The IESG has approved the following document: - 'Extensible Provisioning Protocol (EPP) Secure Authorization Information for Transfer' (draft-ietf-regext-secure-authinfo-transfer-07.txt) as Proposed Standard
This document is the product of the Registration Protocols Extensions Working Group. The IESG contact persons are Murray Kucherawy and Francesca Palombini. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-regext-secure-authinfo-transfer/ Technical Summary This document defines an operational practice, using the EPP RFCs, that leverages the use of strong random authorization information values that are short-lived, that are not stored by the client, and that are stored using a cryptographic hash by the server to provide for secure authorization information used for transfers. Working Group Summary The document has been discussed within the regext working group with the authors addressing all comments by incorporating agreed upon changes into the document. There was nothing worthy of noting during the WG Process. Document Quality CentralNic has a working implementation in their production environment as well as two other gTLD registry systems, and two ccTLD registry systems. Verisign has implemented a full client and server stub implementation. Personnel Document Shepherd is Jody Kolker. Area Director is Murray Kucherawy. _______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
