Hi Jim and Mario, > On 2 Mar 2022, at 13:01, Gould, James <jgo...@verisign.com> wrote: > > Mario, > > Thank you for sharing the draft. We implemented EPP/HTTPS in parallel with > EPP/TLS a while back for many years. In the end, there were very few > registrars that chose to use EPP/HTTPS, so it was shutdown. I’m not sure at > this point whether there is hunger from the registrars to implement > EPP/HTTPS.
At least one registrar (DNSimple) had a go at writing an EPP over HTTPS spec a few years ago, regrettably it didn't get very far (for which I am partly to blame): https://github.com/aeden/epp-over-http I think now is a good time to reassess the appetite for EPP over HTTPS. As we all move to the cloud, where almost everything uses HTTP as a substrate, it becomes harder to deploy protocols that aren't based on HTTP in a cloud-native way, both on the client side and the server side. From the security point of view, while EPP has a relatively small attack surface, if you're a registry, you're somewhat limited in terms of the third-party security services you can deploy to protect it. The same is true of whois, but at least we know that whois will one day be replaced by RDAP, which is HTTP based. I look forward to one day putting my entire infrastructure behind $YOUR_CLOUD_BASED_REVERSE_PROXY_OF_CHOICE - which necessitates retiring (or at least deprecating) ports 43 and 700. G. -- Gavin Brown Head of Registry Services CentralNic Group plc (LSE:CNIC) https://centralnicregistry.com Cal: http://cnic.link/gbcalendar CentralNic Group plc is a company registered in England and Wales with company number 8576358. Registered Offices: Saddlers House, Gutter Lane, London EC2V 6BR. https://www.centralnic.com _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
