Registration Data Access Protocol (RDAP) Query FormatVerisign Labs12061 Bluemont WayRestonVA20190United States of Americashollenbeck@verisign.comhttps://www.verisignlabs.com/Amazon Web Services, Inc.13200 Woodland Park RoadHerndonVA20171United States of Americaandy@hxr.us
Applications and Real-Time
REGEXT Working Group
This document describes uniform patterns to construct HTTP URLs that
may be used to retrieve registration information from registries
(including both Regional Internet Registries (RIRs) and Domain Name
Registries (DNRs)) using "RESTful" web access patterns. These
uniform patterns define the query syntax for the Registration Data
Access Protocol (RDAP). This document obsoletes RFC 7482.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Conventions Used in This Document
. Acronyms and Abbreviations
. Path Segment Specification
. Lookup Path Segment Specification
. IP Network Path Segment Specification
. Autonomous System Path Segment Specification
. Domain Path Segment Specification
. Nameserver Path Segment Specification
. Entity Path Segment Specification
. Help Path Segment Specification
. Search Path Segment Specification
. Domain Search
. Nameserver Search
. Entity Search
. Query Processing
. Partial String Searching
. Associated Records
. Extensibility
. Internationalization Considerations
. Character Encoding Considerations
. IANA Considerations
. Security Considerations
. References
. Normative References
. Informative References
. Changes from RFC 7482
Acknowledgments
Authors' Addresses
Introduction
This document describes a specification for querying registration
data using a RESTful web service and uniform query patterns. The
service is implemented using the Hypertext Transfer Protocol (HTTP)
and the conventions described in . These uniform
patterns define the query syntax for the Registration Data Access
Protocol (RDAP). This document obsoletes RFC 7482.
The protocol described in this specification is intended to address
deficiencies with the WHOIS protocol that have been
identified over time, including:
lack of standardized command structures;
lack of standardized output and error structures;
lack of support for internationalization and localization; and
lack of support for user identification, authentication, and
access control.
The patterns described in this document purposefully do not encompass
all of the methods employed in the WHOIS and other RESTful web
services used by the RIRs and DNRs. The intent of the patterns
described here is to enable queries of:
networks by IP address;
Autonomous System (AS) numbers by number;
reverse DNS metadata by domain;
nameservers by name; and
entities (such as registrars and contacts) by identifier.
Server implementations are free to support only a subset of these
features depending on local requirements. Servers MUST return an
HTTP 501 (Not Implemented) response to inform clients of
unsupported query types. It is also envisioned that each registry
will continue to maintain WHOIS and/or other RESTful web services
specific to their needs and those of their constituencies, and the
information retrieved through the patterns described here may
reference such services.
Likewise, future IETF specifications may add additional patterns for
additional query types. A simple pattern namespacing scheme is
described in to accommodate custom extensions that will not
interfere with the patterns defined in this document or patterns
defined in future IETF specifications.
WHOIS services, in general, are read-only services. Accordingly, URL
patterns specified in this document are only applicable to
the HTTP GET and HEAD methods.
This document does not describe the results or entities returned from
issuing the described URLs with an HTTP GET. The specification of
these entities is described in .
Additionally, resource management, provisioning, and update functions
are out of scope for this document. Registries have various and
divergent methods covering these functions, and it is unlikely a
uniform approach is needed for interoperability.
HTTP contains mechanisms for servers to authenticate clients and for
clients to authenticate servers (from which authorization schemes may
be built), so such mechanisms are not described in this document.
Policy, provisioning, and processing of authentication and
authorization are out of scope for this document as deployments will
have to make choices based on local criteria. Supported
authentication mechanisms are described in .Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14
when, and only when, they appear in all capitals, as shown here.Acronyms and Abbreviations
IDN:
Internationalized Domain Name, a fully-qualified domain name
containing one or more labels that are intended to include one or more
Unicode code points outside the ASCII range (cf. "domain name",
"fully-qualified domain name", and "internationalized domain name" in
RFC 8499 ).
IDNA:
Internationalized Domain Names in Applications, a protocol for
the handling of IDNs. In this document, "IDNA" refers specifically to
the version of those specifications known as "IDNA2008" .
DNR:
Domain Name Registry or Domain Name Registrar
NFC:
Unicode Normalization Form C
NFKC:
Unicode Normalization Form KC
RDAP:
Registration Data Access Protocol
REST:
Representational State Transfer. The term was first
described in a doctoral dissertation .
