Security Services for the Registration Data Access Protocol (RDAP)
draft-ietf-weirds-rdap-sec-12
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2015-03-03
|
12 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2015-02-23
|
12 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2015-02-11
|
12 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2015-01-04
|
12 | (System) | IANA Action state changed to No IC |
2015-01-02
|
12 | Cindy Morgan | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2015-01-02
|
12 | (System) | RFC Editor state changed to EDIT |
2015-01-02
|
12 | (System) | Announcement was received by RFC Editor |
2015-01-01
|
12 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2015-01-01
|
12 | Cindy Morgan | IESG has approved the document |
2015-01-01
|
12 | Cindy Morgan | Closed "Approve" ballot |
2015-01-01
|
12 | Cindy Morgan | Ballot approval text was generated |
2014-12-29
|
12 | Pete Resnick | IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup |
2014-12-29
|
12 | Pete Resnick | Ballot writeup was changed |
2014-12-22
|
12 | Alissa Cooper | [Ballot comment] Thanks for handling my discuss and comment points. |
2014-12-22
|
12 | Alissa Cooper | [Ballot Position Update] Position for Alissa Cooper has been changed to No Objection from Discuss |
2014-12-02
|
12 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-12.txt |
2014-11-28
|
11 | Jean Mahoney | Closed request for Last Call review by GENART with state 'No Response' |
2014-11-25
|
11 | Kathleen Moriarty | [Ballot comment] Thanks for your work on this and the other Weirds drafts and adding in my requested text on privacy options to the response … [Ballot comment] Thanks for your work on this and the other Weirds drafts and adding in my requested text on privacy options to the response draft (Alissa's in this draft) as well as addressing my other discuss points (TLS BCP, etc.). The new sections are helpful to explain privacy and access control options (3.1) that have been added in this new protocol. Section 3.1 As an FYI (not asking for anything to be done here except to participate in HTTPAuth last calls) - HTTP Digest and Basic just went through a revision and are just about done. There are a few minor updates and the security considerations in the updated documents spell out the remaining issues. Although these are the solutions for HTTP Auth, most people don't rely on it and use other methods, so we don't have implementations of better options. There are a few other options in the HTTPAuth WG about to go to IETF last call or are WG drafts. If you are going to rely on HTTPAuth methods, maybe there should be a push for the improved options from the WEIRDS WG - at least pitching in to review during last calls. https://datatracker.ietf.org/wg/httpauth/documents/ |
2014-11-25
|
11 | Kathleen Moriarty | [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss |
2014-11-18
|
11 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2014-11-18
|
11 | Scott Hollenbeck | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2014-11-18
|
11 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-11.txt |
2014-11-18
|
10 | Christer Holmberg | Request for Last Call review by GENART Completed: Ready. Reviewer: Christer Holmberg. |
2014-10-30
|
10 | Cindy Morgan | IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2014-10-30
|
10 | Ted Lemon | [Ballot comment] Barry has pointed out that there is a way to trigger the clients to send credentials using a login link, so that addresses … [Ballot comment] Barry has pointed out that there is a way to trigger the clients to send credentials using a login link, so that addresses my concern. I didn't actually see that explicitly mentioned in the document, but Pete says it's there so I'll take his word for it. |
2014-10-30
|
10 | Ted Lemon | [Ballot Position Update] Position for Ted Lemon has been changed to No Objection from Discuss |
2014-10-30
|
10 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2014-10-30
|
10 | Stephen Farrell | [Ballot comment] - I strongly support Aliss's discuss on privacy. That would be even more important should registrars/registries in future require that personally identifying information … [Ballot comment] - I strongly support Aliss's discuss on privacy. That would be even more important should registrars/registries in future require that personally identifying information be available for all registrants, which I believe is a policy that at least some are arguing for. - Isn't it sad that HTTP basic and digest still have to be the MTIs here for client auth. (I would suggest HOBA [1] but that's not quite done, being just finished WGLC, and would be self-serving, though it would be far better than basic or digest;-) [1] https://tools.ietf.org/html/draft-ietf-httpauth-hoba-05 - Why not just say "TLS MUST be used" in all cases? Is there a real need to not use TLS for weirds ever? - TLS client auth - I think you could easily make this MTI (to implement, not to use) as its basically there in most codebases. |
2014-10-30
|
10 | Stephen Farrell | [Ballot Position Update] Position for Stephen Farrell has been changed to No Objection from No Record |
2014-10-30
|
10 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2014-10-30
|
10 | Richard Barnes | [Ballot comment] I support Alissa's comments about privacy. It would be good to clarify those considerations and provide some good recommendations about what not to … [Ballot comment] I support Alissa's comments about privacy. It would be good to clarify those considerations and provide some good recommendations about what not to send. |
