Registration Data Access Protocol (RDAP) Reverse search capabilities
draft-ietf-regext-rdap-reverse-search-00

Document Type Active Internet-Draft (regext WG)
Last updated 2019-02-01
Stream IETF
Intended RFC status (None)
Formats plain text xml pdf html bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state I-D Exists
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Registration Protocols Extensions                            M. Loffredo
Internet-Draft                                             M. Martinelli
Intended status: Standards Track                     IIT-CNR/Registro.it
Expires: August 5, 2019                                 February 1, 2019

  Registration Data Access Protocol (RDAP) Reverse search capabilities
                draft-ietf-regext-rdap-reverse-search-00

Abstract

   The Registration Data Access Protocol (RDAP) does not include query
   capabilities to find the list of domains related to a set of entities
   matching a given search pattern.  Even if such capabilities, commonly
   referred as reverse search, respond to some needs not yet readily
   fulfilled by the current Whois protocol, they have raised concerns
   from two perspectives: server processing impact and data privacy.
   Anyway, the impact of the reverse queries on RDAP servers processing
   is the same as the standard searches and it can be reduced by
   implementing policies to deal with large result sets, while data
   privacy risks can be prevented by RDAP access control
   functionalities.  This document describes RDAP query extensions that
   allow clients to request a reverse search based on the domains-
   entities relationship.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 5, 2019.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Loffredo & Martinelli    Expires August 5, 2019                 [Page 1]
Internet-Draft             RDAP Reverse search             February 2019

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Conventions Used in This Document . . . . . . . . . . . .   3
   2.  RDAP Path Segment Specification . . . . . . . . . . . . . . .   4
   3.  Implementation Considerations . . . . . . . . . . . . . . . .   5
     3.1.  JSON in URLs  . . . . . . . . . . . . . . . . . . . . . .   5
   4.  Implementation Status . . . . . . . . . . . . . . . . . . . .   6
     4.1.  IIT-CNR/Registro.it . . . . . . . . . . . . . . . . . . .   7
   5.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   7
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   8.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   7
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .   8
     9.2.  Informative References  . . . . . . . . . . . . . . . . .   9
   Appendix A.  Change Log . . . . . . . . . . . . . . . . . . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   Reverse Whois is a service provided by many web applications that
   allow users to find domain names owned by an individual or a company
   starting from the owner details, such as name and email.  Even if it
   has been considered useful for some legal purposes (e.g. uncovering
   trademark infringements, detecting cybercrime cases), its
   availability as a standardised Whois capability has been objected for
   two main reasons, which now don't seem to conflict with an RDAP
   implementation.

   The first objection has been caused by the potential risks of privacy
   violation.  However, TLDs community is considering a new generation
   of Registration Directory Services ([ICANN-RDS1],[ICANN-RDS2]), which
   provide access to sensitive data under some permissible purposes and
   according to adequate policies to enforce the requestor
   accreditation, authentication, authorization, and terms and
   conditions of data use.  It is well known that such security policies
Show full document text