Registration Protocols Extensions (REGEXT) IETF 110 online Co-chairs: Jim Galvin, Antoin Verschuren Mailing list: regext@ietf.org Notes: Alex Mayrhofer Tuesday, March 9, 2020 16:00-18:00 UTC, Meetecho https://meetings.conf.meetecho.com/ietf110/?group=regext&short=&item=1 Welcome and Introductions (4 minutes) i. Jabber scribe ii. Notes scribe iii. NOTE WELL iv. Document management v. Special attention document shepherds Published (1 minute) Registry Data Escrow Specification https://datatracker.ietf.org/doc/rfc8909/ Registration Data Access Protocol (RDAP) Query Parameters for Result Sorting and Paging https://datatracker.ietf.org/doc/rfc8977/ Registration Data Access Protocol (RDAP) Partial Response https://datatracker.ietf.org/doc/rfc8982/ Status of existing work in Progress (RFC Editor, IESG, AD evaluation) (5 minutes) Domain Name Registration Data (DNRD) Objects Mapping (RFC Editor) https://datatracker.ietf.org/doc/draft-ietf-regext-dnrd-objects-mapping/ Publication imminent 7482bis and 7483bis (RFC Editor) https://datatracker.ietf.org/doc/draft-hollenbeck-regext-rfc7482bis/ https://datatracker.ietf.org/doc/draft-hollenbeck-regext-rfc7483bis/ Upgrade to Full Internet Standard imminent, probably mid April. 7484 has some errata, but will move along with the others. NOTE: RFC’s 7480 and 7481 Will also be elevated to Full Internet Standard without errata: https://datatracker.ietf.org/doc/status-change-rdap-to-internet-standard/ EPP Secure Authorization Information for Transfer (IESG review, new version submitted) https://datatracker.ietf.org/doc/draft-ietf-regext-secure-authinfo-transfer/ EPP Unhandled Namespaces (RFC editor) https://datatracker.ietf.org/doc/draft-ietf-regext-unhandled-namespaces/ Existing work. (10 minutes) i. Registry Maintenance Notifications for EPP (Sattler/Carney/Kolker?) https://datatracker.ietf.org/doc/draft-ietf-regext-epp-registry-maintenance/ Was taken back from WGLC for too narrow consensus. No presentation for this meeting. Jim is document shepherd, will look into that issue. Haven’t figured out what to propose to the WG. Antoin: Should get support before we advance it. Jody Kolker: Have been working with Jim Gould on this, feel we have addressed all concerns (except version number). Antoin: We need support from non-authors during the WGLC for calling out concensus. Jim Gould: Thanks to the authors, they have addressed my feedback. Antoin: If others read it, we can advance to 2nd WGLC ii. Simple Registration Reporting (Joseph Yee/James Galvin?) https://datatracker.ietf.org/doc/draft-ietf-regext-simple-registration-reporting/ Jim: will take it to the mailing list to get feedback iii.Federated Authentication for the Registration Data Access Protocol (RDAP) using OpenID Connect https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-openid/ Antoin: Waiting for decisions within ICANN to see whether we need changes here. Scott Hollenbeck: Private comment from Tom Harrison received, therefore at least one edit to make. Antoin: Takes time/slot in WG Alex Mayrhoifer: Have written an RDAP server that uses Bearer Token, will review doc in relation to this. iv. Using JSContact in RDAP JSON Responses (Mario Loffredo/Gavin Brown?) https://datatracker.ietf.org/doc/draft-loffredo-regext-rdap-jcard-deprecation/ Mario Loffredo: We're waiting for the WG adoption to move doc forward. Will provide an update for next meeting. Existing work presentations. (40 minutes) i. RDAP Reverse search capabilities (Mario Loffredo, 20 minutes) https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/ Slides: https://datatracker.ietf.org/meeting/110/materials/slides-110-regext-5i-mario-loffredo-draft-ietf-regext-rdap-reverse-search-00 Mario Loffredo presenting says a fully GDPR compatible reverse search implementation is possible PII in Request URLs - better use POST, but not considered in RDAP Comments: Jim Reid: What would be the purpose of a legal person to review the doc? Is the IETF in that position - sanity check OK, but would be problematic to go beyond that point. Especially considering registries are in different legislations. Mario: nobody in the WG has a legal background. Sees requirements from legal perspectives. Lot of discussion is about privacy concerns. Antoin: Doc is very far along, we only want to get the Privacy Considerations Section done. Marc Blanchet: GDPR is only one, governments will do it “their own way”. Going to be a rathole. Otherwise won’t ever finish that discussion. Antoin: agree, but this document is the first where we aggregate data. Ulrich Wisser: Impressed by Mario’s work on this. All that Mario has found out should be documented in the Privacy section, and implementors can go to their local lawyers - Thank you Mario! Barry Leiba: Highlighting what Jim Reid said: We take comments from whoever comments, have they a legal background or not. But actively seeking legal feedback is probably not within the scope of IETF. Keep “legal review” out of this. Jim Galvin: (individual!) Doc stalled because of the privacy consideration. Focusing more on the technical side: Concerned about the “directionality” (as in “reverse search”) - prefers the document as “expanding” search. Also, maybe remove text about specific elements - should be extensible. Will raise those questions on the mailing list. Rich Wilhelm: Fit to registry/registrar model? registrars are authoritative for the data - opportunity to simplify document? Antoin: Difference between thin/thick registries. RDAP is also for RIR's and other registries without registrars, not just IACNN domain registries model. Jim Reid: Mario did great job at enumerating issues. We need to draw a line under it at some point “this is the knowledge of the WG at this point in time - if you need more, consult your local lawyers” - and avoid the ratholing. Antoin: If there’s consensus on the mailing list, we can proceed! Scott Hollenbeck: If some searches have same properties as some in 7482, “reverse” is more about relationship searches - and relationships might not be exposed. distinction is maybe important. ii. Finding the Authoritative Registration Data (RDAP) Service (Marc Blanchet, 20 Minutes) https://datatracker.ietf.org/doc/draft-ietf-regext-rfc7484bis/ Slides: https://datatracker.ietf.org/meeting/110/materials/slides-110-regext-5ii-marc-blanchet-draft-ietf-regext-rfc7484bis-00 Marc Blanchet presenting, describes the individual errata. Please send implementation reports to Marc! Alex: Simple enough, please go ahead with the doc as proposed! New work and requests for adoption presentations (20 minutes) i. Use of Internationalized Email Addresses in EPP protocol (Dmitry Belyavsky, 20 Minutes) https://datatracker.ietf.org/doc/draft-belyavskiy-epp-eai/ Slides: https://datatracker.ietf.org/meeting/110/materials/slides-110-regext-6i-dmitry-belyavsky-epp-eai-profile-00 Dmitry presenting. Asks for the document to be accepted as WG item. Ulrich: Thinks that the placeholder is problematic. Alex: Appreciates that no extension is proposed anymore. For the pure namespace registration, registration would probably be possible without RFC. James Gould: This is a new form of extension that “overrides” existing element. Placeholder text is the biggest issue for the WG. Antoin: Please send a formal request to chairs for adoption, chairs will send out poll. Milestones review (5 minutes) Scott: in ICANN RDAP pilot work, there were OpenID implementations trialed. (EAI document not yet added, will be done if adopted) AOB Barry handing over working group to Murray as the new responsible AD. Thank you very much Barry!! Alex: Some non-policy / non-controversial topics could be handled faster/quicker, also focuse subgroups work well. Jim Galvin: Takeaway: make milestones more visible, we rarely did that, but now we got a lots of docs out of the door. Meeting concludes at 17:49 UTC