2014-10-30
|
10 | Richard Barnes | [Ballot Position Update] New position, No Objection, has been recorded for Richard Barnes |
2014-10-29
|
10 | Ted Lemon | [Ballot discuss] As far as I can tell, this specification effectively relies on HTTP authentication as its sole MTI mechanism, and leaves things like OAuth … [Ballot discuss] As far as I can tell, this specification effectively relies on HTTP authentication as its sole MTI mechanism, and leaves things like OAuth as sort of "you could do this, but we aren't saying how." I am deeply uncomfortable with this, because HTTP authentication really sucks when you are trying to make it work in a context where authentication is optional. I think if you want to rely on this mechanism, you need to give the reader more guidance on how to make this work. What I mean is that in order to trigger the client to send authentication, you have to send back a 401 Unauthorized HTTP response. But that assumes that authentication _is_ required, and it's not. So how does the server know to send back the HTTP unauthorized response? The answer is that it does not, and so you need to somehow signal to the client that it should send more authentication info if it wants better information, while still returning information in case the client has no credentials to offer. This is probably doable, but simply relying on RFC 7235 without explaining how to make it work isn't sufficient. |
2014-10-29
|
10 | Ted Lemon | [Ballot Position Update] New position, Discuss, has been recorded for Ted Lemon |
2014-10-29
|
10 | Kathleen Moriarty | [Ballot discuss] Thanks for your work on this draft and improving security for the whois function in weirds. There are a lot of options now … [Ballot discuss] Thanks for your work on this draft and improving security for the whois function in weirds. There are a lot of options now and the work is appreciated. I have a lot of comments and suggestions that should be pretty easy to resolve. You may find a discuss and comment on the same section, so I've tried to label the start of each item with the draft section numbers. Section 3.1 Could you also include a reference to RFC5280? If the use of PKI and CAs is listed, a pointer to the security considerations would be very helpful to the reader. The pointer should be to the full draft, not just the security consideration section as it covers important things like the need for path validation. Path validation includes checking the certificate validity, the path/chain (root is trusted), etc. I'm not looking for you to add much text, just to punt off to the existing documents if people are interested in the security behind these recommendations for federation, authentication, authorization, etc. Section 3.2 Could you expand on the details here a bit? Between this draft and the response draft, I don't see enough information or guidance on how one might leverage value settings on objects and what are the right actions to take based on those values. My discuss on the response draft is specific to that draft, but the same concept applies here. If the guidance belongs in the response draft, then recommended actions or a list of options if it varies from administrator to administrator would be helpful at the start of the sections that provide the lists of values that can be set on objects. This section of the sec draft should then reference the response draft letting the reader know where to look for authorization and access control options and guidelines. Section 3.4 Since the protocol allows for the use of values to mark objects as private, obscured, redacted, this should be mentioned in this section with a pointer to the response draft section 10.2.2 and the recommended actions in the (hopefully) updated Privacy Considerations section of that draft. For confidentially, leaving out the data with the "redacted" value set if possible will do a lot more than trying to protect it with TLS, so I think it's important to note that in this section. The "private" value should limit access (I'd like to see some mention of how that is accomplished, but probably in the Response draft). The "obscured" value is interesting, but since it is only obscured, it may to be the best option for confidentially protection. Possible new section for Access Controls - Since user based access is possible, I'd like to see a section added to cover that as well. Is access tied to the roles designated in 10.2.4 of the Response draft? Should it be? Having the combination of user roles and data object values gives a lot of flexibility, but that is talked about enough in the drafts (IMO). Security consideration section: It's good that you are recommending against use of the Null cipher, but could you add a reference to the UTA TLS best practices draft here as well? That will cover quite a few bases with out having to repeat stuff here. https://datatracker.ietf.org/doc/draft-ietf-uta-tls-bcp/ |
2014-10-29
|
