At Tue, 2 Mar 2010 16:53:53 +0100, Antoin Verschuren wrote: > The path is usualy even more complicated. > I've identified this stream of contractual relationships in a > registration process: > > registry-registrar-reseller-registrant-dns_operator > > (some roles may be duplicated or absent, some market players > may perform 2 or more roles at once, ... > ...
Don't we talk about pushing the information from the child to the parent? So there's one more logical entity involved; most likely this way: vvvvvvvvvvvvvvv vvvvvvvvvvvvv dns_op(parent)-registry-registrar-reseller-registrant-dns_op(child) The dns_op(child) might alternatively have a direct contractual relationship with the reseller, registrar, or even registry instead -- depending on business model, regulation, location in the DNS tree, etc. Many of {registrant, reseller, registrar} will not be interested in tracing or even seeing the DNSSEC 'anchor' data passing by, or might not even be on the administrative path "naturally" being taken by the data (in the alternative cases). The only party doubtlessly interested in such seems to be the responsible for the parent zone content, i.e. the registry. But that does not exclude a priori direct in-band communication between dns_op(child) and dns_op(parent), with a 'gating' function located at the registry for the actual updates at the parent (similar to the way how NTIA acts on the root zone). Thus one _possible_ communication model might be: dns_op(parent) registry registrar reseller registrant dns_op(child) ^ \_<_b_>__/ | | a | `-------------------------------------------------------' o a could be in-band with good authentication and integrity protection (or RFC 1149/2549, if needed/preferred), o b could be EPP (+ suitable extension); and o the workflow management within dns_op(parent) is a local matter. Kind regards, Alfred. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: a...@tr-sys.de | +------------------------+--------------------------------------------+ _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop