Tanks for posting the draft, Mario. One quick question: RFC 5734 (Extensible Provisioning Protocol (EPP) Transport over TCP) states that “Mutual client and server authentication using the TLS Handshake Protocol is REQUIRED”. Section 8 of the draft weakens this requirement, stating that “servers SHOULD require clients to present a digital certificate”. HTTPS requires both TCP and TLS, so why weaken the requirement?
Scott From: regext <[email protected]> On Behalf Of Mario Loffredo Sent: Wednesday, February 21, 2024 2:15 AM To: [email protected] Subject: [EXTERNAL] [regext] Fwd: New Version Notification for draft-loffredo-regext-epp-over-http-03.txt Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hi all, just submitted a new version of draft-loffredo-regext-epp-over-http. Here in the following the most relevant updates: 1. Has been made fully compliant with RFC 5730 2. Aligns with the structure and makeup of EPP over TCP (EoT) in RFC 5734 3. Fully pluggable transport for EPP with EoT 4. Verisign added as co-authors If the agenda of next meeting was not full, I would like to have a 10-minute slot to present the updates a bit more in detail. Any feedback is appreciated. Best, Mario -------- Messaggio Inoltrato -------- Oggetto: New Version Notification for draft-loffredo-regext-epp-over-http-03.txt Data: Tue, 20 Feb 2024 23:11:09 -0800 Mittente: [email protected]<mailto:[email protected]> A: Dan Keathley <[email protected]><mailto:[email protected]>, Daniel Keathley <[email protected]><mailto:[email protected]>, James Gould <[email protected]><mailto:[email protected]>, Lorenzo Luconi Trombacchi <[email protected]><mailto:[email protected]>, Lorenzo Trombacchi <[email protected]><mailto:[email protected]>, Mario Loffredo <[email protected]><mailto:[email protected]>, Maurizio Martinelli <[email protected]><mailto:[email protected]> A new version of Internet-Draft draft-loffredo-regext-epp-over-http-03.txt has been successfully submitted by James Gould and posted to the IETF repository. Name: draft-loffredo-regext-epp-over-http Revision: 03 Title: Extensible Provisioning Protocol (EPP) Transport over HTTP Date: 2024-02-20 Group: Individual Submission Pages: 10 URL: https://www.ietf.org/archive/id/draft-loffredo-regext-epp-over-http-03.txt<https://secure-web.cisco.com/1KC6jFTUqMZOdJ6Po7DLUvEx4bz0ukpJdTEJRZF3dOUg7kFe2kdc4o1QYJSN-A5KRI4ajga3mx9j5Tsu1bi5St5Cx-uNAPP-zwZf_HA62hPwz_9eg00egGGltzTsNNaDizHZCJ8Qfk_M3mODWdby1rFTWL-6XrwRg7jx4CAvpx2iygBoEYzI8nSfyrndF2LS3hCQzMKD9uwb2RWuaAlkMVLJlEApMtxPPTF80K-Epc3S4QwSDz7vCBUTOBc9MwJ9HP1_piTsR_qHHxi4hxILn5bJxyanwkmh2HtYgTGuGrh4/https%3A%2F%2Fwww.ietf.org%2Farchive%2Fid%2Fdraft-loffredo-regext-epp-over-http-03.txt> Status: https://datatracker.ietf.org/doc/draft-loffredo-regext-epp-over-http/<https://secure-web.cisco.com/1WgECIVUjOIAsR-iTFVZofRj22KELPh2hR8mXqt4Ah1RMjkgzKWNgiSYSqjhaC9jGxs2cZbo78tWGijeobZgLB-BWiu0HdBadbM28kt_fooT0Q_E4EmZIh5b-HgRmf7cfA2xW3Jcui1LwreE8les4WDgk91q0c1uVcgT4n2MJgRthft2VpOGu1zCSQhc803p20A9z0q9dQS2MRPq9j8VEPAiJ9kgkXdsmP4hGRtbTga0F8_Wd1hHV1gdDQIDMu_txRFAC-fPjrizrYpJwVy50rv9zq5TeoIabT7CQTRAHU68/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-loffredo-regext-epp-over-http%2F> HTMLized: https://datatracker.ietf.org/doc/html/draft-loffredo-regext-epp-over-http<https://secure-web.cisco.com/1myv8wfhgRLMpRy662lU3LEpvfhXhlua4LmjwmAXrUQVz-SCnWY8NRdZrR5_sVzPKSomr0tAgTTlHV8IeplBfyGb4GuUKwmrSVbViybxm3Hs_9FFlnvoaoLt-eKH29bmOk-AuKVN05pZR_25b-GEHyQswHoPuqmPqqDR-0m4hfJBUNziLQkYTcmMvQWYvZP7jTRw2TH9A7mimZVgX-t_YHRknBIo6VIsRoYsnpLQ0pU9-pkSvfbV2ZBi9Z9AtE9nsBoXOXj-tkY3NKf4VlBN9MBPGWuHFuYEcHsifeI3a1WE/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-loffredo-regext-epp-over-http> Diff: https://author-tools.ietf.org/iddiff?url2=draft-loffredo-regext-epp-over-http-03<https://secure-web.cisco.com/12jI5T3lqP1oAgYgBbf_sR7EUAcL6VKmKLkg2ylT0ex8vwIKgjRHZ23Y0CD2WITQBuuLaQ2ksuqC0wswgmdwPrTl3Nh04Ww9tfhzLmUBBIFzgzTCXyQqSJUiSuo02WMuefoj4FvdkPczACJYDVH_FPgB9NSHwsBf3FusBpBfOuRG24bIj-uEGOxnDzLf3hXuChwIWRZrEn69Lkm45r8V_I_kLZaSfpxGhi-eCgCiKByBtLngPzbReNyOuB3Jytgp2e9Nna_6jLwOEwRx1pkntina57RexI6eqTRyG8JvT5h0/https%3A%2F%2Fauthor-tools.ietf.org%2Fiddiff%3Furl2%3Ddraft-loffredo-regext-epp-over-http-03> Abstract: This document describes how an Extensible Provisioning Protocol (EPP) session is mapped onto a Hypertext Transfer Protocol (HTTP) connection. EPP over HTTP (EoH) requires the use of Transport Layer Security (TLS) to secure EPP information (i.e. HTTPS). The IETF Secretariat
_______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