10 | Kathleen Moriarty | [Ballot comment] I support Alissa's discuss for a privacy threat model. Section 3.1 As an FYI (not asking for anything to be done here except … [Ballot comment] I support Alissa's discuss for a privacy threat model. Section 3.1 As an FYI (not asking for anything to be done here except to participate in HTTPAuth last calls) - HTTP Digest and Basic just went through a revision and are just about done. There are a few minor updates and the security considerations in the updated documents spell out the remaining issues. Although these are the solutions for HTTP Auth, most people don't rely on it and use other methods, so we don't have implementations of better options. There are a few other options in the HTTPAuth WG about to go to IETF last call or are WG drafts. If you are going to rely on HTTPAuth methods, maybe there should be a push for the improved options from the WEIRDS WG - at least pitching in to review during last calls. https://datatracker.ietf.org/wg/httpauth/documents/ Section 3.1 I'm a little uneasy with just having a pointer to TLS to fix everything in OAuth and OpenID. Could you put in pointers to main framework documents like RFC6749 with a statement that says security considerations are included in those drafts? The security considerations differ between token types (bearer vs. Holder of Key) and that is out-of scope for this draft, so punting to the OAuth drafts would be very helpful instead of just pointing to TLS (but please do leave that in). This is just a comment the references do appear at end of the Security considerations section, & I'd recommend you move those up to section 3.1 as it will be a lot easier for the reader. Section 3.1 Just a question, should SAML 2.0 be listed as an option since this is a RESTful interface and we are talking about client authentication via a federated identity scheme or is that not an option? Thanks. |
2014-10-29
|
10 | Kathleen Moriarty | [Ballot Position Update] New position, Discuss, has been recorded for Kathleen Moriarty |
2014-10-29
|
10 | Amanda Baber | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2014-10-29
|
10 | Martin Stiemerling | [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling |
2014-10-29
|
10 | Stephen Farrell | [Ballot comment] I've yet to read the weirds docs but in the meantime am fully supportive of Alissa's privacy related points. |
2014-10-29
|
10 | Stephen Farrell | Ballot comment text updated for Stephen Farrell |
2014-10-29
|
10 | Benoît Claise | [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise |
2014-10-28
|
10 | Barry Leiba | [Ballot comment] -- Section 3.1 -- This section describes security authentication mechanisms and their need for implementation by authorization policies. It took me … [Ballot comment] -- Section 3.1 -- This section describes security authentication mechanisms and their need for implementation by authorization policies. It took me a few readings to get what I think you mean. I think you mean this: NEW This section describes security authentication mechanisms and the need for authorization policies to include them. END |
2014-10-28
|
10 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2014-10-28
|
10 | Alissa Cooper | [Ballot discuss] = General comment = I'm not exactly sure which document this remark is directed at, but I'm putting it in a DISCUSS here … [Ballot discuss] = General comment = I'm not exactly sure which document this remark is directed at, but I'm putting it in a DISCUSS here and we can figure that out later. I feel like the RDAP document suite is missing an overall explanation of the privacy threat model associated with registration data, the policy choices that are left up to registry providers, and the mechanisms included in RDAP to help protect registrant and client/user privacy and facilitate those policy choices. There are mentions of some of this here and there, but even those are not necessarily consistent with each other (see my DISCUSS on draft-ietf-weirds-using-http). So I think it would be beneficial to capture this in one place and articulate it explicitly, rather than implicitly across the documents. Some of the salient points for starters: * WHOIS data has historically included personal information about registrants, has been made public, and has not had the benefit of authentication or access control mechanisms to gate access to it. In part as a result of this, proxy and privacy services have arisen to shield the identities of registrants. * The standardization of RDAP does not change or impact the data that registries may require to be collected from registrants. However, RDAP data structures allow servers to indicate when data returned to clients has been made private, redacted, obscured, or shielded by a proxy. * RDAP uses the jCard standard format for entity representation, but many of the jCard fields are irrelevant for registry operation purposes and their use should be minimized. * RDAP includes mechanisms that can be used to authenticate clients, allowing servers to support tiered access based on local policy. This means that all registration data need no longer be public, and personal data or data that may be considered more sensitive can have its access restricted to specifically privileged clients. * [Something about confidentiality of requests and responses ... see my other DISCUSS point below.] * etc. = Section 3.4 = "If the policy of the server operator requires encryption to protect client-server data exchanges (such as to protect non-public data that can not be accessed without client identification and authentication), HTTP Over TLS MUST be used to protect those exchanges." It is unclear to me that a server policy that allows unencrypted access should be allowed, particularly in the cases of entity-related requests, but perhaps also in the case of other requests. The fact that the registry data may be public is orthogonal to the question of whether a particular query for that data should have confidentiality protection. I'd like to understand why RDAP does not require HTTP over TLS to be used in all cases and instead allows unsuspecting client users to send their queries in the clear in cases where server policy does not mandate use of TLS. I'm especially curious about this since clients are required to support HTTPS anyway. |