RESTful:
An adjective that describes a service using HTTP and the
principles of REST.
RIR:
Regional Internet Registry
Path Segment Specification
The base URLs used to construct RDAP queries are maintained in an
IANA registry (the "bootstrap registry") described in . Queries are formed by
retrieving an appropriate base URL from the registry and appending a
path segment specified in either Sections or . Generally, a
registry or other service provider will provide a base URL that
identifies the protocol, host, and port, and this will be used as a
base URL that the complete URL is resolved against, as per Section
of RFC 3986 . For example, if the base URL is
"https://example.com/rdap/", all RDAP query URLs will begin with
"https://example.com/rdap/".
The bootstrap registry does not contain information for query objects
that are not part of a global namespace, including entities and help.
A base URL for an associated object is required to construct a complete
query. This limitation can be overcome for entities by using the practice
described in RFC 8521 .
For entities, a base URL is retrieved for the service (domain,
address, etc.) associated with a given entity. The query URL is
constructed by concatenating the base URL with the entity path segment
specified in either Sections or .
For help, a base URL is retrieved for any service (domain, address,
etc.) for which additional information is required. The query URL is
constructed by concatenating the base URL with the help path segment
specified in .Lookup Path Segment Specification
A simple lookup to determine if an object exists (or not) without
returning RDAP-encoded results can be performed using the HTTP HEAD
method as described in .
The resource type path segments for exact match lookup are:
'ip':
Used to identify IP networks and associated data referenced
using either an IPv4 or IPv6 address.
'autnum':
Used to identify Autonomous System number registrations
and associated data referenced using an asplain Autonomous System
number.
'domain':
Used to identify reverse DNS (RIR) or domain name (DNR)
information and associated data referenced using a fully qualified
domain name.
'nameserver':
Used to identify a nameserver information query
using a host name.
'entity':
Used to identify an entity information query using a
string identifier.
IP Network Path Segment Specification
Syntax:
ip/<IP address> or ip/<CIDR prefix>/<CIDR length>
Queries for information about IP networks are of the form /ip/XXX
or /ip/XXX/YY where the path segment following 'ip' is either an
IPv4 dotted decimal or IPv6 address (i.e., XXX) or an IPv4
or IPv6 Classless Inter-domain Routing (CIDR) notation
address block (i.e., XXX/YY). Semantically, the simpler form using
the address can be thought of as a CIDR block with a prefix length
of 32 for IPv4 and a prefix length of 128 for IPv6. A given
specific address or CIDR may fall within multiple IP networks in a
hierarchy of networks; therefore, this query targets the "most-specific" or smallest IP network that completely encompasses it in a
hierarchy of IP networks.
The IPv4 and IPv6 address formats supported in this query are
described in Section of RFC 3986 as IPv4address and
IPv6address ABNF definitions. Any valid IPv6 text address format
can be used. This includes IPv6 addresses written using
with or without compressed zeros and IPv6 addresses containing
embedded IPv4 addresses. The rules to write a text representation of
an IPv6 address are RECOMMENDED. However, the zone_id
is not appropriate in this context; therefore, the
corresponding syntax extension in RFC 6874 MUST NOT be
used, and servers SHOULD ignore it.
For example, the following URL would be used to find information for
the most specific network containing 192.0.2.0:https://example.com/rdap/ip/192.0.2.0
The following URL would be used to find information for the most
specific network containing 192.0.2.0/24:https://example.com/rdap/ip/192.0.2.0/24
The following URL would be used to find information for the most
specific network containing 2001:db8::https://example.com/rdap/ip/2001:db8::Autonomous System Path Segment Specification
Syntax:
autnum/<autonomous system number>
Queries for information regarding Autonomous System number
registrations are of the form /autnum/XXX where XXX is an asplain
Autonomous System number . In some registries, registration
of Autonomous System numbers is done on an individual number basis,
while other registries may register blocks of Autonomous System
numbers. The semantics of this query are such that if a number falls
within a range of registered blocks, the target of the query is the
block registration and that individual number registrations are
considered a block of numbers with a size of 1.
For example, the following URL would be used to find information
describing Autonomous System number 12 (a number within a range of
registered blocks):https://example.com/rdap/autnum/12
The following URL would be used to find information describing 4-byte
Autonomous System number 65538:https://example.com/rdap/autnum/65538Domain Path Segment Specification
Syntax:
domain/<domain name>
Queries for domain information are of the form /domain/XXXX,
where XXXX is a fully qualified (relative to the root) domain name
(as specified in and ) in either the in-addr.arpa
or ip6.arpa zones (for RIRs) or a fully qualified domain name in a
zone administered by the server operator (for DNRs).
