rfc9537.original   rfc9537.txt 
Network Working Group J.G. Gould Internet Engineering Task Force (IETF) J. Gould
Internet-Draft D.S. Smith Request for Comments: 9537 D. Smith
Intended status: Standards Track VeriSign, Inc. Category: Standards Track VeriSign, Inc.
Expires: 30 May 2024 J.K. Kolker ISSN: 2070-1721 J. Kolker
R.C. Carney R. Carney
GoDaddy Inc. GoDaddy Inc.
27 November 2023 March 2024
Redacted Fields in the Registration Data Access Protocol (RDAP) Response Redacted Fields in the Registration Data Access Protocol (RDAP) Response
draft-ietf-regext-rdap-redacted-16
Abstract Abstract
This document describes an RDAP extension for specifying methods of This document describes a Registration Data Access Protocol (RDAP)
redaction of RDAP responses and explicitly identifying redacted RDAP extension for specifying methods of redaction of RDAP responses and
response fields, using JSONPath as the default expression language. explicitly identifying redacted RDAP response fields, using JSONPath
as the default expression language.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on 30 May 2024. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9537.
Copyright Notice Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Revised BSD License text as to this document. Code Components extracted from this document must
described in Section 4.e of the Trust Legal Provisions and are include Revised BSD License text as described in Section 4.e of the
provided without warranty as described in the Revised BSD License. Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction
2. Conventions Used in This Document . . . . . . . . . . . . . . 3 2. Conventions Used in This Document
3. Redaction Methods . . . . . . . . . . . . . . . . . . . . . . 4 3. Redaction Methods
3.1. Redaction by Removal Method . . . . . . . . . . . . . . . 4 3.1. Redaction by Removal Method
3.2. Redaction by Empty Value Method . . . . . . . . . . . . . 5 3.2. Redaction by Empty Value Method
3.3. Redaction by Partial Value Method . . . . . . . . . . . . 6 3.3. Redaction by Partial Value Method
3.4. Redaction by Replacement Value Method . . . . . . . . . . 7 3.4. Redaction by Replacement Value Method
4. Redacted RDAP Response . . . . . . . . . . . . . . . . . . . 9 4. Redacted RDAP Response
4.1. RDAP Conformance . . . . . . . . . . . . . . . . . . . . 9 4.1. RDAP Conformance
4.2. "redacted" Member . . . . . . . . . . . . . . . . . . . . 9 4.2. "redacted" Member
5. JSONPath Considerations . . . . . . . . . . . . . . . . . . . 31 5. JSONPath Considerations
5.1. JSONPath Client Considerations . . . . . . . . . . . . . 31 5.1. JSONPath Client Considerations
5.2. JSONPath Server Considerations . . . . . . . . . . . . . 32 5.2. JSONPath Server Considerations
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 6. IANA Considerations
6.1. RDAP Extensions Registry . . . . . . . . . . . . . . . . 33 6.1. RDAP Extensions Registry
6.2. RDAP JSON Values Registry . . . . . . . . . . . . . . . . 33 6.2. RDAP JSON Values Registry
7. Implementation Status . . . . . . . . . . . . . . . . . . . . 34 7. Security Considerations
7.1. IIT-CNR/Registro.it RDAP Server . . . . . . . . . . . . . 34 8. References
8. Security Considerations . . . . . . . . . . . . . . . . . . . 35 8.1. Normative References
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 35 8.2. Informative References
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 Acknowledgements
10.1. Informative References . . . . . . . . . . . . . . . . . 35 Authors' Addresses
10.2. Normative References . . . . . . . . . . . . . . . . . . 35
Appendix A. Change History . . . . . . . . . . . . . . . . . . . 36
A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 36
A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 37
A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 38
A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 38
A.5. Change from 04 to 05 . . . . . . . . . . . . . . . . . . 38
A.6. Change from 05 to 06 . . . . . . . . . . . . . . . . . . 38
A.7. Change from 06 to 07 . . . . . . . . . . . . . . . . . . 38
A.8. Change from 07 to 08 . . . . . . . . . . . . . . . . . . 39
A.9. Change from 08 to 09 . . . . . . . . . . . . . . . . . . 39
A.10. Change from 09 to 10 . . . . . . . . . . . . . . . . . . 39
A.11. Change from 10 to 11 . . . . . . . . . . . . . . . . . . 40
A.12. Change from 11 to 12 . . . . . . . . . . . . . . . . . . 40
A.13. Change from 12 to 13 . . . . . . . . . . . . . . . . . . 41
A.14. Change from 13 to 14 . . . . . . . . . . . . . . . . . . 41
A.15. Change from 14 to 15 . . . . . . . . . . . . . . . . . . 42
A.16. Change from 15 to 16 . . . . . . . . . . . . . . . . . . 42
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
1. Introduction 1. Introduction
This document describes an RDAP extension for specifying methods of This document describes an RDAP extension for specifying methods of
redaction of RDAP responses and explicitly identifying redacted RDAP redaction of RDAP responses and explicitly identifying redacted RDAP
response fields, using JSONPath as the default expression language. response fields, using JSONPath as the default expression language.
A redacted RDAP field is one that has data removed or replaced in the A redacted RDAP field is one that has data removed or replaced in the
RDAP response due to server policy, such as the lack of client RDAP response due to server policy, such as the lack of client
privilege to receive the field. This extension can be used to privilege to receive the field. This extension can be used to
identify redacted RDAP fields in any RDAP object class, as defined in identify redacted RDAP fields in any RDAP object class, as defined in
[RFC9083], or RDAP fields defined in RDAP extensions. Because an [RFC9083], or RDAP fields defined in RDAP extensions. Because an
RDAP response may exclude a field due to either the lack of data or RDAP response may exclude a field due to either the lack of data or
based on the lack of RDAP client privileges, this extension is used the lack of RDAP client privileges, this extension is used to
to explicitly specify which RDAP fields are not included in the RDAP explicitly specify which RDAP fields are not included in the RDAP
response due to redaction. It thereby provides a capability for response due to redaction. It thereby provides a capability for
disambiguation between redaction and possible other reasons for data disambiguation between redaction and other possible reasons for data
or field absence. or field absence.
In [RFC9082] RDAP supports both lookup and search queries, where a In [RFC9082], RDAP supports both lookup and search queries, where a
lookup query responds with a single object and a search query lookup query responds with a single object and a search query
responds with a list of objects. This document applies to redaction responds with a list of objects. This document applies to redaction
of a single object of a lookup response and in each of the objects of of a single object of a lookup response and in each of the objects of
a search response. a search response.
JSONPath, as defined in [I-D.ietf-jsonpath-base], is used as the JSONPath, as defined in [RFC9535], is used as the default expression
default expression language to reference RDAP fields that have been language to reference RDAP fields that have been redacted. The
redacted. The redacted JSON fields will either be removed, have redacted JSON fields will be removed, have empty values, have partial
empty values, have partial values, or be replaced in the RDAP values, or be replaced in the RDAP response. JSON is defined by
response. JSON is defined by [RFC8259]. [RFC8259].
2. Conventions Used in This Document 2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in
14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
The JSON examples include extra line breaks and whitespace. For The JSON examples include extra line breaks and whitespace. For
instance, the JSONPath expressions are broken out into multiple lines instance, the JSONPath expressions are broken out into multiple lines
when required for illustration. when required for illustration.
