Verisign

12061 Bluemont Way Reston 20190 US VA zalbanna@verisign.com

Verisign

12061 Bluemont Way Reston 20190 US VA shollenbeck@verisign.com

Internet Registration Extensions (REGEXT) This document describes an extension of the Registration Data Access Protocol (RDAP) that includes DNS DELEG values in responses to RDAP domain object queries.

Introduction This document describes an extension of the Registration Data Access Protocol (RDAP) that includes DNS DELEG values in responses to RDAP domain object queries as described in section 5.3 of RFC 9083 . The definition of DNS DELEG information is based on concepts described in Internet-Draft "Extensible Delegation for DNS" and Internet-Draft "Extensible Provisioning Protocol (EPP) mapping for DELEG records" . This draft is subject to changes that may take place in [DELEG] and [brown-epp-deleg] as they are developed. This document describes how DNS DELEG record information can be included in RDAP responses that contain RDAP domain objects.

Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

RDAP Conformance RDAP responses that contain values described in this document MUST indicate conformance with this specification by including an rdapConformance () value of "deleg". The information needed to register this value in the RDAP Extensions Registry is described in .

Example rdapConformance structure with extension specified: "rdapConformance" : [ "rdap_level_0", "deleg" ]

RDAP Response Specification This specification describes a new data structure that is used to return DNS DELEG information in a RDAP domain response. s described in Internet-Draft "Extensible Delegation for DNS" [DELEG], a DELEG record is a specialized form of a DNS SVCB [RFC9460] resource record. "deleg_delegInfo" is a data structure that contains information that describes DNS DELEG record information associated with a registered domain name. The "deleg_delegInfo" data structure is a list of objects. The list of objects contains the following members whose values and presentations are described in Section 2.1, and Appendix A of RFC 9460 : "priority": a number that represents the SvcPriority value of the record. "target": a domain name that represents the TargetName of the record. "params": an OPTIONAL object that contains SvcParam key-value pairs.

Examples of deleg_delegInfo Example 1: single DELEG AliasMode record type from a single provider based on the example shown in section 2.2 of [DELEG]: Example 2: multiple DELEG AliasMode records type from multiple providers based on the example shown in section 2.2.1 of [DELEG]: Example 3: single DELEG ServiceMode record type from a single provider based on the example shown in section 2.1 of [DELEG]: Example 4: multiple DELEG ServiceMode records type from multiple providers based on the example shown in section 5.1.1 of [brown-epp-deleg]:

Examples of full RDAP responses including deleg_delegInfo Example 1: Domain object class with a single DELEG AliasMode record type: Example 2: Domain object class with multiple DELEG ServiceMode records:

IANA Considerations IANA is requested to register the following value in the RDAP Extensions Registry: Extension identifier: deleg Registry operator: Any Published specification: this document Contact: IETF <iesg@ietf.org> Intended usage: this extension describes how DNS DELEG records values can be included in RDAP responses.

Security Considerations The Security Considerations described in RFC 9083 are applicable to this extension.

Acknowledgments The following individuals have provided feedback and contributions to the content and direction of this document: James Gould

Normative References In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. This document describes JSON data structures representing registration information maintained by Regional Internet Registries (RIRs) and Domain Name Registries (DNRs). These data structures are used to form Registration Data Access Protocol (RDAP) query responses. This document obsoletes RFC 7483. iThis document specifies the "SVCB" ("Service Binding") and "HTTPS" DNS resource record (RR) types to facilitate the lookup of information needed to make connections to network services, such as for HTTP origins. SVCB records allow a service to be provided from multiple alternative endpoints, each with associated parameters (such as transport protocol configuration), and are extensible to support future uses (such as keys for encrypting the TLS ClientHello). They also enable aliasing of apex domains, which is not possible with CNAME. The HTTPS RR is a variation of SVCB for use with HTTP (see RFC 9110, "HTTP Semantics"). By providing more information to the client before it attempts to establish a connection, these records offer potential benefits to both performance and privacy. Informative References A delegation in the Domain Name System (DNS) is a mechanism that enables efficient and distributed management of the DNS namespace. It involves delegating authority over subdomains to specific DNS servers via NS records, allowing for a hierarchical structure and distributing the responsibility for maintaining DNS records. An NS record contains the hostname of the nameserver for the delegated namespace. Any facilities of that nameserver must be discovered through other mechanisms. This document proposes a new extensible DNS record type, DELEG, which contains additional information about the delegated namespace and the capabilities of authoritative nameservers for the delegated namespace. ICANN ICANN This document describes an extension to the Extensible Provisioning Protocol ([STD69]) which allows clients to provision DELEG records for domain names.