Internationalized Domain Names (IDNs) represented in either A-label
or U-label format are also valid domain names. See
for information on character encoding for the U-label
format.
IDNs SHOULD NOT be represented as a mixture of A-labels and U-labels;
that is, internationalized labels in an IDN SHOULD be either all
A-labels or all U-labels. It is possible for an RDAP client to
assemble a query string from multiple independent data sources. Such
a client might not be able to perform conversions between A-labels
and U-labels. An RDAP server that receives a query string with a
mixture of A-labels and U-labels MAY convert all the U-labels to
A-labels, perform IDNA processing, and proceed with exact-match
lookup. In such cases, the response to be returned to the query
source may not match the input from the query source. Alternatively,
the server MAY refuse to process the query.
The server MAY perform the match using either the A-label or U-label
form. Using one consistent form for matching every label is likely
to be more reliable.
The following URL would be used to find information describing the
zone serving the network 192.0.2/24:https://example.com/rdap/domain/2.0.192.in-addr.arpa
The following URL would be used to find information describing the
zone serving the network 2001:db8:1::/48:https://example.com/rdap/domain/1.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa
The following URL would be used to find information for the
blah.example.com domain name:https://example.com/rdap/domain/blah.example.com
The following URL would be used to find information for the
xn‑‑fo‑5ja.example IDN:https://example.com/rdap/domain/xn--fo-5ja.exampleNameserver Path Segment Specification
Syntax:
nameserver/<nameserver name>
The <nameserver name> parameter represents a fully qualified host
name as specified in and . Internationalized
names represented in either A-label or U-label format are
also valid nameserver names. IDN processing for nameserver names
uses the domain name processing instructions specified in
. See for information on character encoding
for the U-label format.
The following URL would be used to find information for the
ns1.example.com nameserver:https://example.com/rdap/nameserver/ns1.example.com
The following URL would be used to find information for the
ns1.xn‑‑fo-5ja.example nameserver:https://example.com/rdap/nameserver/ns1.xn--fo-5ja.exampleEntity Path Segment Specification
Syntax:
entity/<handle>
The <handle> parameter represents an entity (such as a contact,
registrant, or registrar) identifier whose syntax is specific to the
registration provider. For example, for some DNRs, contact
identifiers are specified in and .
The following URL would be used to find information for the entity
associated with handle XXXX:https://example.com/rdap/entity/XXXXHelp Path Segment Specification
Syntax:
help
The help path segment can be used to request helpful information
(command syntax, terms of service, privacy policy, rate-limiting
policy, supported authentication methods, supported extensions,
technical support contact, etc.) from an RDAP server. The response
to "help" should provide basic information that a client needs to
successfully use the service. The following URL would be used to
return "help" information:https://example.com/rdap/helpSearch Path Segment Specification
Pattern matching semantics are described in . The
resource type path segments for search are:
'domains':
Used to identify a domain name information search using
a pattern to match a fully qualified domain name.
'nameservers':
Used to identify a nameserver information search
using a pattern to match a host name.
'entities':
Used to identify an entity information search using a
pattern to match a string identifier.
RDAP search path segments are formed using a concatenation of the
plural form of the object being searched for and an HTTP query
string. The HTTP query string is formed using a concatenation of the
question mark character ('?', US-ASCII value 0x003F), a noun
representing the JSON object property associated with the object
being searched for, the equal sign character ('=', US-ASCII value
0x003D), and the search pattern (this is in contrast to the more
generic HTTP query string that allows multiple simultaneous parameters).
Search pattern query processing is
described more fully in . For the domain,
nameserver, and entity objects described in this document, the
plural object forms are "domains", "nameservers", and "entities".
Detailed results can be retrieved using the HTTP GET method and the
path segments specified here.Domain Search
Syntax:
domains?name=<domain search pattern>
Syntax:
domains?nsLdhName=<nameserver search pattern>
Syntax:
domains?nsIp=<nameserver IP address>
Searches for domain information by name are specified using this
form:
domains?name=XXXX
XXXX is a search pattern representing a domain name in "letters, digits,
hyphen" (LDH) format . The following URL would be used to find
DNR information for domain names matching the "example*.com" pattern:https://example.com/rdap/domains?name=example*.com
IDNs in U-label format can also be used as search patterns
(see ). Searches for these names are of the form
/domains?name=XXXX, where XXXX is a search pattern representing a
domain name in U-label format . See for
information on character encoding for the U-label format.