The JSONPath expressions in the examples are for illustration The JSONPath expressions in the examples are for illustration
purposes with single-role entities and the exact expressions to use purposes with single-role entities, and the exact expressions to use
by the server is out-of-scope. by the server is out of scope.
3. Redaction Methods 3. Redaction Methods
Redaction in RDAP can be handled in multiple ways. Redaction in RDAP Redaction in RDAP can be handled in multiple ways. The resulting
can be handled in multiple ways. The resulting redacted RDAP redacted RDAP response MUST comply with the format defined in the
response MUST comply with the format defined in the RDAP RFCs with RDAP RFCs, such as [RFC9083] and updates. The use of placeholder
the RDAP RFCs, such as [RFC9083] and updates. The use of placeholder text for the values of the RDAP fields, such as "XXXX", MUST NOT be
text for the values of the RDAP fields, such as the placeholder text used for redaction, since the placeholder text value may not match
"XXXX", MUST NOT be used for redaction, since the placeholder text the format requirements of each of the RDAP fields, which could
value may not match the format requirements of each of the RDAP provide an inconsistent and unreliable redaction signal. This
fields and provides an inconsistent and unreliable redaction signal. section covers the redaction methods that can be used with the
This section covers the redaction methods that can be used with the
redaction signaling defined in Section 4.2. redaction signaling defined in Section 4.2.
RDAP responses, as defined in [RFC9083], include a mix of JSON RDAP responses, as defined in [RFC9083], include a mix of JSON
objects and JSON arrays, where JSON arrays are heavily used for objects and JSON arrays, where JSON arrays are heavily used for
entity objects with jCard [RFC7095]. jCard [RFC7095] is a JSON entity objects with jCard [RFC7095]. jCard [RFC7095] is a JSON
representation of vCard [RFC6350] that inherits its dependency on representation of vCard [RFC6350] that inherits its dependency on
arrays. An example is the vCard [RFC6350] "ADR" property / jCard arrays. An example is the vCard [RFC6350] "ADR" property / jCard
[RFC7095] "adr" property that defines a sequence of address [RFC7095] "adr" property, which defines a sequence of address
components. According to [RFC6350], when an "ADR" property component components. According to [RFC6350], when an "ADR" property component
value is missing, the associated component separator MUST still be value is missing, the associated component separator MUST still be
specified. jCard [RFC7095] extends the use of arrays with each specified. jCard [RFC7095] extends the use of arrays with each
individual vCard property being represented by an array of three individual vCard property being represented by an array of three
fixed elements, followed by one or more additional elements. The mix fixed elements, followed by one or more additional elements. The mix
of JSON objects and JSON arrays impacts the methods used for of JSON objects and JSON arrays impacts the methods used for
redaction in RDAP. redaction in RDAP.
The redaction of RDAP fields fall into the four categories defined in The redaction of RDAP fields fall into the four categories defined in
the following sub-sections. the following subsections.
3.1. Redaction by Removal Method 3.1. Redaction by Removal Method
The Redaction by Removal Method is when the RDAP field is removed The Redaction by Removal Method is when the RDAP field is removed
from the RDAP response, which is the default method. The Redaction from the RDAP response, which is the default method. The Redaction
by Removal Method can be done for all RDAP response fields other than by Removal Method can be done for all RDAP response fields except for
response fields using the position in an array to signal the redacted response fields using the position in an array to signal the redacted
field (e.g., the JSON arrays used with jCard [RFC7095]). RDAP field (e.g., the JSON arrays used with jCard [RFC7095]). RDAP
extensions such as JSContact in Registration Data Access Protocol extensions, such as the one described in "Using JSContact in
(RDAP) JSON Responses [I-D.ietf-regext-rdap-jscontact] do not have a Registration Data Access Protocol (RDAP) JSON Responses"
dependency on the use of positional JSON arrays and are therefore [RDAP-JSCONTACT], do not have a dependency on the use of positional
suited for the Redaction by Removal Method. JSON arrays and are therefore suited for the Redaction by Removal
Method.
When an RDAP object is redacted by removal, all of the RDAP object's When an RDAP object is redacted by removal, all of the RDAP object's
child fields are also removed. Only the redacted RDAP object needs child fields are also removed. Only the redacted RDAP object needs
to be referenced in the list of redacted fields, as defined in to be referenced in the list of redacted fields, as defined in
Section 4.2. Section 4.2.
An example of redacting an RDAP object is removing the administrative An example of redacting an RDAP object is removing the administrative
contact from the RDAP response and including the following "redacted" contact from the RDAP response and including the following "redacted"
member: member:
skipping to change at page 5, line 30 skipping to change at line 190
The Redaction by Removal Method MUST NOT be used to remove an element The Redaction by Removal Method MUST NOT be used to remove an element
of an array where the position of the element in the array determines of an array where the position of the element in the array determines
semantic meaning. For example, removal of an individual data field semantic meaning. For example, removal of an individual data field
in jCard [RFC7095] will result in a non-conformant jCard [RFC7095] in jCard [RFC7095] will result in a non-conformant jCard [RFC7095]
array definition. array definition.
3.2. Redaction by Empty Value Method 3.2. Redaction by Empty Value Method
The Redaction by Empty Value Method is when a redacted field is not The Redaction by Empty Value Method is when a redacted field is not
removed, but its value is set to an empty value, such as "" for a removed but its value is set to an empty value, such as "" for a
jCard [RFC7095] Text ("text") property or null for a non-Text jCard [RFC7095] Text ("text") property or null for a non-Text
property. The empty jCard [RFC7095] values ("" or null) are property. The empty jCard [RFC7095] values ("" or null) are
referenced in the "redacted" member in place of the jCard [RFC7095] referenced in the "redacted" member in place of the jCard [RFC7095]
property name in a array, such as referencing the "fn" jCard property name in an array, such as referencing the "fn" jCard
[RFC7095] property value at position 3 instead of referencing the [RFC7095] property value at position 3 instead of referencing the
"fn" jCard property name at position 0. The Redaction by Empty Value "fn" jCard property name at position 0. The Redaction by Empty Value
Method MUST be used only when redacting JSON response fields that use Method MUST be used only when redacting JSON response fields that use
the position in an array to signal the redacted field (e.g., jCard the position in an array to signal the redacted field (e.g., jCard
[RFC7095] arrays). Optional jCard [RFC7095] properties MUST use the [RFC7095] arrays). Optional jCard [RFC7095] properties MUST use the
Redaction by Removal Method (Section 3.1) to redact the entire Redaction by Removal Method (Section 3.1) to redact the entire
property. The required jCard [RFC7095] "fn" property, defined in property. The required jCard [RFC7095] "fn" property, defined in
section 6.2.1 of vCard [RFC6350], MUST use the Redaction by Empty Section 6.2.1 of vCard [RFC6350], MUST use the Redaction by Empty
Value Method to redact the property value. Removing the "fn" Value Method to redact the property value. Removing the "fn"
property would violate vCard [RFC6350] and removing the property property would violate vCard [RFC6350], and removing the property
value would violate the fixed array positions defined in jCard value would violate the fixed array positions defined in jCard
[RFC7095]. [RFC7095].
