Hi Tom, Thanks for the clarifications and action on each point. I also checked 17/19 diff. All my points are adequately addressed.
Cheers, Med > -----Message d'origine----- > De : Tom Harrison <[email protected]> > Envoyé : mercredi 4 juin 2025 23:48 > À : BOUCADAIR Mohamed INNOV/NET <[email protected]> > Cc : The IESG <[email protected]>; draft-ietf-regext-rdap-rir- > [email protected]; [email protected]; [email protected]; > [email protected] > Objet : Re: Mohamed Boucadair's No Objection on draft-ietf-regext- > rdap-rir-search-17: (with COMMENT) > > > Hi Med, > > Thanks for your feedback. > > On Mon, Jun 02, 2025 at 01:02:33PM +0000, > [email protected] wrote: > > De : Tom Harrison <[email protected]> > >> We think that in the context of RIR Whois services, drawing a > >> distinction between IPs and ASNs is reasonable, because although > they > >> are related to each other in a general sense, the category split > is > >> quite pronounced in Whois, and in RDAP as well. > > > > [Med] ACK. A minor change without disturbing what seems to be an > > established practice would be then: > > > > OLD: IP- > > NEW: IP address/prefix. > > > > That would be consistent with how these options are offered by, > e.g., > > > > - IP Address or CIDR range > > - ASN (Autonomous System Number or Autnum) > > - Origin AS > > Updated: > > The core specifications for RDAP define basic search > functionality, but there are various search options related to > IP > addresses, IP prefixes, and ASNs, which are provided by RIRs > via > their Whois services, but for which there is no corresponding > RDAP > functionality. > > >>> # Extension & Version pattern > >>> > >>> CURRENT: > >>> 'ips/rirSearch1/<relation>/<IP address>': Used to > identify > >>> an IP network search using a relation and an IP address > to > >>> match a set of IP networks. > >>> > >>> Why a version is used here but not for the other extensions > defined > >>> in this document? > >> > >> "rirSearch1" includes a "version number" to indicate that there > may > >> be a successor extension at some point in the future (extension > >> identifiers in RDAP are opaque, but it's relatively common to > include > >> a number for this purpose). > > > > [Med] Can we then say explicitly in the text that this is about > > version 1 of rirSearch in the text? Thanks. > > Updated: > > The "1" in "rirSearch1" denotes that this is version 1 of the > RIR > search extension. New versions of the RIR search extension > will > use different extension identifiers. > > >> The extension identifiers without version numbers (e.g. "ips") > have > >> that form so that they are consistent with the corresponding > search > >> URLs and result members that are defined in the base RDAP > documents. > > > > [Med] I interpret this as there won't be successor extensions for > > these. A note would be helpful because otherwise, it is not > obvious > > why distinct patterns are used for naming the extensions. > > Updated: > > The "1" in "rirSearch1" denotes that this is version 1 of the > RIR > search extension. New versions of the RIR search extension > will > use different extension identifiers. A version suffix is not > used > for the remaining identifiers defined by this document, partly > because such a suffix would reduce consistency with the > corresponding functionality for the other object classes, and > partly because it is very unlikely that the functionality > associated with those identifiers will change. > > >>> # Compliance with HTTP BCP (RFC9205) > >>> > >>> CURRENT: > >>> server SHOULD respond with an HTTP 501 (Not Implemented) > [RFC9110] > >>> response code if it receives such a request. Server > operators MAY > >>> also opt not to support "status" filtering for values other > than > >>> "active" for the "rdap-up" and "rdap-top" link relations, in > which > >>> case the server SHOULD respond with an HTTP 501 (Not > Implemented) > >>> [RFC9110] response code if it receives such a request. > >>> > >>> via a lookup URL (see Section 3.1 of [RFC9082]). If there > is no > >>> result for the search, the server returns an HTTP 404 (Not > Found) > >>> [RFC9110] response code. > >>> > >>> The use of normative language is IMO not compliant with the > guidance > >>> in RFC9205 about error handling, especially this part: > >>> > >>> Applications using HTTP MUST NOT re-specify the semantics of > HTTP > >>> status codes, even if it is only by copying their > definition. It is > >>> NOT RECOMMENDED they require specific reason phrases to be > used; > >> > >> Our reading of RFC 9205 is that the text in the document is OK, > >> because it's mapping application errors to status codes, rather > than > >> trying to re-specify the semantics of those codes. From that > >> document: > >> > >> ... applications using HTTP should define their errors to > use > >> the most applicable status code, making generous use of the > >> general status codes (200, 400, and 500) when in doubt. > >> > >> Without defining that mapping, servers end up using different > codes. > > > > [Med] I'm afraid that you do: " SHOULD respond with an HTTP 501 > .." > > is an example. > > We've attempted to address this feedback by relying on > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fm > ailarchive.ietf.org%2Farch%2Fmsg%2Fanima%2FqHRppN_6T3KBdsjOksxu8bw4 > byI%2F&data=05%7C02%7Cmohamed.boucadair%40orange.com%7C4a20c5b300ec > 43cc406808dda3b18a2c%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C6 > 38846705129318364%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsI > lYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D > %7C0%7C%7C%7C&sdata=zXabIkqD2ZY0c6ZYdWvTWOE26zpMPwYng25jk0mZdqM%3D& > reserved=0, > where a similar issue was flagged in another document. If we've > misinterpreted the requirements here, please let us know. Updated: > > By default, any valid status value may be used for status > filtering. Server operators MAY opt not to support "status" > filtering for the "rdap-down" and "rdap-bottom" link relations, > in > which case the server responds with an HTTP 501 (Not > Implemented) > [RFC9110] response code if it receives such a request. Server > operators MAY also opt not to support "status" filtering for > values other than "active" for the "rdap-up" and "rdap-top" > link > relations, in which case the server responds with an HTTP 501 > (Not > Implemented) [RFC9110] response code if it receives such a > request. > > >> Also, just to avoid any doubt, although the document includes > reason > >> phrases, this is just for the benefit of the reader, rather than > >> indicating that those phrases should be used as-is in the > responses. > > > > [Med] Thanks for clarifying. Better to have this intent clarified > in > > the spec itself. > > Updated: > > Where this document includes HTTP reason phrases, that is > purely > for the benefit of the reader, and is not an indication that > those > phrases need to be used as-is in responses. > > -Tom ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you. _______________________________________________ regext mailing list -- [email protected] To unsubscribe send an email to [email protected]