2014-10-28
|
10 | Alissa Cooper | [Ballot comment] = Section 3.1 = "RDAP's authentication framework needs to accommodate anonymous access as well as verification of identities" I would suggest s/anonymous … [Ballot comment] = Section 3.1 = "RDAP's authentication framework needs to accommodate anonymous access as well as verification of identities" I would suggest s/anonymous access/unauthenticated access/ since generally it can be pretty difficult to remain anonymous when accessing anything over IP. Similar comment for 3.2, I would delete "or anonymous." |
2014-10-28
|
10 | Alissa Cooper | [Ballot Position Update] New position, Discuss, has been recorded for Alissa Cooper |
2014-10-28
|
10 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2014-10-28
|
10 | Pete Resnick | [Ballot Position Update] New position, Yes, has been recorded for Pete Resnick |
2014-10-27
|
10 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2014-10-27
|
10 | Pete Resnick | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
2014-10-27
|
10 | Scott Hollenbeck | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2014-10-27
|
10 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-10.txt |
2014-10-26
|
09 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel |
2014-10-26
|
09 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2014-10-24
|
09 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2014-10-23
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2014-10-23
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2014-10-22
|
09 | (System) | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2014-10-22
|
09 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-weirds-rdap-sec-09, which is currently in Last Call, and has the following comments: We understand that, upon approval of this … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-weirds-rdap-sec-09, which is currently in Last Call, and has the following comments: We understand that, upon approval of this document, there are no IANA Actions that need completion. While it is helpful for the IANA Considerations section of the document to remain in place upon publication, if the authors prefer to remove it, IANA doesn't object. If this assessment is not accurate, please respond as soon as possible. |
2014-10-20
|
09 | Christer Holmberg | Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Christer Holmberg. |
2014-10-16
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2014-10-16
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Christer Holmberg |
2014-10-16
|
09 | Gunter Van de Velde | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Al Morton. |
2014-10-12
|
09 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Al Morton |
2014-10-12
|
09 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Al Morton |
2014-10-10
|
09 | Cindy Morgan | Created "Approve" ballot |
2014-10-10
|
09 | Cindy Morgan | Closed "Approve" ballot |
2014-10-10
|
09 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Security Services for the Registration … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Security Services for the Registration Data Access Protocol) to Proposed Standard The IESG has received a request from the Web Extensible Internet Registration Data Service WG (weirds) to consider the following document: - 'Security Services for the Registration Data Access Protocol' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2014-10-24. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Note that this is a second Last Call. During its initial IESG Evaluation, the IESG had several issues to address. This document has addressed those issues. Abstract The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. This document describes information security services including authentication, authorization, availability, data confidentiality, and data integrity for RDAP. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-weirds-rdap-sec/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-weirds-rdap-sec/ballot/ No IPR declarations have been submitted directly on this I-D. |
2014-10-10
|
09 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2014-10-10
|
09 | Pete Resnick | Last call was requested |
2014-10-10
|
09 | Pete Resnick | IESG state changed to Last Call Requested from AD Evaluation::AD Followup |
2014-10-10
|
09 | Pete Resnick | Last call announcement was changed |
2014-10-10
|
09 | Pete Resnick | Last call announcement was generated |
2014-10-10
|
09 | Pete Resnick | Telechat date has been changed to 2014-10-30 from 2013-08-15 |
2014-10-10
|
09 | Pete Resnick | Notification list changed to : weirds-chairs@tools.ietf.org, draft-ietf-weirds-rdap-sec@tools.ietf.org, weirds@ietf.org |
2014-10-06
|
09 | Pete Resnick | Ready for Last Call. Waiting on other documents to send them as a set. |
2014-10-06
|
09 | Pete Resnick | IESG state changed to AD Evaluation::AD Followup from AD Evaluation |
2014-09-28
|
09 | Pete Resnick | IESG state changed to AD Evaluation from Publication Requested |
2014-09-22
|
