Name: IETF
Harrison & Singh Expires 3 August 2024 [Page 19]
�
Internet-Draft RDAP RIR Search January 2024
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: handle
Description: The server supports the IP/autnum search based on the
handle of an associated entity.
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: email
Description: The server supports the IP/autnum search based on the
email address of an associated entity.
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: role
Description: The server supports the IP/autnum search based on the
role of an associated entity.
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Harrison & Singh Expires 3 August 2024 [Page 20]
�
Internet-Draft RDAP RIR Search January 2024
9.4. RDAP Reverse Search Mapping Registry
IANA is requested to register the following entries in the "RDAP
Reverse Search Mapping" registry:
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: fn
Property Path: $..entities[*].vcardArray[1][?(@[0]=='fn')][3]
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: handle
Property Path: $..entities[*].handle
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Related Resource Type: entity
Property: email
Property Path: $..entities[*].vcardArray[1][?(@[0]=='email')][3]
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
Searchable Resource Type: ips, autnums
Harrison & Singh Expires 3 August 2024 [Page 21]
�
Internet-Draft RDAP RIR Search January 2024
Related Resource Type: entity
Property: role
Property Path: $..entities[*].roles
Registrant Name: IETF
Registrant Contact Information: iesg@ietf.org
Reference: This document.
10. Implementation Status
| Note to the RFC Editor - remove this section before
| publication, as well as the reference to RFC 7942.
This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in [RFC7942].
The description of implementations in this section is intended to
assist the IETF in its decision processes in progressing drafts to
RFCs. Please note that the listing of any individual implementation
here does not imply endorsement by the IETF. Furthermore, no effort
has been spent to verify the information presented here that was
supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalogue of available implementations or their
features. Readers are advised to note that other implementations may
exist.
According to [RFC7942], "this will allow reviewers and working groups
to assign due consideration to documents that have the benefit of
running code, which may serve as evidence of valuable experimentation
and feedback that have made the implemented protocols more mature.
It is up to the individual working groups to use this information as
they see fit".
10.1. APNIC RDAP Implementation
* Responsible Organization: Asia-Pacific Network Information Centre
(APNIC)
* Location: https://github.com/APNIC-net/rdap-rmp-demo/tree/rir-
search
* Description: This implementation includes support for the various
searches and responses described in this document.
Harrison & Singh Expires 3 August 2024 [Page 22]
�
Internet-Draft RDAP RIR Search January 2024
* Level of Maturity: This is a proof-of-concept implementation.
* Coverage: This implementation includes all of the features
described in this specification.
* Contact Information: Tom Harrison, tomh@apnic.net
11. Acknowledgements
The authors wish to thank Mario Loffredo, Andy Newton, Antoin
Verschuren, and James Gould for document review and associated
comments.
12. References
12.1. Normative References
[I-D.ietf-regext-rdap-reverse-search]
Loffredo, M. and M. Martinelli, "Registration Data Access
Protocol (RDAP) Reverse Search", Work in Progress,
Internet-Draft, draft-ietf-regext-rdap-reverse-search-26,
13 November 2023, <https://datatracker.ietf.org/doc/html/
draft-ietf-regext-rdap-reverse-search-26>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC7481] Hollenbeck, S. and N. Kong, "Security Services for the
Registration Data Access Protocol (RDAP)", STD 95,
RFC 7481, DOI 10.17487/RFC7481, March 2015,
<https://www.rfc-editor.org/info/rfc7481>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC9082] Hollenbeck, S. and A. Newton, "Registration Data Access
Protocol (RDAP) Query Format", STD 95, RFC 9082,
DOI 10.17487/RFC9082, June 2021,
<https://www.rfc-editor.org/info/rfc9082>.
[RFC9083] Hollenbeck, S. and A. Newton, "JSON Responses for the
Registration Data Access Protocol (RDAP)", STD 95,
RFC 9083, DOI 10.17487/RFC9083, June 2021,
<https://www.rfc-editor.org/info/rfc9083>.
Harrison & Singh Expires 3 August 2024 [Page 23]
�
Internet-Draft RDAP RIR Search January 2024
[RFC9110] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", STD 97, RFC 9110,
DOI 10.17487/RFC9110, June 2022,
<https://www.rfc-editor.org/info/rfc9110>.
12.2. Informative References
[RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J.,
Morris, J., Hansen, M., and R. Smith, "Privacy
Considerations for Internet Protocols", RFC 6973,
DOI 10.17487/RFC6973, July 2013,
<https://www.rfc-editor.org/info/rfc6973>.
[RFC7480] Newton, A., Ellacott, B., and N. Kong, "HTTP Usage in the
Registration Data Access Protocol (RDAP)", STD 95,
RFC 7480, DOI 10.17487/RFC7480, March 2015,
<https://www.rfc-editor.org/info/rfc7480>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
[RFC8288] Nottingham, M., "Web Linking", RFC 8288,
DOI 10.17487/RFC8288, October 2017,
<https://www.rfc-editor.org/info/rfc8288>.
Authors' Addresses
Tom Harrison
Asia Pacific Network Information Centre
6 Cordelia St
South Brisbane QLD 4101
Australia
Email: tomh@apnic.net
Jasdip Singh
American Registry for Internet Numbers
PO Box 232290
Centreville, VA 20120
United States of America
Email: jasdips@arin.net
Harrison & Singh Expires 3 August 2024 [Page 24]
