Hi Med,
Thanks for your review and feedback.
On Thu, May 22, 2025 at 05:40:17AM -0700, Mohamed Boucadair via Datatracker
wrote:
> # ASN is also IP-related!
>
> CURRENT:
> are various IP- and ASN-related search options provided by RIRs via
> their Whois services for which there is no corresponding RDAP
> functionality.
>
> Maybe consider:
>
> NEW:
> are various IP-related search options (e.g., IP address, IP prefix, and
> ASN)
> provided by RIRs via
We think that in the context of RIR Whois services, drawing a
distinction between IPs and ASNs is reasonable, because although they
are related to each other in a general sense, the category split is
quite pronounced in Whois, and in RDAP as well.
> # Normative language
>
> CURRENT:
> Indentation and whitespace in examples are provided only to
> illustrate element relationships, and are not a REQUIRED feature of
> this protocol.
>
> I understood this is somehow a convention in RDAP, but I still think the use
> of
> normative language here is not correct. Combing both “not” and “REQUIRED” is
> making things worse.
"REQUIRED" has been changed to "required".
> # IP network information
>
> CURRENT:
> Searches for IP network information by handle are specified using the
> form:
>
> An ASN is also an IP network information. Consider calling out address and/or
> prefix here.
To make this clearer, we have added to this sentence a reference to
the specific IP network object class from RFC 9083, and made
corresponding changes to the other similarly-situated sentences in the
document.
> # Extension & Version pattern
>
> CURRENT:
> 'ips/rirSearch1/<relation>/<IP address>': Used to identify an IP
> network search using a relation and an IP address to match a set
> of IP networks.
>
> Why a version is used here but not for the other extensions defined in this
> document?
"rirSearch1" includes a "version number" to indicate that there may be
a successor extension at some point in the future (extension
identifiers in RDAP are opaque, but it's relatively common to include
a number for this purpose). The extension identifiers without version
numbers (e.g. "ips") have that form so that they are consistent with
the corresponding search URLs and result members that are defined in
the base RDAP documents.
> # Compliance with HTTP BCP (RFC9205)
>
> CURRENT:
> server SHOULD respond with an HTTP 501 (Not Implemented) [RFC9110]
> response code if it receives such a request. Server operators MAY
> also opt not to support "status" filtering for values other than
> "active" for the "rdap-up" and "rdap-top" link relations, in which
> case the server SHOULD respond with an HTTP 501 (Not Implemented)
> [RFC9110] response code if it receives such a request.
>
> …
>
> via a lookup URL (see Section 3.1 of [RFC9082]). If there is no
> result for the search, the server returns an HTTP 404 (Not Found)
> [RFC9110] response code.
>
> The use of normative language is IMO not compliant with the guidance in
> RFC9205
> about error handling, especially this part:
>
> Applications using HTTP MUST NOT re-specify the semantics of HTTP
> status codes, even if it is only by copying their definition. It is
> NOT RECOMMENDED they require specific reason phrases to be used;
Our reading of RFC 9205 is that the text in the document is OK, because
it's mapping application errors to status codes, rather than trying to
re-specify the semantics of those codes. From that document:
... applications using HTTP should define their errors to use the
most applicable status code, making generous use of the general
status codes (200, 400, and 500) when in doubt.
Without defining that mapping, servers end up using different codes.
For example, the 404 text above was added due to some servers
returning 200 as the response code for RDAP searches that produced no
results, and others returning 404.
There is also:
To distinguish between multiple error conditions that are mapped to
the same status code and to avoid the misattribution issue outlined
above, applications using HTTP should convey finer-grained error
information in the response's message content and/or header fields.
[PROBLEM-DETAILS] provides one way to do so.
which consideration is addressed in RDAP by way of the explicit error
response, per
https://www.rfc-editor.org/rfc/rfc9083.html#name-error-response-body.
Also, just to avoid any doubt, although the document includes reason
phrases, this is just for the benefit of the reader, rather than
indicating that those phrases should be used as-is in the responses.
-Tom
_______________________________________________
regext mailing list -- [email protected]
To unsubscribe send an email to [email protected]