An example of the redacted "fn" jCard property using the Redaction by An example of the redacted "fn" jCard property using the Redaction by
Empty Value Method: Empty Value Method:
[ [
"fn", "fn",
{}, {},
"text", "text",
"" ""
] ]
Figure 2: Redacted "fn" jCard property using Redaction by Empty Figure 2: Redacted "fn" jCard Property Using the Redaction by
Value Method Empty Value Method
An example of the "redacted" member for the redacted "fn" jCard An example of the "redacted" member for the redacted "fn" jCard
property value, which is array position 3: property value, which is array position 3:
"redacted": [ "redacted": [
{ {
"name": { "name": {
"description": "Registrant Name" "description": "Registrant Name"
}, },
"postPath": "$.entities[?(@.roles[0]=='registrant')]. "postPath": "$.entities[?(@.roles[0]=='registrant')].
vcardArray[1][?(@[0]=='fn')][3]", vcardArray[1][?(@[0]=='fn')][3]",
"pathLang": "jsonpath", "pathLang": "jsonpath",
"method": "emptyValue", "method": "emptyValue",
"reason": { "reason": {
"description": "Server policy" "description": "Server policy"
} }
} }
] ]
Figure 3: Redacted Registrant Name using Array Position Figure 3: Redacted Registrant Name Using an Array Position
3.3. Redaction by Partial Value Method 3.3. Redaction by Partial Value Method
The Redaction by Partial Value Method is when a redacted field is not The Redaction by Partial Value Method is when a redacted field is not
removed, but its value has a portion of the data removed, such as for removed but its value has a portion of the data removed, such as for
the "label" or "fn" jCard [RFC7095] properties. The partial values the "label" or "fn" jCard [RFC7095] properties. The partial values
are referenced in the "redacted" member in place of the property name are referenced in the "redacted" member in place of the property name
in a array, such as referencing the "fn" jCard [RFC7095] property in an array, such as referencing the "fn" jCard [RFC7095] property
value at position 3 instead of referencing the "fn" jCard property value at position 3 instead of referencing the "fn" jCard property
name at position 0. The Redaction by Partial Value Method SHOULD be name at position 0. The Redaction by Partial Value Method SHOULD be
used only when redacting JSON response fields that use a formatted used only when redacting JSON response fields that use a formatted
value, where a portion of the value is removed. value, where a portion of the value is removed.
An example of the "label" jCard property in Figure 15 of [RFC7095] An example of the "label" jCard property in Figure 15 of [RFC7095]
that redacts "123 Maple Ave\nSuite 901\n": that redacts "123 Maple Ave\nSuite 901\n":
["adr", ["adr",
{ {
"type":"home", "type":"home",
"label":"Vancouver\nBC\n1239\n" "label":"Vancouver\nBC\n1239\n"
}, },
"text", "text",
[ [
"", "", "", "", "", "", "" "", "", "", "", "", "", ""
] ]
] ]
Figure 4: Redacted "label" jCard property Figure 4: Redacted "label" jCard Property
An example of the "redacted" member for the redacted "label" jCard An example of the "redacted" member for the redacted "label" jCard
property value, based on Figure 15 of [RFC7095]: property value, based on Figure 15 of [RFC7095]:
"redacted": [ "redacted": [
{ {
"name": { "name": {
"description": "Home Address Label" "description": "Home Address Label"
}, },
"postPath": "$.vcardArray[1][?(@[0]=='adr')][1].label", "postPath": "$.vcardArray[1][?(@[0]=='adr')][1].label",
"pathLang": "jsonpath", "pathLang": "jsonpath",
"method": "partialValue", "method": "partialValue",
"reason": { "reason": {
"description": "Server policy" "description": "Server policy"
} }
} }
] ]
Figure 5: Redacted Label using the Redaction by Partial Value Method Figure 5: Redacted Label Using the Redaction by Partial Value Method
3.4. Redaction by Replacement Value Method 3.4. Redaction by Replacement Value Method
The Redaction by Replacement Value Method is when a redacted field is The Redaction by Replacement Value Method is when a redacted field is
not removed, but its value is replaced with a different value, such not removed but its value is replaced with a different value, such as
as protecting the "email" jCard [RFC7095] property value with an protecting the "email" jCard [RFC7095] property value with an
anonymized email "text" value or the use of an alternative "uri" anonymized email "text" value or the use of an alternative "uri"
value to a web form. Replacing a property value is a form of value to a web form. Replacing a property value is a form of
redaction, since it protects the true property value for privacy redaction, since it protects the true property value for privacy
reasons. reasons.
An example of the redacted "email" jCard property using the Redaction An example of the redacted "email" jCard property using the Redaction
by Replacement Value Method with an anonymized email: by Replacement Value Method with an anonymized email:
[ [
"email", "email",
{}, {},
"text", "text",
"anonymized123@example.com" "anonymized123@example.com"
] ]
Figure 6: Redacted "email" jCard property using Redaction by Figure 6: Redacted "email" jCard Property Using the Redaction by
Replacement Value Method with an anonymized email Replacement Value Method with an Anonymized Email
An example of the "redacted" member for the redacted registrant An example of the "redacted" member for the redacted registrant
"email" jCard property value with an anonymized "text" value. "email" jCard property value with an anonymized "text" value:
"redacted": [ "redacted": [
{ {
"name": { "name": {
"description": "Registrant Email" "description": "Registrant Email"
}, },
"postPath": "$.entities[?(@.roles[0]=='registrant')]. "postPath": "$.entities[?(@.roles[0]=='registrant')].
vcardArray[1][?(@[0]=='email')][3]", vcardArray[1][?(@[0]=='email')][3]",
"pathLang": "jsonpath", "pathLang": "jsonpath",
"method": "replacementValue", "method": "replacementValue",
} }
] ]
Figure 7: Redacted Email using Replacement Value with an Figure 7: Redacted Email Using a Replacement Value with an
anonymized "text" value Anonymized "text" Value
An example of the redacted "email" jCard property using the Redaction An example of the redacted "email" jCard property using the Redaction
by Replacement Value Method with a [RFC8605] "contact-uri" jCard by Replacement Value Method with a "contact-uri" [RFC8605] jCard
property to a web form: property to a web form:
[ [
"contact-uri", "contact-uri",
{}, {},
"uri", "uri",
"https://email.example.com/123" "https://email.example.com/123"
] ]
Figure 8: Redacted "email" jCard property using Redaction by Figure 8: Redacted "email" jCard Property Using the Redaction by
Replacement Value Method with a "contact-uri" jCard property to a Replacement Value Method with a "contact-uri" jCard Property to a
web form Web Form
An example of the "redacted" member for the redacted registrant An example of the "redacted" member for the redacted registrant
"email" jCard property with a [RFC8605] "contact-uri" jCard property "email" jCard property with a "contact-uri" [RFC8605] jCard property
to a web form: to a web form:
"redacted": [ "redacted": [
{ {
"name": { "name": {
"description": "Registrant Email" "description": "Registrant Email"
}, },
"prePath": "$.entities[?(@.roles[0]=='registrant')]. "prePath": "$.entities[?(@.roles[0]=='registrant')].
vcardArray[1][?(@[0]=='email')]", vcardArray[1][?(@[0]=='email')]",
"replacementPath": "$.entities[?(@.roles[0]=='registrant')]. "replacementPath": "$.entities[?(@.roles[0]=='registrant')].
vcardArray[1][?(@[0]=='contact-uri')]", vcardArray[1][?(@[0]=='contact-uri')]",
"pathLang": "jsonpath", "pathLang": "jsonpath",
"method": "replacementValue", "method": "replacementValue",
} }
] ]
Figure 9: Redacted Email using Replacement Value with a "contact- Figure 9: Redacted Email Using a Replacement Value with a
uri" jCard property to a web form "contact-uri" jCard Property to a Web Form
4. Redacted RDAP Response 4. Redacted RDAP Response
4.1. RDAP Conformance 4.1. RDAP Conformance
RDAP responses that contain values described in this document MUST RDAP responses that contain values described in this document MUST
indicate conformance with this specification by including an indicate conformance with this specification by including an
"rdapConformance" ([RFC9083]) value of "redacted". The "redacted" "rdapConformance" [RFC9083] value of "redacted". The "redacted"
extension identifier is described in Section 6.1. extension identifier is described in Section 6.1.
