Re: [regext] RDAP queries based on redacted properties

Fri, 06 Jan 2023 05:55:09 -0800 

Mario,

The JSContact "uid" and the jCard "handle" may be redacted in the entities 
member of a domain query response, where the entity is returned as a 
sub-object.  Redaction of the JSContact "uid" and the jCard "handle" in the 
domain query response doesn't impact the query at all.  I don't believe it 
makes much sense to redact the lookup key (JSContact "uid" and the jCard 
"handle") for an object in the case of an entity query.  This is one reason 
that the draft-ietf-regext-rdap-jscontact "uid" member should not be mandatory 
due to the need for redaction at the sub-object level.  Can 
draft-ietf-regext-rdap-jscontact override the draft-ietf-calext-jscontact 
mandatory "uid" member to be optional to support redaction in RDAP?  The 
draft-ietf-regext-rdap-redacted is strictly focused on the redaction methods of 
the responses and I don't believe it needs to mandate or recommend policy on 
what quires a server needs to support or not support.  

Thanks,

-- 
 
JG



James Gould
Fellow Engineer
jgo...@verisign.com 
<applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgo...@verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/>

On 1/4/23, 11:37 AM, "Mario Loffredo" <mario.loffr...@iit.cnr.it> wrote:


    Hi James,

    this is the post following up my last reply about the JSContact "uid" in 
    RDAP.

    In my opinion, rdap-redacted should address the relationship between the 
    RDAP queries and the redacted properties.

    In particular, to prevent from inconsistencies and redacted data 
    breaches, the document should state that RDAP queries MUST be allowed 
    only to those users that can access the unredacted values of the 
    response fields the queries are based upon.


    Best,

    Mario


    -- 
    Dott. Mario Loffredo
    Technological Unit “Digital Innovation”
    Institute of Informatics and Telematics (IIT)
    National Research Council (CNR)
    via G. Moruzzi 1, I-56124 PISA, Italy
    Phone: +39.0503153497
    Web: 
http://secure-web.cisco.com/1HN-01RUHzihdFMGERYMpx1wphqrlqHKtulWJzKd4mOFduVWv00vC5PPb2J2fMnq418hh-v40ru8Q8f3z52yYAme0zqXFsZmtAoLP4Wj_EuQx8hD7eXll2ttZvep3kkB0QbxokFtX4cc90WO1HN4Ht83mlkxlBbEHB96Wwpc6xTa4ff14d6rKAOz9O41Z7P7uzOucq7BfyFteNCTvjERnQLpYUtOLMpF1WtJMsmePcX-5kbJQzRyDjom-4-uz3W_FP6uRufZfXGqYP8P6JW5aP9g2ZtjOrLPYEA4I0Z9yQpfBFw0qUbxsNmHPmMZ2o-pl/http%3A%2F%2Fwww.iit.cnr.it%2Fmario.loffredo


_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext

Reply via email to