The document is in good shape. Section 4 discusses "Registration Locks", and cites RFC 5731. I agree with the recommendations, but the analysis is missing a key point from Section 2.3 of 5731. As stated there:
"A server MAY alter or override status values set by a client, subject to local server policies. The status of an object MAY change as a result of either a client-initiated transform command or an action performed by a server operator." Automated DNSSEC delegation trust maintenance may well be part of a server policy. These statements make it very clear that a server operator can override client-set status values subject to local server policies, and as such I think it would be helpful to note this text from 5731 in Section 4.2.2 of the draft. I also think it would be very helpful to add text that describes what a registry server operator should do if they perform an update that overrides a client-set status value. A server operator that supports EPP could notify a client using the message polling service described in Section 2.9.2.3 of RFC 5730. Perhaps something like this could be added as the last paragraph in Section 4.2.2: "Section 2.3 of RFC 5731 [RFC5731] explicitly notes that an EPP server operator may override status values set by a client, subject to local server policies. There is, however, a risk of confusion if the server operator performs actions that override the status values set by a client. This risk can be mitigated by informing the client of automated actions taken buy the server using the polling service described in Section 2.9.2.3 of RFC 5730 [RFC5730]." Scott _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