Searches for domain information by nameserver name are specified
using this form:
domains?nsLdhName=YYYY
YYYY is a search pattern representing a host name in "letters, digits,
hyphen" format . The following URL would be used to search for
domains delegated to nameservers matching the "ns1.example*.com"
pattern:https://example.com/rdap/domains?nsLdhName=ns1.example*.com
Searches for domain information by nameserver IP address are
specified using this form:
domains?nsIp=ZZZZ
ZZZZ is an IPv4 or IPv6
address. The following URL would be used to search for
domains that have been delegated to nameservers that resolve to the
"192.0.2.0" address:https://example.com/rdap/domains?nsIp=192.0.2.0Nameserver Search
Syntax:
nameservers?name=<nameserver search pattern>
Syntax:
nameservers?ip=<nameserver IP address>
Searches for nameserver information by nameserver name are specified
using this form:
nameservers?name=XXXX
XXXX is a search pattern representing a host name in "letters, digits,
hyphen" format . The following URL would be used to find
information for nameserver names matching the "ns1.example*.com"
pattern:https://example.com/rdap/nameservers?name=ns1.example*.com
Internationalized nameserver names in U-label format can
also be used as search patterns (see ). Searches for these
names are of the form /nameservers?name=XXXX, where XXXX is a search
pattern representing a nameserver name in U-label format .
See for information on character encoding for the U-label
format.
Searches for nameserver information by nameserver IP address are
specified using this form:
nameservers?ip=YYYY
YYYY is an IPv4 or IPv6
address. The following URL would be used to search for
nameserver names that resolve to the "192.0.2.0" address:https://example.com/rdap/nameservers?ip=192.0.2.0Entity Search
Syntax:
entities?fn=<entity name search pattern>
Syntax:
entities?handle=<entity handle search pattern>
Searches for entity information by name are specified using this
form:
entities?fn=XXXX
XXXX is a search pattern representing the "fn" property of an entity
(such as a contact, registrant, or registrar) name as described in
. The following URL would be used to find
information for entity names matching the "Bobby Joe*" pattern:https://example.com/rdap/entities?fn=Bobby%20Joe*
Searches for entity information by handle are specified using this
form:
entities?handle=XXXX
XXXX is a search pattern representing an entity (such as a contact,
registrant, or registrar) identifier whose syntax is specific to the
registration provider. The following URL would be used to find
information for entity handles matching the "CID-40*" pattern:https://example.com/rdap/entities?handle=CID-40*
URLs MUST be properly encoded according to the rules of .
In the example above, "Bobby Joe*" is encoded to "Bobby%20Joe*".Query Processing
Servers indicate the success or failure of query processing by
returning an appropriate HTTP response code to the client. Response
codes not specifically identified in this document are described in
.Partial String Searching
Partial string searching uses the asterisk ('*', US-ASCII value 0x2A)
character to match zero or more trailing characters. A character string
representing a domain label suffix MAY be concatenated to the end of the
search pattern to limit the scope of the search. For example, the search
pattern "exam*" will match "example.com" and "example.net". The search
pattern "exam*.com" will match "example.com". If an asterisk appears in
a search string, any label that contains the non-asterisk characters in
sequence plus zero or more characters in sequence in place of the asterisk
would match. A partial string search MUST NOT include more than one asterisk.
Additional pattern matching processing is beyond the scope of this specification.
If a server receives a search request but cannot process the request
because it does not support a particular style of partial match
searching, it SHOULD return an HTTP 422 (Unprocessable Entity)
response (unless another response code is
more appropriate based on a server's policy settings) to note that search functionality
is supported, but this particular query cannot be processed. When
returning a 422 error, the server MAY also return an error response
body as specified in
if the requested media type is one that is specified in .
Partial matching is not feasible across combinations of Unicode
characters because Unicode characters can be combined with each
other. Servers SHOULD NOT partially match combinations of Unicode
characters where a legal combination is possible. It should be
noted, though, that it may not always be possible to detect cases
where a character could have been combined with another character,
but was not, because characters can be combined in many different
ways.