Example "rdapConformance" member with the redacted extension: Example "rdapConformance" member with the redacted extension:
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted" "redacted"
] ]
Figure 10: "rdapConformance" with Redacted Extension Figure 10: "rdapConformance" with Redacted Extension
4.2. "redacted" Member 4.2. "redacted" Member
The "redacted" member MUST be added to the RDAP response when there The "redacted" member MUST be added to the RDAP response when there
is one or more redacted fields. The "redacted" member is included as is one or more redacted fields. The "redacted" member is included as
a member of the object instance in a lookup response, such as the a member of the object instance in a lookup response, such as the
object classes defined in [RFC9083], and as a member of the object object classes defined in [RFC9083], and as a member of the object
instances in a search response. instances in a search response.
The server including a redacted signal provides an unauthorized The server, including a redacted signal, provides an unauthorized
client additional information related to the existence of data and client additional information related to the existence of data and
MAY exclude the redacted members for RDAP fields that are considered MAY exclude the redacted members for RDAP fields that are considered
a privacy issue in providing a data existence signal. The server MAY a privacy issue in providing a data existence signal. The server MAY
choose to publish a redaction policy describing how this extension is choose to publish a redaction policy describing how this extension is
implemented for their constituency. The contents of such a policy implemented for their constituency. The contents of such a policy
are outside the scope of this specification. are outside the scope of this specification.
The "redacted" member contains an array of objects with the following The "redacted" member contains an array of objects with the following
child members: child members:
skipping to change at page 10, line 27 skipping to change at line 413
name used for the redacted field is up to server policy. The name used for the redacted field is up to server policy. The
logical name is defined using an object with a "type" field logical name is defined using an object with a "type" field
denoting a registered redacted name (see Section 6.2) or a denoting a registered redacted name (see Section 6.2) or a
"description" field denoting an unregistered redacted name. The "description" field denoting an unregistered redacted name. The
registered redacted names and the chosen unregistered names can registered redacted names and the chosen unregistered names can
meet the needs of different RDAP services or industries. meet the needs of different RDAP services or industries.
"prePath": OPTIONAL JSON path expression referencing a redacted JSON "prePath": OPTIONAL JSON path expression referencing a redacted JSON
field in the pre-redacted response. The "prePath" member MAY be field in the pre-redacted response. The "prePath" member MAY be
set when the redacted field does not exist in the redacted set when the redacted field does not exist in the redacted
response for the Redaction By Removal Method (Section 3.1) and response for the Redaction by Removal Method (Section 3.1) and
the Redaction by Replacement Value Method (Section 3.4). The the Redaction by Replacement Value Method (Section 3.4). The
"prePath" member MUST NOT be set when the "postPath" member is "prePath" member MUST NOT be set when the "postPath" member is
set. set.
"postPath": OPTIONAL JSON path expression referencing a redacted "postPath": OPTIONAL JSON path expression referencing a redacted
JSON field in the redacted (post-redacted) response. The JSON field in the redacted (post-redacted) response. The
"postPath" member MUST be set when the redacted field does exist "postPath" member MUST be set when the redacted field does exist
in the redacted response for the Redaction by Empty Value Method in the redacted response for the Redaction by Empty Value Method
(Section 3.2), the Redaction by Partial Value Method (Section 3.2), the Redaction by Partial Value Method
(Section 3.3), and the Redaction by Replacement Value Method (Section 3.3), and the Redaction by Replacement Value Method
(Section 3.4). The "postPath" member MUST NOT be set when the (Section 3.4). The "postPath" member MUST NOT be set when the
"prePath" member is set. "prePath" member is set.
"replacementPath": OPTIONAL JSON path expression of the replacement "replacementPath": OPTIONAL JSON path expression of the replacement
field of the redacted field with the Redaction by Replacement field of the redacted field with the Redaction by Replacement
Value Method (Section 3.4), using the expression language defined Value Method (Section 3.4), using the expression language defined
by the "pathLang" member. by the "pathLang" member.
"pathLang": OPTIONAL JSON path expression language used, with the "pathLang": OPTIONAL JSON path expression language used, with the
default value of "jsonpath" for JSONPath default value of "jsonpath" for JSONPath [RFC9535]. Other JSON
([I-D.ietf-jsonpath-base]). Other JSON path expression languages path expression languages registered with the "redacted
registered with the "redacted expression language" RDAP JSON expression language" Type in the "RDAP JSON Values" registry MAY
Values Registry Type MAY be used based on server policy. be used based on server policy.
"method": OPTIONAL redaction method used; with one of the following "method": OPTIONAL redaction method used, with one of the following
values: values:
* "removal" indicating the Redaction By Removal Method * "removal" indicating the Redaction by Removal Method
(Section 3.1), (Section 3.1),
* "emptyValue" indicating the Redaction by Empty Value Method * "emptyValue" indicating the Redaction by Empty Value Method
(Section 3.2), or (Section 3.2),
* "partialValue" indicating the Redaction by Partial Value * "partialValue" indicating the Redaction by Partial Value
Method (Section 3.3), or Method (Section 3.3), or
* "replacementValue" indicating the Redaction by Replacement * "replacementValue" indicating the Redaction by Replacement
Value Method. (Section 3.4) Value Method (Section 3.4).
The default value is "removal" when not provided. The default value is "removal" when not provided.
"reason": OPTIONAL human readable reason(s) for the redacted field "reason": OPTIONAL human-readable reason(s) for the redacted field
in the language defined by the [RFC9083] "lang" member. The in the language defined by the "lang" [RFC9083] member. The
default language is "en" if the [RFC9083] "lang" member is not default language is "en" if the "lang" [RFC9083] member is not
specified. The reason is defined using an object with an specified. The reason is defined using an object with an
OPTIONAL "type" field denoting a registered redacted reason (see OPTIONAL "type" field denoting a registered redacted reason (see
see Section 6.2) and an OPTIONAL "description" field denoting an Section 6.2) and an OPTIONAL "description" field denoting an
unregistered redacted reason. The "description" field MUST NOT unregistered redacted reason. The "description" field MUST NOT
be a client processing dependency. be a client processing dependency.