09 | Murray Kucherawy | 1. Summary Murray Kucherawy is the document shepherd. Pete Resnick is the responsible Area Director. The Registration Data Access Protocol (RDAP) provides "RESTful" web … 1. Summary Murray Kucherawy is the document shepherd. Pete Resnick is the responsible Area Director. The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. This document describes information security services, specific requirements for RDAP, and approaches to provide RDAP security services. The document is requesting Proposed Standard status as per the definition of a Technical Specification in RFC2026 Section 3.1. It defines a set of protocol requirements and solutions for those, and as such is part of an overall protocol specification. 2. Review and Consensus The document has received broad review and support of the participants of the WEIRDS working group. Expert review of the Security Area Directorate will happen automatically, so such was not explicitly solicited to date. No other external reviews from other directorates or expertise areas appear to be necessary as this merely discusses security requirements and does not touch directly on other services (e.g., DNS) or concepts (e.g., internationalization). 3. Intellectual Property As of the first pass through the IESG: Each author has so indicated. The Working Group was reminded on the mailing list of participant obligations under BCPs 78 and 79, and no reports or discussion resulted. As of this pass: One author has re-confirmed. Have not heard from the other (N. Kong). 4. Other Points This is the second pass through IESG Evaluation for this document. It was sent back on the first pass with some DISCUSSes (that have been addressed) and also because the IESG wanted to see all of the referenced documents together. This time they're all coming at once. The document contains a normative reference to a non-IETF document, identified as [OpenID]. It also contains downward references to RFC2818 and RFC4732; the latter of these does not appear in the Downref Registry. Nothing else of interest. |
2014-09-22
|
09 | Murray Kucherawy | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2014-09-22
|
09 | Murray Kucherawy | IESG state changed to Publication Requested from AD is watching |
2014-09-22
|
09 | Murray Kucherawy | No reply from N. Kong regarding IPR. PROTO writeup updated; proceeding. |
2014-09-22
|
09 | Murray Kucherawy | Tag Doc Shepherd Follow-up Underway cleared. |
2014-09-22
|
09 | Murray Kucherawy | 1. Summary Murray Kucherawy is the document shepherd. Pete Resnick is the responsible Area Director. The Registration Data Access Protocol (RDAP) provides "RESTful" web … 1. Summary Murray Kucherawy is the document shepherd. Pete Resnick is the responsible Area Director. The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. This document describes information security services, specific requirements for RDAP, and approaches to provide RDAP security services. The document is requesting Proposed Standard status as per the definition of a Technical Specification in RFC2026 Section 3.1. It defines a set of protocol requirements and solutions for those, and as such is part of an overall protocol specification. 2. Review and Consensus The document has received broad review and support of the participants of the WEIRDS working group. Expert review of the Security Area Directorate will happen automatically, so such was not explicitly solicited to date. No other external reviews from other directorates or expertise areas appear to be necessary as this merely discusses security requirements and does not touch directly on other services (e.g., DNS) or concepts (e.g., internationalization). 3. Intellectual Property As of the first pass through the IESG: Each author has so indicated. The Working Group was reminded on the mailing list of participant obligations under BCPs 78 and 79, and no reports or discussion resulted. As of this pass: One author has re-confirmed. Have not heard from the other (N. Kong). 4. Other Points This is the second pass through IESG Evaluation for this document. It was sent back on the first pass with some DISCUSSes (that have been addressed) and also because the IESG wanted to see all of the referenced documents together. This time they're all coming at once. The document contains a normative reference to a non-IETF document, identified as [OpenID]. It also contains downward references to RFC2818 and RFC4732; the latter of these does not appear in the Downref Registry. Nothing else of interest. |
2014-09-22
|
09 | Murray Kucherawy | Author IPR inquiry pending. |
2014-09-22
|
09 | Murray Kucherawy | Tag Doc Shepherd Follow-up Underway set. |
2014-09-22
|
09 | Murray Kucherawy | IETF WG state changed to WG Consensus: Waiting for Write-Up from Waiting for WG Chair Go-Ahead |
2014-09-22
|
09 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-09.txt |
2014-09-19
|
08 | Murray Kucherawy | IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
2014-09-04
|
08 | Murray Kucherawy | Working Group Last Call ends September 19, 2014. |
2014-09-04
|
08 | Murray Kucherawy | IETF WG state changed to In WG Last Call from WG Document |
2014-09-04
|
08 | Murray Kucherawy | IETF WG state changed to WG Document from Waiting for WG Chair Go-Ahead |
2014-08-20
|
08 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-08.txt |
2014-08-05
|
07 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-07.txt |
2014-02-10
|
06 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-06.txt |
2014-01-30
|
05 | Murray Kucherawy | IETF WG state changed to Waiting for WG Chair Go-Ahead from WG Document |