Clients SHOULD NOT submit a partial match search of Unicode
characters where a Unicode character may be legally combined with
another Unicode character or characters. Partial match searches with
incomplete combinations of characters where a character must be
combined with another character or characters are invalid. Partial
match searches with characters that may be combined with another
character or characters are to be considered non-combined characters
(that is, if character x may be combined with character y but
character y is not submitted in the search string, then character x
is a complete character and no combinations of character x are to be
searched).Associated Records
Conceptually, any query-matching record in a server's database might
be a member of a set of related records, related in some fashion as
defined by the server -- for example, variants of an IDN. The entire
set ought to be considered as candidates for inclusion when
constructing the response. However, the construction of the final
response needs to be mindful of privacy and other data-releasing
policies when assembling the RDAP response set.
Note too that due to the nature of searching, there may be a list of
query-matching records. Each one of those is subject to being a
member of a set as described in the previous paragraph. What is
ultimately returned in a response will be the union of all the sets
that has been filtered by whatever policies are in place.
Note that this model includes arrangements for associated names,
including those that are linked by policy mechanisms and names bound
together for some other purposes. Note also that returning
information that was not explicitly selected by an exact-match
lookup, including additional names that match a relatively fuzzy
search as well as lists of names that are linked together, may cause
privacy issues.
Note that there might not be a single, static information return
policy that applies to all clients equally. Client identity and
associated authorizations can be a relevant factor in determining how
broad the response set will be for any particular query.Extensibility
This document describes path segment specifications for a limited
number of objects commonly registered in both RIRs and DNRs. It does
not attempt to describe path segments for all of the objects
registered in all registries. Custom path segments can be created
for objects not specified here using the process described in
Section of "" .
Custom path segments can be created by prefixing the segment with a
unique identifier followed by an underscore character (0x5F). For
example, a custom entity path segment could be created by prefixing
"entity" with "custom_", producing "custom_entity". Servers MUST
return an appropriate failure status code for a request with an
unrecognized path segment.Internationalization Considerations
There is value in supporting the ability to submit either a U-label
(Unicode form of an IDN label) or an A-label (US-ASCII form of an IDN
label) as a query argument to an RDAP service. Clients capable of
processing non-US-ASCII characters may prefer a U-label since this is
more visually recognizable and familiar than A-label strings, but
clients using programmatic interfaces might find it easier to submit
and display A-labels if they are unable to input U-labels with their
keyboard configuration. Both query forms are acceptable.
Internationalized domain and nameserver names can contain character
variants and variant labels as described in . Clients that
support queries for internationalized domain and nameserver names
MUST accept service provider responses that describe variants as
specified in "" .Character Encoding Considerations
Servers can expect to receive search patterns from clients that
contain character strings encoded in different forms supported by
HTTP. It is entirely possible to apply filters and normalization
rules to search patterns prior to making character comparisons, but
this type of processing is more typically needed to determine the
validity of registered strings than to match patterns.
An RDAP client submitting a query string containing non-US-ASCII
characters converts such strings into Unicode in UTF-8 encoding. It
then performs any local case mapping deemed necessary. Strings are
normalized using Normalization Form C (NFC) ; note
that clients might not be able to do this reliably. UTF-8 encoded
strings are then appropriately percent-encoded in the query
URL.
After parsing any percent-encoding, an RDAP server treats each query
string as Unicode in UTF-8 encoding. If a string is not valid UTF-8,
the server can immediately stop processing the query and return an
HTTP 400 (Bad Request) response.
When processing queries, there is a difference in handling DNS names,
including those with putative U-labels, and everything else. DNS
names are treated according to the DNS matching rules as described in
Section of RFC 1035 for Non-Reserved LDH (NR-LDH)
labels and the matching rules described in Section of RFC 5891
for U-labels. Matching of DNS names proceeds one label at
a time because it is possible for a combination of U-labels and
NR-LDH labels to be found in a single domain or host name. The
determination of whether a label is a U-label or an NR-LDH label is
based on whether the label contains any characters outside of the
US-ASCII letters, digits, or hyphen (the so-called LDH rule).
For everything else, servers map fullwidth and halfwidth characters
to their decomposition equivalents. Servers convert strings to the
same coded character set of the target data that is to be looked up
or searched, and each string is normalized using the same
normalization that was used on the target data. In general, storage
of strings as Unicode is RECOMMENDED. For the purposes of
comparison, Normalization Form KC (NFKC) with case
folding is used to maximize predictability and the number of matches.
