Antoin,
I was surprised to see draft-ietf-regext-epp-registry-maintenance move to WGLC
based on the work that has been progressing on the mailing list, so at this
point I can’t support publication of the document. The document editors have
addressed my prior feedback. Upon a fresh review, below is my feedback:
1. Upon the draft passing WGLC, the version should be updated to
“maintenance-1.0”. This change should not happen now.
2. Section 3.3 “Maintenance Elements”
* I’m taking the action item to see how the existing registrar notices
map to the elements defined in this section. The registrar notices are
free-form currently, but there is some consistency of structure that needs to
be evaluated against the formal structure defined in
draft-ietf-regext-epp-registry-maintenance. I anticipate changes to the
elements in Section 3.3 “Maintenance Elements” coming out of this mapping
exercise.
3. Section 4.1.3 “EPP <info> Command”
* Nit – Change “either <maint:id>” to “either the <maint:id> child
element” and change “or <maint:list> child element” to “or the <maint:list>
child element”.
4. Section 7 “Security Considerations”
* It would be worthwhile to consider the security associated with what
maintenance information to return back to the client. A registry access point
may return maintenance information for many top-level domains (or registry
zones), where the client has authorization to access a subset of top-level
domains. My recommendation is to define the considerations that take into
account authorization of the client. For example:
i. “A
server MUST only provide maintenance information for clients that are
authorized. If a client queries for a maintenance identifier, per section
4.1.3.1 “Info Maintenance Item”, that it’s not authorized to access, the server
MUST return an EPP error result code of 2201 [RFC5730]. The list of top-level
domains or registry zones returned in the “Info Maintenance Item” response
SHOULD be filtered based on the top-level domains or registry zones the client
is authorized. Authorization of poll messages is done at the time of poll
message insertion and not at the time of poll message consumption.”
ii. The poll
message use case is a corner case, but I believe it’s important to cover it.
1. Section 9 “References”
* I believe that draft-ietf-regext-unhandled-namespaces would need to
move into the Normative References since it’s referenced in a normative
sentence.
--
JG
James Gould
Fellow Engineer
[email protected]
<applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/[email protected]>
703-948-3271
12061 Bluemont Way
Reston, VA 20190
Verisign.com <http://verisigninc.com/>
On 1/4/21, 9:40 AM, "regext on behalf of Antoin Verschuren"
<[email protected] on behalf of [email protected]> wrote:
The following working group document is believed to be ready for submission
to the IESG for publication as a standards track document:
https://secure-web.cisco.com/18eaw5Rc7eRHLW7NT557WL-OEIuRsuRZfA7LKp3BJ8CRDnwUbnkSep_2VLycXzaOvmv49tji_vZXkav_WSa0LDImf7iVSPHuVnheksrC-Z4yjC-TCdX06-Lys-gkODiVilrOZp1WOmoSapmIw9J5pD0-c_UpkQYAeekRFAzwm17KphqdWz9cW1VprZlDOloub5pH3QB11p7XdAbJQOs_f-_NiiPLxZDEVHyLx2QvUBtzvazi50NwL3TPdpF2dVgB7vFSXzLopwYOp3mnMp-e1dw/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-regext-epp-registry-maintenance%2F
This WG last call will end at close of business, Monday, 18 Januari 2021.
Please review this document and indicate your support (a simple “+1” is
sufficient) or concerns with the publication of this document by replying to
this message on the list.
The document shepherd for this document is James Galvin.
Regards,
Antoin and Jim
_______________________________________________
regext mailing list
[email protected]
https://secure-web.cisco.com/1CE4ls-J9vyi17Z5wA242rs-KkkAsctHnLiGKkA_kgQavoiXTstq55sAh91oQYVV3zS33dzM8y3GY1nYLN4gSGgjfS09ccNXbUlpHFZUgbKtUIvuU45KQpfmOn-jqJA_nGG3Bfz4IRazNKf73lHiol397BADwass3Bi3_isz7AZ066VdhCChq6fGBvIuMmp-d-elI3ur-dS4rOm7bxi21gHhBvucBpJV6ajYIeoANmEpcOT0grGvxyqHJhTTHLr9bUv34eF1HxM1l-LBv3jiguZli7S0kkBSRiHe6IGjd7Hg/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext
_______________________________________________
regext mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/regext