2014-01-30
|
05 | Murray Kucherawy | IETF WG state changed to WG Document from Submitted to IESG for Publication |
2014-01-30
|
05 | Pete Resnick | This was really sent back to the WG, awaiting other documents. Fixing status to make that clear. |
2014-01-30
|
05 | Pete Resnick | State changed to AD is watching from Waiting for AD Go-Ahead |
2013-09-23
|
05 | Pete Resnick | IESG comments on this indicated that it would be better to wait until other WEIRDS documents before making the final call on this. Will put … IESG comments on this indicated that it would be better to wait until other WEIRDS documents before making the final call on this. Will put it back on the telechat at a later date. |
2013-09-23
|
05 | Pete Resnick | State changed to Waiting for AD Go-Ahead from IESG Evaluation::AD Followup |
2013-08-19
|
05 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2013-08-19
|
05 | Scott Hollenbeck | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2013-08-19
|
05 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-05.txt |
2013-08-16
|
04 | Tero Kivinen | Closed request for Last Call review by SECDIR with state 'No Response' |
2013-08-15
|
04 | Cindy Morgan | State changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation |
2013-08-14
|
04 | Ted Lemon | [Ballot comment] In 3.1, the section reference to RFC 5246, section 7.4.6 is broken, and actually links to section 7.4.6 in this document. If … [Ballot comment] In 3.1, the section reference to RFC 5246, section 7.4.6 is broken, and actually links to section 7.4.6 in this document. If you are using xml2rfc, this is easy to fix, and worth fixing. It would be nice if this section linked to some document that described authentication based on CA signature; this is an interesting technique that I think is very applicable here, but I've never heard of it being used before, and it's sufficiently similar to server key signing that it's easy to imagine someone getting it wrong. The concern is that they will think that "CA" means a regular CA, rather than a CA operated jointly by the federation of RIRs. For example, if they imagined that Thawte was a CA in the sense that this document means, then anybody who got their client key signed by Thawte would get access, but I'm pretty sure that's not what you intend. Otherwise, looks great. Thanks for writing it! |
2013-08-14
|
04 | Ted Lemon | [Ballot Position Update] New position, No Objection, has been recorded for Ted Lemon |
2013-08-14
|
04 | Richard Barnes | [Ballot discuss] (1) The Authentication section should be Client Authentication, since that's all it covers. Shouldn't there be some discussion of Server Authentication as well? … [Ballot discuss] (1) The Authentication section should be Client Authentication, since that's all it covers. Shouldn't there be some discussion of Server Authentication as well? (2) I don't see anything here or in draft-ietf-weirds-using-http that says that RDAP clients MUST support TLS. Shouldn't that be the case, since HTTPS is the standard security mechanism? You should probably also consider how this would impact requirements around URIs for RDAP services. |
2013-08-14
|
04 | Richard Barnes | [Ballot Position Update] New position, Discuss, has been recorded for Richard Barnes |
2013-08-14
|
04 | Sean Turner | [Ballot discuss] s3.1 contains the following: To that end, RDAP clients and servers MUST implement the authentication framework specified in "HTTP Authentication: Basic … [Ballot discuss] s3.1 contains the following: To that end, RDAP clients and servers MUST implement the authentication framework specified in "HTTP Authentication: Basic and Digest Access Authentication" [RFC2617]. Does that mean the client and server need to support both basic and digest? s3.1: I think the gist here that should maybe be made clearer is that servers need MUST implement TLS with server side certificates - no? What I'm curious about here is whether there should be a SRV-ID or URI-ID is needed for RDAP and isn't some kind of reference to RFC 6125 warranted here? |
2013-08-14
|
04 | Sean Turner | [Ballot Position Update] New position, Discuss, has been recorded for Sean Turner |
2013-08-14
|
04 | Stephen Farrell | [Ballot comment] - I don't get what the "Document quality" section of the write up is saying about secdir review. - I somewhat disagree with … [Ballot comment] - I don't get what the "Document quality" section of the write up is saying about secdir review. - I somewhat disagree with the last part of Barry's comments. The issues we've experienced with trusted-CA lists have all related to TLS server authentication, and afiak, not to client-auth, which is what's at issue here. So, if a warning is to be added, it'd relate to the list of CAs that RDAP servers trust for client-auth and not to the (large and sometimes problematic) list of CAs that browsers ship with in the current web pki. |
2013-08-14
|
04 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2013-08-13
|
04 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel |
2013-08-12
|
