Karl and all,
Karl Auerbach wrote:
> > NSI has made an I-D of the RRP Protocol.
> >
> > http://www.ietf.cnri.reston.va.us/internet-drafts/draft-hollenbeck-rrp-00.txt
>
> Am I missing something? I looked through that and I see neither
> transaction identifiers nor timestamps. That alone could make
> reconcilation of logs and post-mortem review of race conditions nearly
> impossible.
Precisely correct here Karl, and one of many deficiencies in this
design document. But of course this is one of several I had pointed
our some time ago before this document was published. To no avail
of course. It reminds me of the lame leading the blind. And I believe
I amongst a few others made this reference before as well.
>
>
> And given the absence of a clear exchange between an existing registrar
> and a new one I see a HUGE door in the transfer mechanism for registrars
> to engage in what the long distance folks call "slamming" - the silent
> transfer of customers from one long-distance company or registry to
> another.
And we have already seen this with respect to Register.com in this
context already. More to come I am sure.
>
>
> And text based? Wow, that's an open inviation to attacks based on buffer
> overrun and packets split at cr-lf boundaries.
Not to mention several other text based security attacks. The hack in these
instances is child's play really.
>
>
> And it is text based without any concern for internationalization.
Good point here also. And one that slipped my mind... >;)
>
>
> And its expiration date representation, although it is measured to the
> millisecond, fails to include a reference to any time zone.
Tisk, tisk, indeed this is a good point as well.
>
>
> Nor does it handle IPv6.
How true.
>
>
> Seems like a rather deficient design.
Looks like a design by committee, and a very poorly technically informed
or knowledgeable one at that.
>
>
> --karl--
Regards,
--
Jeffrey A. Williams
Spokesman INEGroup (Over 95k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail [EMAIL PROTECTED]
Contact Number: 972-447-1894
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