Note the use of case-folded NFKC as opposed to NFC in this case.IANA ConsiderationsThis document has no IANA actions.Security Considerations
Security services for the operations specified in this document are
described in "" .
Search functionality typically requires more server resources (such
as memory, CPU cycles, and network bandwidth) when compared to basic
lookup functionality. This increases the risk of server resource
exhaustion and subsequent denial of service due to abuse. This risk
can be mitigated by developing and implementing controls to restrict
search functionality to identified and authorized clients. If those
clients behave badly, their search privileges can be suspended or
revoked. Rate limiting as described in Section of "" can also be
used to control the rate of received search requests. Server
operators can also reduce their risk by restricting the amount of
information returned in response to a search request.
Search functionality also increases the privacy risk of disclosing
object relationships that might not otherwise be obvious. For
example, a search that returns IDN variants that do not
explicitly match a client-provided search pattern can disclose
information about registered domain names that might not be otherwise
available. Implementers need to consider the policy and privacy
implications of returning information that was not explicitly
requested.
Note that there might not be a single, static information return
policy that applies to all clients equally. Client identity and
associated authorizations can be a relevant factor in determining how
broad the response set will be for any particular query.ReferencesNormative ReferencesDoD Internet host table specificationThis RFC is the official specification of the format of the Internet Host Table. This edition of the specification includes minor revisions to RFC-810 which brings it up to date.Domain names - implementation and specificationThis RFC is the revised specification of the protocol and format used in the implementation of the Domain Name System. It obsoletes RFC-883. This memo documents the details of the domain name client - server communication.Requirements for Internet Hosts - Application and SupportThis RFC is an official specification for the Internet community. It incorporates by reference, amends, corrects, and supplements the primary protocol standards documents relating to hosts. [STANDARDS-TRACK]Internet numbersThis memo is a status report on the network numbers and autonomous system numbers used in the Internet community.Key words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Uniform Resource Identifier (URI): Generic SyntaxA Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every possible identifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme. [STANDARDS-TRACK]IP Version 6 Addressing ArchitectureThis specification defines the addressing architecture of the IP Version 6 (IPv6) protocol. The document includes the IPv6 addressing model, text representations of IPv6 addresses, definition of IPv6 unicast addresses, anycast addresses, and multicast addresses, and an IPv6 node's required addresses.This document obsoletes RFC 3513, "IP Version 6 Addressing Architecture". [STANDARDS-TRACK]Classless Inter-domain Routing (CIDR): The Internet Address Assignment and Aggregation PlanThis memo discusses the strategy for address assignment of the existing 32-bit IPv4 address space with a view toward conserving the address space and limiting the growth rate of global routing state. This document obsoletes the original Classless Inter-domain Routing (CIDR) spec in RFC 1519, with changes made both to clarify the concepts it introduced and, after more than twelve years, to update the Internet community on the results of deploying the technology described. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.HTTP Extensions for Web Distributed Authoring and Versioning (WebDAV)Web Distributed Authoring and Versioning (WebDAV) consists of a set of methods, headers, and content-types ancillary to HTTP/1.1 for the management of resource properties, creation and management of resource collections, URL namespace manipulation, and resource locking (collision avoidance).RFC 2518 was published in February 1999, and this specification obsoletes RFC 2518 with minor revisions mostly due to interoperability experience. [STANDARDS-TRACK]Textual Representation of Autonomous System (AS) NumbersA textual representation for Autonomous System (AS) numbers is defined as the decimal value of the AS number. This textual representation is to be used by all documents, systems, and user interfaces referring to AS numbers. [STANDARDS-TRACK]Extensible Provisioning Protocol (EPP)This document describes an application-layer client-server protocol for the provisioning and management of objects stored in a shared central repository. Specified in XML, the protocol defines generic object management operations and an extensible framework that maps protocol operations to objects. This document includes a protocol specification, an object mapping template, and an XML media type registration. This document obsoletes RFC 4930. [STANDARDS-TRACK]Extensible Provisioning Protocol (EPP) Contact MappingThis document describes an Extensible Provisioning Protocol (EPP) mapping for the provisioning and management of individual or organizational social information identifiers (known as "contacts") stored in a shared central repository. Specified