04 | Barry Leiba | [Ballot comment] Just a few points in Section 3.1.1 -- nothing blocking, but I ask you to consider addressing these, please: The OAuth authorization … [Ballot comment] Just a few points in Section 3.1.1 -- nothing blocking, but I ask you to consider addressing these, please: The OAuth authorization framework [RFC6749] describes a method for users to access protected web resources without having to hand out their credentials. Instead, clients supply access tokens issued by an authorization server with the permission of the resource owner. Using OAuth, multiple RDAP servers can form a federation and the clients can access any server in the same federation by providing one credential registered in any server in that federation. The OAuth authorization framework is designed for use with HTTP and thus can be used with RDAP. One small point in the middle of that: the clients have nothing to do with supplying access tokens. The clients use access tokens that are given to them. OLD Instead, clients supply access tokens issued by an authorization server with the permission of the resource owner. NEW Instead, clients are issued access tokens by authorization servers with the permission of the resource owners. OR Instead, a client is issued an access token by an authorization server with the permission of the resource owner. END OpenID [OpenID] is a decentralized single sign-on authentication system that allows users to log in at web sites with one ID instead of having to create multiple unique accounts. An end user can freely choose which OpenID provider to use, and can preserve their Identifier if they switch OpenID providers. I would say "at multiple web sites with one ID". certificate authentication method can be used to achieve federated authentication in which multiple RDAP servers all trust the same CAs and then any client with a certificate issued by a trusted CA can access any RDAP server in the federation. It's important to note that there are problems with client authentication through this mechanism, which have interfered with widespread deployment. For example, there are issues with too-promiscuous, or even rogue, CAs that get themselves into trusted-CA lists. There are also proposals to address that. Fully getting into the issues is well beyond the scope of this document, but I think it's important for this document to warn of the problem and point readers in the right direction to find more information. There's nothing in the Security Considerations about this now. |
2013-08-12
|
04 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2013-08-12
|
04 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2013-08-12
|
04 | Brian Haberman | [Ballot comment] I agree with Spencer's comment about the mis-use of SHOULD when referring to future security features. |
2013-08-12
|
04 | Brian Haberman | [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman |
2013-08-10
|
04 | Spencer Dawkins | [Ballot comment] In 3.1. Authentication, this text: RDAP SHOULD be capable of supporting future authentication methods defined for use with HTTP. is a … [Ballot comment] In 3.1. Authentication, this text: RDAP SHOULD be capable of supporting future authentication methods defined for use with HTTP. is a great idea, but I don't think it's a 2119 SHOULD ("SHOULD unless" what? and how would you know you'd achieved that?). If you could point to work in progress that RDAP might consider, or say what kinds of things in RDAP would likely be problematic, then you could say that RDAP needs to be prepared to use new methods if necessary, and I would be happier with that language. But if you mean: Work on HTTP authentication methods continues. RDAP ought to be agile enough to support additional methods as they are defined. or something like that, I'd encourage you to say what you mean :-) In a companion document, http://tools.ietf.org/html/draft-ietf-weirds-using-http-07#section-5.5 ends with this paragraph: Note that this is not a defense against denial-of-service attacks, since a malicious client could ignore the code and continue to send queries at a high rate. A server might use another response code if it did not wish to reveal to a client that rate limiting is the reason for the denial of a reply. I found that very helpful. Would it be helpful for this paragraph to appear in http://tools.ietf.org/html/draft-ietf-weirds-rdap-sec-04#section-3.3? |
2013-08-10
|
04 | Spencer Dawkins | Ballot comment text updated for Spencer Dawkins |
2013-08-10
|
04 | Spencer Dawkins | [Ballot comment] In 3.1. Authentication, this text: RDAP SHOULD be capable of supporting future authentication methods defined for use with HTTP. Is a … [Ballot comment] In 3.1. Authentication, this text: RDAP SHOULD be capable of supporting future authentication methods defined for use with HTTP. Is a beautiful thing, but I don't think it's a 2119 SHOULD ("SHOULD unless" what? and how would you know you'd achieved that?). If you could point to work in progress, or say what kinds of things are likely to be problematic, then you could say that RDAP needs to be prepared to use that if necessar, and I would be happier with that language. But if you mean: Work on HTTP authentication methods continues. RDAP ought to be agile enough to support additional methods as they are defined. or something like that, I'd encourage you to say what you mean :-) In a companion document, http://tools.ietf.org/html/draft-ietf-weirds-using-http-07#section-5.5 ends with this paragraph: Note that this is not a defense against denial-of-service attacks, since a malicious client could ignore the code and continue to send queries at a high rate. A server might use another response code if it did not wish to reveal to a client that rate limiting is the reason for the denial of a reply. I found that very helpful. Would it be helpful for this paragraph to appear in http://tools.ietf.org/html/draft-ietf-weirds-rdap-sec-04#section-3.3? |