Example unredacted version of an RDAP lookup response: Example of the unredacted version of an RDAP lookup response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0" "rdap_level_0"
], ],
"objectClassName": "domain", "objectClassName": "domain",
"handle": "ABC123", "handle": "ABC123",
"ldhName": "example.com", "ldhName": "example.com",
"secureDNS": { "secureDNS": {
"delegationSigned": false "delegationSigned": false
skipping to change at page 19, line 42 skipping to change at line 861
"status": [ "status": [
"server delete prohibited", "server delete prohibited",
"server update prohibited", "server update prohibited",
"server transfer prohibited", "server transfer prohibited",
"client transfer prohibited" "client transfer prohibited"
] ]
} }
Figure 11: Unredacted RDAP Lookup Response Figure 11: Unredacted RDAP Lookup Response
Example redacted version of an RDAP lookup response: Example of the redacted version of an RDAP lookup response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted" "redacted"
], ],
"objectClassName": "domain", "objectClassName": "domain",
"ldhName": "example.com", "ldhName": "example.com",
"secureDNS": { "secureDNS": {
"delegationSigned": false "delegationSigned": false
skipping to change at page 28, line 19 skipping to change at line 1270
"method": "removal", "method": "removal",
"reason": { "reason": {
"description": "Refer to the registrant contact" "description": "Refer to the registrant contact"
} }
} }
] ]
} }
Figure 12: Redacted RDAP Lookup Response Figure 12: Redacted RDAP Lookup Response
Example unredacted version of an RDAP search response: Example of the unredacted version of an RDAP search response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0" "rdap_level_0"
], ],
"domainSearchResults":[ "domainSearchResults":[
{ {
"objectClassName": "domain", "objectClassName": "domain",
"handle": "ABC121", "handle": "ABC121",
"ldhName": "example1.com", "ldhName": "example1.com",
skipping to change at page 30, line 5 skipping to change at line 1320
"href":"https://example.com/rdap/domain/example2.com", "href":"https://example.com/rdap/domain/example2.com",
"type":"application/rdap+json" "type":"application/rdap+json"
} }
] ]
} }
] ]
} }
Figure 13: Unredacted RDAP Search Response Figure 13: Unredacted RDAP Search Response
Example redacted version of an RDAP search response: Example of the redacted version of an RDAP search response:
{ {
"rdapConformance": [ "rdapConformance": [
"rdap_level_0", "rdap_level_0",
"redacted" "redacted"
], ],
"domainSearchResults":[ "domainSearchResults":[
{ {
"objectClassName": "domain", "objectClassName": "domain",
"ldhName": "example1.com", "ldhName": "example1.com",
skipping to change at page 31, line 34 skipping to change at line 1397
} }
] ]
} }
] ]
} }
Figure 14: Redacted RDAP Search Response Figure 14: Redacted RDAP Search Response
5. JSONPath Considerations 5. JSONPath Considerations
JSONPath [I-D.ietf-jsonpath-base] is the default JSON path expression JSONPath [RFC9535] is the default JSON path expression language.
language. This section includes JSONPath considerations for clients This section includes JSONPath considerations for clients and
and servers. servers.
5.1. JSONPath Client Considerations 5.1. JSONPath Client Considerations
This section covers considerations for clients that receive responses This section covers considerations for clients that receive responses
from servers using [I-D.ietf-jsonpath-base] to identify redacted RDAP from servers using JSONPath [RFC9535] to identify redacted RDAP
fields with the "prePath" or "postPath" member of redacted objects in fields with the "prePath" or "postPath" member of redacted objects in
the "redacted" member. The list of JSONPath client considerations the "redacted" member. The list of JSONPath client considerations
include: include:
1. When the server is using the Redaction By Removal Method 1. When the server is using the Redaction by Removal Method
(Section 3.1) or the Redaction by Replacement Value Method (Section 3.1) or the Redaction by Replacement Value Method
(Section 3.4) with an alternative field value, the JSONPath (Section 3.4) with an alternative field value, the JSONPath
expression of the "prePath" member will not resolve successfully expression of the "prePath" member will not resolve successfully
with the redacted response. The client can key off the "name" with the redacted response. The client can key off the "name"
member for display logic related to the redaction. member for display logic related to the redaction.
5.2. JSONPath Server Considerations 5.2. JSONPath Server Considerations
This section covers considerations for servers using This section covers considerations for servers using JSONPath
[I-D.ietf-jsonpath-base] to identify redacted RDAP fields with the [RFC9535] to identify redacted RDAP fields with the "prePath" or
"prePath" or "postPath" member of redacted objects in the "redacted" "postPath" member of redacted objects in the "redacted" member. The
member. The list of JSONPath considerations include: list of JSONPath considerations include:
1. Use absolute paths with the '$' JSONPath element. An example is 1. Use absolute paths with the '$' JSONPath element. An example is
"$.handle" for the "Registry Domain ID" in a lookup response or "$.handle" for the "Registry Domain ID" in a lookup response or
"$.domainSearchResults[0].handle" in a search response. "$.domainSearchResults[0].handle" in a search response.
2. Validate a JSONPath expression with the non-redacted RDAP 2. Validate a JSONPath expression with the non-redacted RDAP
response when using the "prePath" member, where evaluating the response when using the "prePath" member, where evaluating the
expression results in returning the redacted field. expression results in returning the redacted field.
3. Reference the removed object field when redacting an entire 3. Reference the removed object field when redacting an entire
object by the Redaction by Removal Method (Section 3.1), where object by the Redaction by Removal Method (Section 3.1), where
all of the object's child fields are explicitly removed. An all of the object's child fields are explicitly removed. An
example is "$.entities[?(@.roles[0]=='administrative')]" for the example is "$.entities[?(@.roles[0]=='administrative')]" for the
entire "Administrative Contact". entire "Administrative Contact".
4. It is possible for there to be multiple bases for the redaction
of certain content. For example, if server policy is such that 4. Use multiple bases for the redaction of certain content. For
all administrative-role entities are redacted and all technical- example, if server policy is such that all administrative-role
role entities are redacted, then an entity having both the entities are redacted and all technical-role entities are
administrative role and the technical role could be redacted for redacted, then an entity having both the administrative role and
two different reasons. In this situation, a server is required the technical role could be redacted for two different reasons.
to include at least one "redacted" entry, but should consider In this situation, a server is required to include at least one
including a separate "redacted" entry for each applicable basis "redacted" entry, but it should consider including a separate
for redaction, so as to clearly document the server policies that "redacted" entry for each applicable basis for redaction to
are relevant to redaction in each instance. clearly document the server policies that are relevant to
redaction in each instance.
5. Reference the removed field when using the Redaction by Removal 5. Reference the removed field when using the Redaction by Removal
Method (Section 3.1). An example is "$.handle" for the "Registry Method (Section 3.1). An example is "$.handle" for the "Registry
Domain ID". Domain ID".
6. Reference index 0 of the jCard [RFC7095] property array, which is 6. Reference index 0 of the jCard [RFC7095] property array, which is
the jCard [RFC7095] "name" property, with a filter expression the jCard [RFC7095] "name" property, with a filter expression
containing the name of the field, when redacting a jCard containing the name of the field when redacting a jCard [RFC7095]
[RFC7095] field using the Redaction by Removal Method field using the Redaction by Removal Method (Section 3.1). An
(Section 3.1). An example is "$.entities[?(@.roles[0]=='registra example is "$.entities[?(@.roles[0]=='registrant')].vcardArray[1]
nt')].vcardArray[1][?(@[0]=='email')]" for the "Registrant [?(@[0]=='email')]" for the "Registrant Email".
Email".