in Extensible Markup Language (XML), the mapping defines EPP command syntax and semantics as applied to contacts. This document obsoletes RFC 4933. [STANDARDS-TRACK]Internationalized Domain Names for Applications (IDNA): Definitions and Document FrameworkThis document is one of a collection that, together, describe the protocol and usage context for a revision of Internationalized Domain Names for Applications (IDNA), superseding the earlier version. It describes the document collection and provides definitions and other material that are common to the set. [STANDARDS-TRACK]Internationalized Domain Names in Applications (IDNA): ProtocolThis document is the revised protocol definition for Internationalized Domain Names (IDNs). The rationale for changes, the relationship to the older specification, and important terminology are provided in other documents. This document specifies the protocol mechanism, called Internationalized Domain Names in Applications (IDNA), for registering and looking up IDNs in a way that does not require changes to the DNS itself. IDNA is only meant for processing domain names, not free text. [STANDARDS-TRACK]A Recommendation for IPv6 Address Text RepresentationAs IPv6 deployment increases, there will be a dramatic increase in the need to use IPv6 addresses in text. While the IPv6 address architecture in Section 2.2 of RFC 4291 describes a flexible model for text representation of an IPv6 address, this flexibility has been causing problems for operators, system engineers, and users. This document defines a canonical textual representation format. It does not define a format for internal storage, such as within an application or database. It is expected that the canonical format will be followed by humans and systems when representing IPv6 addresses as text, but all implementations must accept and be able to handle any legitimate RFC 4291 format. [STANDARDS-TRACK]Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and RoutingThe Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document provides an overview of HTTP architecture and its associated terminology, defines the "http" and "https" Uniform Resource Identifier (URI) schemes, defines the HTTP/1.1 message syntax and parsing requirements, and describes related security concerns for implementations.Hypertext Transfer Protocol (HTTP/1.1): Semantics and ContentThe Hypertext Transfer Protocol (HTTP) is a stateless \%application- level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation.HTTP Usage in the Registration Data Access Protocol (RDAP)This document is one of a collection that together describes the Registration Data Access Protocol (RDAP). It describes how RDAP is transported using the Hypertext Transfer Protocol (HTTP). RDAP is a successor protocol to the very old WHOIS protocol. The purpose of this document is to clarify the use of standard HTTP mechanisms for this application.Security Services for the Registration Data Access Protocol (RDAP)The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from Domain Name and Regional Internet Registries. This document describes information security services, including access control, authentication, authorization, availability, data confidentiality, and data integrity for RDAP.Finding the Authoritative Registration Data (RDAP) ServiceThis document specifies a method to find which Registration Data Access Protocol (RDAP) server is authoritative to answer queries for a requested scope, such as domain names, IP addresses, or Autonomous System numbers.Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.DNS TerminologyThe Domain Name System (DNS) is defined in literally dozens of different RFCs. The terminology used by implementers and developers of DNS protocols, and by operators of DNS systems, has sometimes changed in the decades since the DNS was first defined. This document gives current definitions for many of the terms used in the DNS in a single document.This document obsoletes RFC 7719 and updates RFC 2308.JSON Responses for the Registration Data Access Protocol (RDAP)Unicode Standard Annex #15: Unicode Normalization FormsThe Unicode ConsortiumInformative ReferencesArchitectural Styles and the Design of Network-based Software ArchitecturesUniversity of California, IrvineWHOIS Protocol SpecificationThis document updates the specification of the WHOIS protocol, thereby obsoleting RFC 954. The update is intended to remove the material from RFC 954 that does not have to do with the on-the-wire protocol, and is no longer applicable in today's Internet. This document does not attempt to change or update the protocol per se, or document other uses of the protocol that have come into existence since the publication of RFC 954. [STANDARDS-TRACK]IPv6 Scoped Address ArchitectureThis document specifies the architectural characteristics, expected behavior, textual representation, and usage of IPv6 addresses of different scopes. According to a decision in the IPv6 working group, this document intentionally avoids the syntax and usage of unicast site-local addresses. [STANDARDS-TRACK]Suggested Practices for Registration of Internationalized Domain Names (IDN)This document explores the issues in the registration of internationalized domain names (IDNs). The basic IDN definition allows a very large number of possible characters in domain names, and this richness may lead to serious user confusion about similar-looking names. To avoid this confusion, the IDN registration