2013-08-10
|
04 | Spencer Dawkins | [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins |
2013-08-10
|
04 | Joel Jaeggli | [Ballot comment] Am a little disappointed that this didn't take on the integrity of the objects themselves. but it looks fine as far as recommendations … [Ballot comment] Am a little disappointed that this didn't take on the integrity of the objects themselves. but it looks fine as far as recommendations go. |
2013-08-10
|
04 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2013-08-09
|
04 | Pete Resnick | State changed to IESG Evaluation from Waiting for AD Go-Ahead |
2013-08-09
|
04 | Pete Resnick | Ballot has been issued |
2013-08-09
|
04 | Pete Resnick | [Ballot Position Update] New position, Yes, has been recorded for Pete Resnick |
2013-08-09
|
04 | Pete Resnick | Created "Approve" ballot |
2013-07-29
|
04 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call |
2013-07-23
|
04 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2013-07-23
|
04 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-weirds-rdap-sec-04, which is currently in Last Call, and has the following comment from the IANA reviewer team: We understand … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-weirds-rdap-sec-04, which is currently in Last Call, and has the following comment from the IANA reviewer team: We understand that, upon approval of this document, there are no IANA Actions that need completion. If this assessment is not accurate, please respond as soon as possible. |
2013-07-18
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to Kathleen Moriarty |
2013-07-18
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to Kathleen Moriarty |
2013-07-18
|
04 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Kathleen Moriarty |
2013-07-18
|
04 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Kathleen Moriarty |
2013-07-15
|
04 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2013-07-15
|
04 | Cindy Morgan | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Security Services for the Registration … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Security Services for the Registration Data Access Protocol) to Proposed Standard The IESG has received a request from the Web Extensible Internet Registration Data Service WG (weirds) to consider the following document: - 'Security Services for the Registration Data Access Protocol' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-07-29. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. This document describes information security services including authentication, authorization, availability, data confidentiality, and data integrity for RDAP. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-weirds-rdap-sec/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-weirds-rdap-sec/ballot/ No IPR declarations have been submitted directly on this I-D. |
2013-07-15
|
04 | Cindy Morgan | State changed to In Last Call from Last Call Requested |
2013-07-15
|
04 | Pete Resnick | Placed on agenda for telechat - 2013-08-15 |
2013-07-15
|
04 | Pete Resnick | Last call was requested |
2013-07-15
|
04 | Pete Resnick | Ballot approval text was generated |
2013-07-15
|
04 | Pete Resnick | State changed to Last Call Requested from AD Evaluation::AD Followup |
2013-07-15
|
04 | Pete Resnick | Ballot writeup was changed |
2013-07-15
|
04 | Pete Resnick | Last call announcement was generated |
2013-07-15
|
04 | Pete Resnick | Last call announcement was generated |
2013-07-15
|
04 | Pete Resnick | Ballot writeup was changed |
2013-07-15
|
04 | Pete Resnick | Ballot writeup was generated |
2013-06-14
|
04 | Pete Resnick | Waiting for -using-http draft before Last Call of these together. |
2013-06-14
|
04 | Pete Resnick | State changed to AD Evaluation::AD Followup from AD Evaluation |
2013-06-03
|
04 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-04.txt |
2013-05-29
|
03 | Pete Resnick | State changed to AD Evaluation from Publication Requested |
2013-05-17
|
03 | Cindy Morgan | Writeup: http://datatracker.ietf.org/doc/draft-ietf-weirds-rdap-sec/shepherdwriteup/ |
2013-05-17
|
03 | Cindy Morgan | Note added 'Murray Kucherawy (superuser@gmail.com) is the document shepherd.' |
2013-05-17
|
03 | Cindy Morgan | IESG process started in state Publication Requested |
2013-05-17
|
03 | (System) | Earlier history may be found in the Comment Log for draft-hollenbeck-weirds-rdap-sec |
2013-05-16
|
03 | Murray Kucherawy | IETF WG state changed to Submitted to IESG for Publication from Waiting for WG Chair Go-Ahead |
2013-04-29
|
03 | Murray Kucherawy | IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call |
2013-04-29
|
03 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-03.txt |
2013-04-23
|
02 | Murray Kucherawy | Changed consensus to Yes from Unknown |
2013-04-23
|
02 | Murray Kucherawy | Changed document writeup |
2013-04-12
|
02 | Murray Kucherawy | IETF WG state changed to In WG Last Call from WG Document |
2013-04-08
|
02 | Murray Kucherawy | WGLC ends April 26, 2013. |
2013-04-08
|
02 | Murray Kucherawy | Intended Status changed to Proposed Standard from None |
2013-04-08
|
02 | Murray Kucherawy | Changed shepherd to Murray Kucherawy |
2013-04-04
|
02 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-02.txt |
2012-11-26
|
01 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-01.txt |
2012-09-20
|
00 | Scott Hollenbeck | New version available: draft-ietf-weirds-rdap-sec-00.txt |