7. Reference jCard [RFC7095] field value or values redacted by array 7. Reference the jCard [RFC7095] field value or values redacted by
index 3 and greater, when redacting a jCard [RFC7095] field using array index 3 and greater when redacting a jCard [RFC7095] field
the Redaction by Empty Value Method (Section 3.2). The jCard using the Redaction by Empty Value Method (Section 3.2). The
[RFC7095] property array index 3 and greater contain the property jCard [RFC7095] property array index 3 and greater contain the
values, where the property values set with an empty value are property values, where the property values set with an empty
referenced directly in place of the jCard [RFC7095] property value are referenced directly in place of the jCard [RFC7095]
name. Servers can then systematically redact jCard [RFC7095] property name. Servers can then systematically redact the jCard
field value or values based on the JSONPath expressions and [RFC7095] field value or values based on the JSONPath
clients will directly know which jCard [RFC7095] property values expressions, and clients will directly know which jCard [RFC7095]
have been redacted. An example is "$.entities[?(@.roles[0]=='reg property values have been redacted. An example is "$.entities[?(
istrant')].vcardArray[1][?(@[0]=='fn')][3]" for the "Registrant @.roles[0]=='registrant')].vcardArray[1][?(@[0]=='fn')][3]" for
Name" or "$.entities[?(@.roles[0]=='registrant')].vcardArray[1][? the "Registrant Name" or "$.entities[?(@.roles[0]=='registrant')]
(@[0]=='adr')][3][5]" for the "Registrant Postal Code". .vcardArray[1][?(@[0]=='adr')][3][5]" for the "Registrant Postal
Code".
8. RDAP extensions should define any special JSONPath considerations 8. RDAP extensions should define any special JSONPath considerations
required to identify redacted RDAP fields if these considerations required to identify redacted RDAP fields if these considerations
are insufficient. are insufficient.
6. IANA Considerations 6. IANA Considerations
6.1. RDAP Extensions Registry 6.1. RDAP Extensions Registry
IANA is requested to register the following value in the RDAP IANA has registered the following value in the "RDAP Extensions"
Extensions Registry: registry:
Extension Identifier: redacted
Registry Operator: Any
Specification: RFC 9537
Extension identifier: redacted
Registry operator: Any
Published specification: This document.
Contact: IESG <iesg@ietf.org> Contact: IESG <iesg@ietf.org>
Intended usage: This extension identifies the redacted fields in an
Intended Usage: This extension identifies the redacted fields in an
RDAP response. RDAP response.
6.2. RDAP JSON Values Registry 6.2. RDAP JSON Values Registry
Section 10.2 of [RFC9083] defines the RDAP JSON Values Registry with Section 10.2 of [RFC9083] defines the "RDAP JSON Values" registry
pre-defined Type field values and the use of the "Expert Review" with predefined Type field values and a registration policy of Expert
policy defined in [RFC8126]. This specification defines three new Review [RFC8126]. This specification defines three new Type field
RDAP JSON Values Registry Type field values that can be used to values that can be used to register predefined redacted name, reason,
register pre-defined redacted name, reason, and expression language and expression language values. IANA has updated the "RDAP JSON
values. IANA is instructed to update the RDAP JSON Values Registry Values" registry to accept these additional Type field values as
to accept these additional type field values as follows: follows:
"redacted name": Redacted name being registered. The registered "redacted name": Redacted name being registered. The registered
redacted name is referenced using the "type" field of the redacted name is referenced using the "type" field of the
redacted "name" field. redacted "name" field.
"redacted reason": Redacted reason being registered. The registered "redacted reason": Redacted reason being registered. The registered
redacted reason is referenced using the "type" field of the redacted reason is referenced using the "type" field of the
redacted "reason" field. redacted "reason" field.
"redacted expression language": Redacted expression language being "redacted expression language": Redacted expression language being
registered. The registered redacted expression language is registered. The registered redacted expression language is
referenced using the "pathLang" field. referenced using the "pathLang" field.
The following values should be registered by the IANA in the RDAP IANA has also listed this document as a reference for the "RDAP JSON
JSON Values Registry described in [RFC9083]: Values" registry and has registered the following value:
Value: jsonpath Value: jsonpath
Type: redacted expression language
Description: JSON path expression language, as defined in draft-
ietf-jsonpath-base.
Registrant Name: IETF Type: redacted expression language
Registrant Contact Information: iesg@ietf.org
7. Implementation Status
Note to RFC Editor: Please remove this section and the reference to
RFC 7942 [RFC7942] before publication.
This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in RFC 7942
[RFC7942]. The description of implementations in this section is
intended to assist the IETF in its decision processes in progressing
drafts to RFCs. Please note that the listing of any individual
implementation here does not imply endorsement by the IETF.
Furthermore, no effort has been spent to verify the information
presented here that was supplied by IETF contributors. This is not
intended as, and must not be construed to be, a catalog of available
implementations or their features. Readers are advised to note that
other implementations may exist.
According to RFC 7942 [RFC7942], "this will allow reviewers and
working groups to assign due consideration to documents that have the
benefit of running code, which may serve as evidence of valuable
experimentation and feedback that have made the implemented protocols
more mature. It is up to the individual working groups to use this
information as they see fit".
7.1. IIT-CNR/Registro.it RDAP Server
Responsible Organization: Institute of Informatics and Telematics of
National Research Council (IIT-CNR)/Registro.it
Location: https://rdap.pubtest.nic.it/
Description: This implementation includes support for RDAP queries Description: JSON path expression language, as defined in RFC 9535.
using data from the public test environment of .it ccTLD. The
"redacted" array can be returned in the response to the domain lookup
that is the only available to anonymous users.
Level of Maturity: This is an "alpha" test implementation. Registrant: IETF
Coverage: This implementation includes all of the features described Contact Information: iesg@ietf.org
in this specification.
Contact Information: Mario Loffredo, mario.loffredo@iit.cnr.it Reference: RFC 9537
8. Security Considerations 7. Security Considerations
The extension described in this document does not provide any The extension described in this document does not provide any
security services beyond those described by [RFC9083]. security services beyond those described by [RFC9083].
9. Acknowledgements 8. References
The authors wish to thank the following persons for their feedback
and suggestions: Marc Blanchet, Tom Harrison, Scott Hollenbeck, Pawel
Kowalik, Mario Loffredo, Gustavo Lozano, Andy Newton, Jasdip Singh,
and Rick Wilhelm.
10. References
10.1. Informative References
[I-D.ietf-regext-rdap-jscontact]
Loffredo, M. and G. Brown, "Using JSContact in
Registration Data Access Protocol (RDAP) JSON Responses",
Work in Progress, Internet-Draft, draft-ietf-regext-rdap-
jscontact-16, 6 June 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-regext-
rdap-jscontact-16>.
[RFC8605] Hollenbeck, S. and R. Carney, "vCard Format Extensions:
ICANN Extensions for the Registration Data Access Protocol
(RDAP)", RFC 8605, DOI 10.17487/RFC8605, May 2019,
<https://www.rfc-editor.org/info/rfc8605>.
10.2. Normative References
[I-D.ietf-jsonpath-base] 8.1. Normative References
Gössner, S., Normington, G., and C. Bormann, "JSONPath:
Query expressions for JSON", Work in Progress, Internet-
Draft, draft-ietf-jsonpath-base-21, 24 September 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-
jsonpath-base-21>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6350] Perreault, S., "vCard Format Specification", RFC 6350, [RFC6350] Perreault, S., "vCard Format Specification", RFC 6350,
DOI 10.17487/RFC6350, August 2011, DOI 10.17487/RFC6350, August 2011,
<https://www.rfc-editor.org/info/rfc6350>. <https://www.rfc-editor.org/info/rfc6350>.
