draft-brown-whoami.xml 8.3 KB
Newer Older
Gavin Brown's avatar
Gavin Brown committed
1 2 3
<?xml version="1.0" encoding="us-ascii"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd"
[
Gavin Brown's avatar
tidy  
Gavin Brown committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

<!ENTITY RFC2119 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml">

<!ENTITY RFC2397 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2397.xml">

<!ENTITY RFC2818 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2818.xml">

<!ENTITY RFC3912 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3912.xml">

<!ENTITY RFC5785 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5785.xml">

<!ENTITY RFC6335 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6335.xml">

<!ENTITY RFC7480 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7480.xml">

<!ENTITY RFC7553 SYSTEM
  "http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7553.xml">

Gavin Brown's avatar
Gavin Brown committed
29 30 31 32 33 34 35 36 37 38 39
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<?rfc strict="yes" ?>
<?rfc toc="yes"?>
<?rfc tocdepth="4"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes" ?>
<?rfc compact="yes" ?>
<?rfc subcompact="no" ?>
<?rfc comments="yes" ?>
<?rfc inline="yes" ?>
40 41 42 43

<rfc category="exp" docName="draft-brown-whoami-02" ipr="trust200902"
  submissionType="independent">

44
  <front>
45 46
    <title abbrev="WHOAMI">WHOAMI: A Method For Identifying a Domain
    Operator's Contact Information</title>
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
    <author fullname="Gavin Brown" initials="G" surname="Brown">
      <organization>CentralNic Group plc</organization>
      <address>
        <postal>
        <street>35-39 Moorgate</street>
        <city>London</city>
        <region>England</region>
        <code>EC2R 6AR</code>
        <country>GB</country>
        </postal>
        <phone>+44 20 33 88 0600</phone>
        <email>gavin.brown@centralnic.com</email>
        <uri>https://www.centralnic.com</uri>
      </address>
    </author>
Gavin Brown's avatar
Gavin Brown committed
62
    <date month="June" year="2018" />
63 64 65
    <area>Applications</area>
    <workgroup>Internet Engineering Task Force</workgroup>

66 67 68
    <abstract><t>This document proposes a method by which the operator
    of a domain may publish their contact information in a discoverable
    and machine-readable format.</t></abstract>
69 70 71 72 73
  </front>

  <middle>
    <section title="Introduction">

74 75 76
      <t>This document specifies a protocol which provides a way for the
      operator of a domain name to publish their contact information in
      a discoverable and machine-readable format.</t>
77

78 79 80 81
      <t>It serves as a complementary service to WHOIS (<xref
      target="RFC3912"/>) and RDAP (<xref target="RFC7480"/>), and
      differs in that it relies on self-publication by the domain
      operator, rather than a centralised third party service.</t>
82 83

      <section title="Conventions Used in This Document">
84 85 86 87
        <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
        NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
        "OPTIONAL" in this document are to be interpreted as described
        in <xref target="RFC2119"/>.</t>
88 89 90 91 92 93
      </section>

    </section>

    <section title="WHOAMI Protocol">
      <t>Domain Operators MAY publish a WHOAMI Record
94 95 96 97 98
      in conformance with this specification. It may be published (a) at
      a URL indicated by a <xref target="RFC7553">URI record</xref>
      published in the DNS (as described in <xref target="dnsuri"/>), or
      (b) at a well-known URL (as described in <xref
      target="wellknown"/>).</t>
99

Gavin Brown's avatar
tidy  
Gavin Brown committed
100 101 102
      <t>Software which consumes WHOAMI records SHOULD first perform a
      DNS query for the URI record for a domain, falling back to the
      well-known URL if the query does not return a positive result.</t>
103 104

      <section anchor="dnsuri" title="URI Record">
Gavin Brown's avatar
tidy  
Gavin Brown committed
105 106 107
        <t>Domain Operators MAY publish the URL of their WHOAMI record
        as a URI record in the DNS. An example of such a record is
        below:</t>
108 109

        <figure><artwork>$ORIGIN example.com.
Gavin Brown's avatar
Gavin Brown committed
110
_nicname._tcp IN URI 10 1 https://example.com/whoami/whoami.vcf</artwork>
111 112
        </figure>

Gavin Brown's avatar
Gavin Brown committed
113
        <t>Note: the Owner Name, Priority, Weight, Target and URI in the
Gavin Brown's avatar
tidy  
Gavin Brown committed
114
        above record are illustrative only.</t>
115

Gavin Brown's avatar
tidy  
Gavin Brown committed
116 117 118 119
        <t>The Service Tag of the URI record is constructed as per
        Section 4.1 of <xref target="RFC7553"/>, with the "_nicname" tag
        being derived from the "Who Is Protocol" entry in the "Service
        Name and Transport Protocol Port Number Registry (see <xref
120
        target="RFC6335"/>).</t>
121 122

