Hi Scott, Inviato da iPhone
> Il giorno 4 gen 2023, alle ore 18:24, Hollenbeck, Scott > <shollenb...@verisign.com> ha scritto: > > >> >> -----Original Message----- >> From: regext <regext-boun...@ietf.org> On Behalf Of Mario Loffredo >> Sent: Wednesday, January 4, 2023 11:33 AM >> To: Gould, James <jgo...@verisign.com>; regext@ietf.org >> Subject: [EXTERNAL] [regext] RDAP queries based on redacted properties >> >> Caution: This email originated from outside the organization. Do not click >> links >> or open attachments unless you recognize the sender and know the content is >> safe. >> >> Hi James, >> >> this is the post following up my last reply about the JSContact "uid" in >> RDAP. >> >> In my opinion, rdap-redacted should address the relationship between the >> RDAP queries and the redacted properties. >> >> In particular, to prevent from inconsistencies and redacted data breaches, >> the >> document should state that RDAP queries MUST be allowed only to those users >> that can access the unredacted values of the response fields the queries are >> based upon. > > [SAH] I don't understand this, Mario. If the user has access to the > unredacted values of the response fields (meaning they're authorized to > receive that data, correct?), why would they receive a redacted response? Just the opposite. The issue is about users who are allowed to submit queries based on properties they are not authorized to access. Mario > > Scott _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