[RFC7095] Kewisch, P., "jCard: The JSON Format for vCard", RFC 7095, [RFC7095] Kewisch, P., "jCard: The JSON Format for vCard", RFC 7095,
DOI 10.17487/RFC7095, January 2014, DOI 10.17487/RFC7095, January 2014,
<https://www.rfc-editor.org/info/rfc7095>. <https://www.rfc-editor.org/info/rfc7095>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data [RFC8259] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data
skipping to change at page 36, line 42 skipping to change at line 1579
[RFC9082] Hollenbeck, S. and A. Newton, "Registration Data Access [RFC9082] Hollenbeck, S. and A. Newton, "Registration Data Access
Protocol (RDAP) Query Format", STD 95, RFC 9082, Protocol (RDAP) Query Format", STD 95, RFC 9082,
DOI 10.17487/RFC9082, June 2021, DOI 10.17487/RFC9082, June 2021,
<https://www.rfc-editor.org/info/rfc9082>. <https://www.rfc-editor.org/info/rfc9082>.
[RFC9083] Hollenbeck, S. and A. Newton, "JSON Responses for the [RFC9083] Hollenbeck, S. and A. Newton, "JSON Responses for the
Registration Data Access Protocol (RDAP)", STD 95, Registration Data Access Protocol (RDAP)", STD 95,
RFC 9083, DOI 10.17487/RFC9083, June 2021, RFC 9083, DOI 10.17487/RFC9083, June 2021,
<https://www.rfc-editor.org/info/rfc9083>. <https://www.rfc-editor.org/info/rfc9083>.
Appendix A. Change History [RFC9535] Gössner, S., Ed., Normington, G., Ed., and C. Bormann,
Ed., "JSONPath: Query Expressions for JSON", RFC 9535,
A.1. Change from 00 to 01 DOI 10.17487/RFC9535, February 2024,
<https://www.rfc-editor.org/info/rfc9535>.
1. Changed rdapConformance to use pointed "redacted_0.1" value to
support structural changes of the extension up to the target of
"redacted_1.0".
2. Updates based on the Gustavo Lozano feedback:
1. Updated the language to change the special treatment of jCard
to be more generic for future RDAP extensions that leverage
fixed length JSON arrays.
2. Added "RDAP extensions should define any special JSONPath
considerations required to identify redacted RDAP fields if
the these considerations are insufficient." to the JSONPath
Considerations section to generalize it.
3. Updates based on the Marc Blanchet feedback:
1. Added a reference to draft-ietf-regext-rdap-jscontact as an
example of an RDAP extension that is suited for the Redaction
by Removal Method based on the lack of dependency on
positional JSON arrays.
2. Added support for registered and unregistered (free-form)
redaction reasons by changing the "reason" property to be a
JSON object with the "type" and "description" properties.
The "type" property includes registration in the IANA JSON
Values Registry.
3. Added a "JSON Values Registry" section in the IANA
Considersations section to define the "redaction reason" JSON
Values Registry Type values to support the registration of
redaction reasons.
4. Updates based on the Mario Loffredo feedback:
1. Added support for registered and unregistered (free-form)
redaction names by changing the "reason" property to be a
JSON object with the "type" and "description" properties.
The "type" property includes registration in the IANA JSON
Values Registry.
2. Added a "JSON Values Registry" section in the IANA
Considersations section to define the "redaction name" JSON
Values Registry Type values to support the registration of
redaction names.
3. Added a JSONPath Considerations item associated with handling
entities with multiple roles.
4. Added language to restrict the extension to responses.
A.2. Change from 01 to 02
1. Updates to add support for RDAP search responses:
1. Replaced "RDAP lookup response" with "RDAP response"
throughout the draft to expand the scope to include search.
2. Updated the description in the second paragraph of the
Introduction to cover both a lookup response and a search
response.
3. Added an example of the use of an absoluate path for a search
response to the "JSONPath Considerations" section.
4. Added a description of the placement of the "redacted" member
in a lookup response and a search response in the ""redacted"
Member" section.
5. Added an example of an unredacted search response and a
redacted search response in the ""redacted" Member" section.
A.3. Change from 02 to 03
1. Fixed mismatch of the extension identifier, which was updated to
"redacted_0.1" throughout the draft based on feedback from Mario
Loffredo.
2. Added the JSONPath Considerations item associated with redacting
fields for multiple entities with the same role based on
implementation feedback from Mario Loffredo.
3. Added the Implementation Status section that includes the server
implementation by Mario Loffredo.
4. Added use of numbered figures for easy reference for JSON Values
Registry registrations.
5. Updated the example unredacted and redacted lookup responses to
include the "objectClassName" and "handle" members.
6. Changed RFC7482 and RFC7483 references to RFC9082 and RFC9083,
respectively.
A.4. Change from 03 to 04
1. Changed the extension identifier to be "redacted" instead of a
versioned value, which will be leveraged for both the
rdapConformance value and the JSON Values.
2. Changed the RDAP Conformance to be "redacted_level_0.2", which
leveraged the extension identifier as a prefix along with
"_level_" and a pointed version number. The version number will
become "1.0" once the draft passes WGLC.
3. Added the Redaction by Replacement Value Method.
A.5. Change from 04 to 05
1. Update the RDAP Extensions Registry entries to include the
identifier that is used for the RDAP conformance value and to
include the "redacted" prefix indentifier to use for the JSON
response member.
2. Changed the RDAP Conformance to be "redacted_level_0_3", which is
registered in the RDAP Extensions Registry. The RDAP Conformance
value will become "redacted_level_1" once the draft passes WGLC.
A.6. Change from 05 to 06
1. Fixed a couple nits.
2. Updated the Redaction by Replacement Value Method email web form
examples to use the "contact-uri" jCard property of RFC 8605.
A.7. Change from 06 to 07
1. Added the optional replacementPath child member for use with the
Redaction by Replacement Value Method.
A.8. Change from 07 to 08
1. Updates based on the Rick Wilhelm feedback:
1. Updated the definition of a redacted RDAP field in the
Introduction section.
2. Updated the reference to three methods instead of two in the
Redaction Methods section.
3. Created a new paragraph for the example in the Redaction by
Removal Method section.
4. Explicitly specified one or more redacted fields for
inclusion of the "redacted" member in the "redacted" Member
section.
5. Updated the description of the "method" member in the
"redacted" Member section.
A.9. Change from 08 to 09
1. Updated the RDAP extensions Registry registration and RDAP
conformance to match the working group consensus that does not
include a version with "redacted".
A.10. Change from 09 to 10
1. Updates based on the Pawel Kowalik feedback:
1. Changed "placeholder text value will not match the format
requirements" to "placeholder text value may not match the
format requirements" in Section 3.
2. Changed the "path" member OPTIONAL and added "The "path"
member MUST be set when the redacted field does exist in the
redacted response" to cover when it's required.
3. Added the definition of the "redacted expression language"
JSON Values Registry Type in the IANA Considerations and pre-
registered the "jsonpath" "redacted expression language"
value.
4. In the definition of the "path" member, added clarification
whether the "path" member expression refers to the pre-
redacted response field or the redacted response field based
on the redaction method.
5. Replaced "The Redaction by Removal Method MUST NOT be used to
remove a field using the position in a fixed length array to
signal the redacted field" with "The Redaction by Removal
Method MUST NOT be used to remove an element of an array
where the position of the element in the array determines
semantic meaning" in Section 3.1.
6. Added the "JSONPath Client Considerations" and "JSONPath
Server Considerations" subsections to the "JSONPath
Considerations" section.
2. Updates based on the Mario Loffredo feedback:
1. Revised Figure 7 to reference the "email" property and the
"contract-uri" property instead of the value elements of the
properties.
