Murray Kucherawy is the document shepherd.
Pete Resnick is the responsible Area Director.
The Registration Data Access Protocol (RDAP) provides "RESTful" web
services to retrieve registration metadata from domain name and
regional internet registries. This document describes information
security services, specific requirements for RDAP, and approaches to
provide RDAP security services.
The document is requesting Proposed Standard status as per the definition of a
Technical Specification in RFC2026 Section 3.1. It defines a set of protocol
requirements and solutions for those, and as such is part of an overall
2. Review and Consensus
The document has received broad review and support of the participants of the
WEIRDS working group. Expert review of the Security Area Directorate will
happen automatically, so such was not explicitly solicited to date. No other
external reviews from other directorates or expertise areas appear to be
necessary as this merely discusses security requirements and does not touch
directly on other services (e.g., DNS) or concepts (e.g., internationalization).
3. Intellectual Property
As of the first pass through the IESG:
Each author has so indicated. The Working Group was reminded on the mailing
list of participant obligations under BCPs 78 and 79, and no reports or
As of this pass:
One author has re-confirmed. Have not heard from the other (N. Kong).
4. Other Points
This is the second pass through IESG Evaluation for this document. It was sent
back on the first pass with some DISCUSSes (that have been addressed) and also
because the IESG wanted to see all of the referenced documents together. This
time they're all coming at once.
The document contains a normative reference to a non-IETF document, identified
as [OpenID]. It also contains downward references to RFC2818 and RFC4732; the
latter of these does not appear in the Downref Registry.
Nothing else of interest.