Redaction of Contacts and the contact handle

[huwsteadCL]

According to Sections 2.7.4.1 and 2.7.4.2 of the RDAP Response Profile the "handle" of the contact must be omitted where subject to GDPR (unless consent to publish has been given)

The problem we have is that we need to supply this value into the database (entity table) when setting up the entities and then don't (as far as I can tell) have anyway of preventing this displaying within the RDAP response.

I guess technically we could omit the ent_handle but given the requirement for the handle to be unique we could only create one contact like that (whereas in reality the vast majority of our contacts are redacted)

Is there any sensible way to work around this?

[dhfelix]

You can tell to the RedDog server, which information is public and private.
I recommend to read the next link https://www.reddog.mx/response-privacy.html

You can give us some feedback if the documention is not clear about it.

You can mark the "handle" property as "private" for all entities, an then make an special privacy for entities with some kind of role, for example, you want to show the "handle" of a registrar because is public, so you create an entity_ROLE_registrar.properties with the "handle" property mark as any.

(unless consent to publish has been given)

RedDog server do not support this point yet, but it is our plans to support it.

[huwsteadCL]

I think that the above instructions are clear.. Going to give it a go and if I get confused, I'll be back.. but your description and documentation so far makes sense

[huwsteadCL]

Very close :) - The Handle is now not showing for entities which is good. But also isn't showing for the registrar entity (which is bad :) )

I added the file attached and thought that this should have overridden the general entity setting (where handle=none). Do I need to do something further here?

entity_ROLE_registrar.properties.txt

Note: I had to rename the file to a .txt to allow GitHub to accept it. On the server it is: entity_ROLE_registrar.properties

[dhfelix]

Just to be sure and think about other possible causes of why this happens.
The version of RedDog must be at least 1.3.0.
does "registrar" appears as a role value in the entity object?

[huwsteadCL]

We are running version 1.4.1

The full entity for registrar returns as below (in which there is a role of registrar):
{
"objectClassName": "entity",
"remarks": [
{
"title": "REDACTED FOR PRIVACY",
"description": [
"Some of the data in this object has been removed."
],
"type": "object redacted due to authorization."
}
],
"links": [
{
"value": "http://reddog.blah.internal/rdap/entity/473",
"rel": "self",
"href": "http://reddog.blah.internal/rdap/entity/473",
"type": "application/rdap+json"
}
],
"port43": "whois.blah.com",
"roles": [
"registrar"
],
"publicIds": [
{
"type": "473"
}
],
"vcardArray": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"fn",
{},
"text",
"Our Registrar Name"
],
[
"org",
{},
"text",
"Our Registrar Name"
]
]
]
}

[dhfelix]

I guess I found it, should be entity_ROLE_REGISTRAR.properties
REGISTRAR in upper case

[huwsteadCL]

Perfect - Upper case did the trick fro REGISTRAR

I did try doing the same for abuse. i.e. entity_ROLE_ABUSE.properties but that doesn't seem to have worked correctly. Not sure if that is because the abuse entity is nested within the registrar entity or something else?

[dhfelix]

I'm looking at the code, and it should work for nested entities.
My assumptions are:

• The public entity does not have the role of abuse.
• The privacy for entity_ROL_ABUSE in the role section does not have the value "any"

I will inform you if I find something else.