        <section title="URI Record with a data: scheme">
Gavin Brown's avatar
tidy  
Gavin Brown committed
123 124 125
          <t>Domain Operators MAY publish a record with a "data:" scheme
          (<xref target="RFC2397"/>). This allows the WHOAMI record to
          be embedded in the URI record itself. An example of such a URI
126 127 128 129
          is below:</t>

          <figure>
            <artwork>data:text/vcard;charset=utf-8;base64,QkVHSU46VkNBUkQNClZFUlNJT046NC4w
Gavin Brown's avatar
Gavin Brown committed
130 131 132 133
DQpVSUQ6dXJuOnV1aWQ6NGZiZTg5NzEtMGJjMy00MjRjLTljMjYtMzZjM2UxZWZmNmIxD
QpGTjtQSUQ9MS4xOkouIERvZQ0KTjpEb2U7Si47OzsNCkVNQUlMO1BJRD0xLjE6amRvZU
BleGFtcGxlLmNvbQ0KQ0xJRU5UUElETUFQOjE7dXJuOnV1aWQ6NTNlMzc0ZDktMzM3ZS0
0NzI3LTg4MDMtYTFlOWMxNGUwNTU2DQpFTkQ6VkNBUkQ=</artwork>
134 135
          </figure>

Gavin Brown's avatar
tidy  
Gavin Brown committed
136 137
          <t>If a "data:" scheme is used, the MIME type of the data MUST
          be "text/vcard".</t>
138 139 140 141
        </section>
      </section>

      <section anchor="wellknown" title="Well-Known URL">
142 143
        <t>Domain Operators MAY publish their WHOAMI record at the
        following URL:</t>
144 145 146 147 148

        <figure>
        <artwork>http://example.com/.well-known/whoami/whoami.vcf</artwork>
        </figure>

149 150
        <t>The "whoami" path segment has been registered in the
        "Well-Known URI Registry" (see <xref target="RFC5785"/>).</t>
151

152 153 154
        <t>It is RECOMMENDED that web servers which support HTTP over
        Transport Layer Security (TLS, <xref target="RFC2818"/>) provide
        a 3xx redirect to the HTTPS version of this URL.</t>
155

156 157
        <t>Software which consumes WHOAMI records MUST follow 3xx
        redirections return in server responses.</t>
158

159 160
        <t>The Content-Type header of the server response MUST be
        "text/vcard".</t>
161 162 163 164 165
      </section>

    </section>

    <section anchor="Security" title="Security Considerations">
166 167 168 169 170 171 172
      <t>WHOAMI provides no security capabilities above and beyond those
      provided by the underlying protocols it uses, namely DNS and
      HTTP.</t>

      <t>WHOAMI records in general will not be confidential: while HTTPS
      provides transport-layer security, unless some form of
      authentication is used, WHOAMI records will be freely available to
Gavin Brown's avatar
Gavin Brown committed
173 174
      anyone who requests them. Authentication of client requests is not
      covered by this document.</t>
175 176 177 178

      <t>The integrity of WHOAMI records served over DNS may be verified
      using DNSSEC validation. The use of TLS ensures that records
      served over HTTPS have not been modified in-transit.</t>
179 180 181
    </section>

    <section anchor="Privacy" title="Privacy Considerations">
182 183 184 185 186 187
      <t>Since WHOAMI records are not private, the information included
      in a WHOAMI record is exposed to the public. Domain owners should
      therefore exercise caution when entering information into their
      WHOAMI record. For example, rather than publishing the contact
      informations of people, role-based contact information SHOULD be
      used instead.</t>
188 189 190 191
    </section>

    <section anchor="IANA" title="IANA Considerations">
      <t>This specification registers the "whoami" well-known URI in the
192 193
      "Well-Known URIs" registry as defined by <xref
      target="RFC5785"/>.</t>
194 195 196 197 198 199 200 201
      <t>URI suffix:  whoami</t>
      <t>Change controller:  IETF</t>
      <t>Specification document(s):  (this document)</t>
      <t>Related information:  no remarks</t>
    </section>
  </middle>

  <back>
202

203
    <references title="Normative References">
Gavin Brown's avatar
tidy  
Gavin Brown committed
204 205 206 207 208 209
      &RFC2119;
      &RFC2397;
      &RFC2818;
      &RFC5785;
      &RFC6335;
      &RFC7553;
210
    </references>
211

212
    <references title="Informative References">
Gavin Brown's avatar
tidy  
Gavin Brown committed
213 214
      &RFC3912;
      &RFC7480;
215 216 217 218 219 220 221 222 223 224 225
    </references>

    <section title="Change History">
      <section title="Change from 01 to 02" anchor="change-01-to-02">
        <t><list style="numbers">
          <t>Removed all the layer-9 stuff.</t>
        </list></t>
      </section>

      <section title="Change from 00 to 01" anchor="change-00-to-01">
        <t><list style="numbers">
226 227
          <t>Fixed well-known URI registration, various typos. Improved
          consistency of terminology.</t>
228 229 230
        </list></t>
      </section>
    </section>
231

232
  </back>
Gavin Brown's avatar
Gavin Brown committed
233
</rfc>