process must impose rules that disallow some otherwise-valid name combinations. This document suggests a set of mechanisms that registries might use to define and implement such rules for a broad range of languages, including adaptation of methods developed for Chinese, Japanese, and Korean domain names. This memo provides information for the Internet community.Representing IPv6 Zone Identifiers in Address Literals and Uniform Resource IdentifiersThis document describes how the zone identifier of an IPv6 scoped address, defined as <zone_id> in the IPv6 Scoped Address Architecture (RFC 4007), can be represented in a literal IPv6 address and in a Uniform Resource Identifier that includes such a literal address. It updates the URI Generic Syntax specification (RFC 3986) accordingly.Variants in Second-Level Names Registered in Top-Level DomainsInternationalized Domain Names for Applications (IDNA) provides a method to map a subset of names written in Unicode into the DNS. Because of Unicode decisions, appearance, language and writing system conventions, and historical reasons, it often has been asserted that there is more than one way to write what competent readers and writers think of as the same host name; these different ways of writing are often called "variants". (The authors note that there are many conflicting definitions for the term "variant" in the IDNA community.) This document surveys the approaches that top-level domains have taken to the registration and provisioning of domain names that have variants. This document is not a product of the IETF, does not propose any method to make variants work "correctly", and is not an introduction to internationalization or IDNA.Registration Data Access Protocol (RDAP) Object TaggingThe Registration Data Access Protocol (RDAP) includes a method that can be used to identify the authoritative server for processing domain name, IP address, and autonomous system number queries. The method does not describe how to identify the authoritative server for processing other RDAP query types, such as entity queries. This limitation exists because the identifiers associated with these query types are typically unstructured. This document updates RFC 7484 by describing an operational practice that can be used to add structure to RDAP identifiers and that makes it possible to identify the authoritative server for additional RDAP queries.Changes from RFC 7482
Addressed known errata.
Addressed other reported clarifications and corrections: IDN, IDNA, and DNR definitions.
Noted that registrars are entities. Added a reference to RFC 8521 to address the bootstrap registry limitation.
Removed extraneous "...". Clarified HTTP query string, search pattern, name server search, domain label suffix, and asterisk search.
Addressed "The HTTP query string" clarification.
Modified coauthor address.
Updated references to RFC 7483 to RFC 9083.
Added an IANA Considerations section. Changed references to use HTTPS for targets.
Changed "XXXX is a search pattern representing the "FN" property of an entity (such as a contact, registrant, or registrar) name as specified in Section 5.1" to "Changed "XXXX is a search pattern representing the "fn" property of an entity (such as a contact, registrant, or registrar) name as described in Section 5.1".
Added acknowledgments.
Changed "The intent of the patterns described here are to enable queries" to "The intent of the patterns described here is to enable queries".
Changed "the corresponding syntax extension in RFC 6874 MUST NOT be used, and servers are to ignore it if possible" to "the corresponding syntax extension in RFC 6874 MUST NOT be used, and servers SHOULD ignore it".
Changed "Only a single asterisk is allowed for a partial string search" to "A partial string search MUST NOT include more than one asterisk".
Changed "Clients should avoid submitting a partial match search of Unicode characters where a Unicode character may be legally combined with another Unicode character or characters" to "Clients SHOULD NOT submit a partial match search of Unicode characters where a Unicode character may be legally combined with another Unicode character or characters".
Changed description of nameserver IP address "search pattern" in Sections and .
IESG review feedback: Added "obsoletes 7482" to the headers, Abstract, and Introduction. Changed "IETF standards" to "IETF specifications" and "Therefore" to "Accordingly" in . Updated the BCP 14 boilerplate. Added definition of "bootstrap registry" and changed "concatenating ... to" to "concatenating ... with" in . Changed "bitmask length" to "prefix length" and "2001:db8::0" to "2001:db8::" in . Added "in contrast to the more generic HTTP query string that admits multiple simultaneous parameters" in . Changed "0x002A" to "0x2A" in . Clarified use of HTTP 422 SHOULD in .
Acknowledgments
This document is derived from original work on RIR query formats
developed by of APNIC, of LACNIC,
of the RIPE NCC, and of ARIN.
Additionally, this document incorporates DNR query formats originally
described by and of ICANN and
of Verisign Labs.
The authors would like to acknowledge the following individuals for
their contributions to this document: , ,
, , ,
, , , , , , ,
, , , , and .Authors' AddressesVerisign Labs12061 Bluemont WayRestonVA20190United States of Americashollenbeck@verisign.comhttps://www.verisignlabs.com/Amazon Web Services, Inc.13200 Woodland Park RoadHerndonVA20171United States of Americaandy@hxr.us