2. Rephrased the sentence in section 4.2 to 'The "redacted"
member contains an array of objects with the following child
members'.
3. Added the Redaction by Partial Value Method for redaction of
a portion of a formatted property, such as the jCard "fn" and
"label" properties.
A.11. Change from 10 to 11
1. Updated Abstract and first sentence of Introduction to "This
document describes an RDAP extension for specifying methods of
redaction of RDAP responses and explicitly identifying redacted
RDAP response fields, using JSONPath as the default expression
language.", based on feedback by Pawel Kowalik.
2. Changed "path" member to a "prePath" and "postPath" member to
indicate whether the path expression applies to the pre-redacted
or post-redacted response, based on feedback by Pawel Kowalik.
A.12. Change from 11 to 12
1. Updates based on the Andy Newton feedback:
1. Added section "The resulting redacted RDAP response MUST
comply with the RDAP RFCs, such as [RFC9083]" as second
sentence of Section 3.
2. Updates based on the Tom Harrison feedback:
1. Added clarification in Section 2 "Conventions Used in This
Document" that the JSONPath expressions in the examples are
for illustration purposes with single-role entities and the
exact expressions to use by the server are out-of-scope.
2. Replaced consideration #4 "When an entity has multiple
roles..." in Section 5.2 "JSONPath Server Considerations"
with the recommended language starting with "It is possible
for there to be muliple bases for redaction..."
3. Revised the sentence "The client can first key off the "name"
member for display logic and utilize a template RDAP response
overlaid with the redacted response to successfully resolve
the JSONPath expression." in Section 5.1 "JSONPath Client
Considers" to "The client can key off the "name" member for
display logic related to the redaction.".
4. Replaced "type" with "description" for the example redaction
"name" and "reason" members, so not to infer that they are
being registered for use.
5. Changed "Two new JSON Values Registry Type field values are
used to register pre-defined redacted name and reason values"
in Section 6.2 "JSON Values Registry" to "Three new JSON
Values Registry Type field values are used to register pre-
defined redacted name, reason, and expression language
values".
3. Updates based on validating each of the draft examples:
1. Added missing comma between the "Administrative Contact" and
"Billing Contact" "redacted" members.
2. Removed consideration #5 in Section 5.2 "JSONPath Server
Considerations" since the use of the JSONPath expression
"$.entities[?(@.roles[0]=='technical')][0]" is not valid and
the exact JSONPath expression to use is out-of-scope.
A.13. Change from 12 to 13
1. Updates based on the Jasdip Singh feedback:
1. In Section 1, replaced the sentence "The redacted JSON fields
will either be removed or have empty values in the RDAP
response" with "The redacted JSON fields will either be
removed, have empty values, have partial values, or be
replaced in the RDAP response.".
2. In Section 3, changed the reference of three categories to
four categories.
3. In Section 3.1, changed ", which is the preferred method" to
", which is the default method" to clarify the Removal Method
as the default redaction method.
4. In Section 4.2, updated the sentence to read "The "redacted"
member is included as a member of the object instance in a
lookup response, for the object classes defined in [RFC9083],
and as a member of the array of object instances in a search
response.".
5. In Section 4.2, explicitly defined the "name" member as
REQUIRED".
A.14. Change from 13 to 14
1. Replaced RFC 7483 reference with RFC 9083 based on the Document
Shepherd review by Andy Newton.
2. Replaced the "Registrant Name" "IESG" value with "IETF" for the
"RDAP JSON Values Registry" registrations.
3. Updates based on the Murray Kucherawy AD evaluation feedback:
1. Combined sentences on the use of placeholder text in
Section 3 "Redaction Methods" for clarification.
2. Changed the two SHOULDs to MUSTs in Section 3.2 "Redaction by
Empty Value Method".
3. Changed "alternate" to "alternative" in Section 3.4
"Redaction by Replacement Value Method".
4. Changed "JSON expression" to "JSON path expression" in
Section 4.2 "
5. Changed references of "JSON Values Registry" to "RDAP JSON 8.2. Informative References
Values Registry" to match the IANA registry name.
A.15. Change from 14 to 15 [RDAP-JSCONTACT]
Loffredo, M. and G. Brown, "Using JSContact in
Registration Data Access Protocol (RDAP) JSON Responses",
Work in Progress, Internet-Draft, draft-ietf-regext-rdap-
jscontact-17, 7 December 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-regext-
rdap-jscontact-17>.
1. Based on feedback from Paul Wouters, moved the Security [RFC8605] Hollenbeck, S. and R. Carney, "vCard Format Extensions:
Considerations language to Section 4.2 ""redacted" Member", since ICANN Extensions for the Registration Data Access Protocol
exclusion of a "redacted" child member due to privacy is a (RDAP)", RFC 8605, DOI 10.17487/RFC8605, May 2019,
feature. The Security Considerations section was made generic. <https://www.rfc-editor.org/info/rfc8605>.
2. Revised the RDAP JSON Values Registry IANA Considerations used to
register pre-register the pre-defined redacted name, redacted
reason, and redacted expression language values based on Scott
Hollenbeck's expert review feedback.
A.16. Change from 15 to 16 Acknowledgements
1. Updates based on feedback from Roman Danyliw: The authors wish to thank the following persons for their feedback
1. Updated "Redaction in RDAP can be handled in multiple ways. and suggestions: Marc Blanchet, Tom Harrison, Scott Hollenbeck, Pawel
The resulting redacted RDAP response MUST comply with the Kowalik, Mario Loffredo, Gustavo Lozano, Andy Newton, Jasdip Singh,
RDAP RFCs, such as [RFC9083]" to "Redaction in RDAP can be and Rick Wilhelm.
handled in multiple ways. The resulting redacted RDAP
response MUST comply with the format defined in the RDAP RFCs
with the RDAP RFCs, such as [RFC9083] and updates"
2. Add "The server MAY choose to publish a redaction policy
describing how this extension is implemented for their
constituency. The contents of such a policy are outside the
scope of this specification." to Section 4.2 ""redacted"
Member".
Authors' Addresses Authors' Addresses
James Gould James Gould
VeriSign, Inc. VeriSign, Inc.
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
United States of America United States of America
Email: jgould@verisign.com Email: jgould@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
skipping to change at page 43, line 4 skipping to change at line 1623
Email: jgould@verisign.com Email: jgould@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
David Smith David Smith
VeriSign, Inc. VeriSign, Inc.
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
United States of America United States of America
Email: dsmith@verisign.com Email: dsmith@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
Jody Kolker Jody Kolker
GoDaddy Inc. GoDaddy Inc.
14455 N. Hayden Rd. #219 14455 N. Hayden Rd., #219
Scottsdale, AZ 85260 Scottsdale, AZ 85260
United States of America United States of America
Email: jkolker@godaddy.com Email: jkolker@godaddy.com
URI: http://www.godaddy.com URI: http://www.godaddy.com
Roger Carney Roger Carney
GoDaddy Inc. GoDaddy Inc.
14455 N. Hayden Rd. #219 14455 N. Hayden Rd., #219
Scottsdale, AZ 85260 Scottsdale, AZ 85260
United States of America United States of America
Email: rcarney@godaddy.com Email: rcarney@godaddy.com
URI: http://www.godaddy.com URI: http://www.godaddy.com
 End of changes. 86 change blocks. 
559 lines changed or deleted 218 lines changed or added

This html diff was produced by rfcdiff 1.48.