Re: [regext] Object template extension

2018-05-28 Thread Pieter Vandepitte 
Thanks Patrick for the full history on templates and groups

In mean time I looked to the .cz extension and it seems they serve the same 
purpose.

I think the 2 flavours for nameservers should not be an obstacle. When using a 
template, it would be possible to use either host links vs host attributes. It 
depends on how you design it.

I see a big difference with bulk updates. Bulk updates equals to lots of data 
to be transferred.
With templates, you further "normalize" the data model. It is comparable with 
contact updates: when you change the name of a contact, all WHOIS data of 
domains having the same contact id are updated with a single update command. 
When you change a template by updating nameservers/DNSSEC data/..., all DNS 
data of domains having the same template id are updated with a single command. 
The client is relieved of the burden to check whether all domains with the same 
DNS "profile" are updated and it does not have to perform a bulk update of 
thousands of domains.

I'm also not in favour of a protocol extension for bulk updates. The reason is 
that it is already possible. A client may handle updates asynchronously and can 
shoot a list of command to the EPP server. 

Kind regards

Pieter


> On 26 May 2018, at 04:48, Patrick Mevzek  wrote:
> 
> Pieter,
> 
> On Fri, May 25, 2018, at 21:37, Pieter Vandepitte wrote:
>> The registry I work for, developed a custom extension to manage 
>> "nameserver" groups and "keygroups". When a registrar links a group to a 
>> domain, all member nameservers/keys of that group are automatically 
>> linked to that domain. This way, it is very convenient for DNS operators 
>> to update DNS data on their complete domain portfolio with a single 
>> group update, without forgetting a domain.
>> 
>> It is used quite a lot, but I did not find other registries having this 
>> kind of functionality (I did not perform an extensive search). I'm quite 
>> sure we are not the only ones, so do you know other registries having 
>> this?
> 
> I know two extensions:
> 
> - the .BE/.EU one: the last time I have looked at them, it was the same, 
> except for the namespace
> - the .CZ one, in fact in their Fred open source EPP server (so probably used 
> for their others TLDs), see 
> https://fred.nic.cz/documentation/html/EPPReference/ManagedObjects/Nssets.html
> and
> https://fred.nic.cz/documentation/html/EPPReference/ManagedObjects/Keysets.html
> 
> 
>> From memory, they cater for the same needs, but are basically incompatible, 
>> besides the namespace.
> Starting with the terminology: "group" on one side, "set" on the other.
> 
> I would add 2 remarks:
> - for nameservers it seems to me to make more sense when hosts are objects, 
> instead of attributes while obviously it works in both case. The world is 
> quite divided on this, gTLDs are mostly (only?) in the objects group, while 
> ccTLDs are predominantly in the attributes group
> - for DNSSEC material, here we hit another problem, the DS vs DNSKEY 
> dichotomy, partially reflected in the dsData vs keyData interfaces of 
> secDNS-1.1
> All grouping cases only make sense of course with the DNSKEY case, because 
> the DS depends on the domain. Again, without any hard facts, I still believe 
> that most registries are using the DS case. Some, even with the dsData 
> interface, ask also for the underlying keyData, but only to check that the DS 
> was correctly computed.
> 
> Also, such kind of features have consequences for transfers.
> 
>> Is there any interest from the community to offer such a feature to 
>> their registrars and collaborate on a common extension? I think of 
>> something more generic in a way that a registrar can create a "template" 
>> for any kind of object and apply that template to other objects. This 
>> way, besides the benefits for DNS operators, a registrar could also 
>> define e.g. a default admin contact for every domain, or even apply 
>> custom extensions to every domain…
> 
> Note that there were various attempts to define features such as templates, 
> containers, or bulk operations.
> 
> Specifically for bulk operations, since the discussions often circled around 
> that the primary argument was that EPP is a provisioning protocol and as such 
> is not tailored for bulk operations. Which brings immediately this counter 
> argument: ... but you can query for more than one object in a given  
> command.
> 
> Note that while not completely the same, issues of "bundling"  domain names 
> due to IDN variants typically is also loosely related to all of this.
> 
> One of the latest iteration around these concepts was this draft:
> https://tools.ietf.org/html/draft-gould-regext-dataset-01
> 
> HTH,
> 
> -- 
>  Patrick Mevzek
> 
> ___
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext

___
regext mailing list
regext@ietf.org

Re: [regext] Object template extension

2018-05-25 Thread Mario Loffredo 


Inviato da iPhone

> Il giorno 25 mag 2018, alle ore 21:37, Pieter Vandepitte 
>  ha scritto:
> 
> Hi all,
>  
> The registry I work for, developed a custom extension to manage "nameserver" 
> groups and "keygroups". When a registrar links a group to a domain, all 
> member nameservers/keys of that group are automatically linked to that 
> domain.. This way, it is very convenient for DNS operators to update DNS data 
> on their complete domain portfolio with a single group update, without 
> forgetting a domain.
>  
> It is used quite a lot, but I did not find other registries having this kind 
> of functionality (I did not perform an extensive search). I'm quite sure we 
> are not the only ones, so do you know other registries having this?

..cz and I think all the registries using FRED software. You can find the 
extensions in the RDAP response. They are named nsset and keyset.
>  
> Is there any interest from the community to offer such a feature to their 
> registrars and collaborate on a common extension? I think of something more 
> generic in a way that a registrar can create a "template" for any kind of 
> object and apply that template to other objects. This way, besides the 
> benefits for DNS operators, a registrar could also define e.g. a default 
> admin contact for every domain, or even apply custom extensions to every 
> domain…
>  
> Any feedback welcome
>  
> Kind regards,
>  
> Pieter


Regards
Mario
> ___
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext
___
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext

[regext] Object template extension

2018-05-25 Thread Pieter Vandepitte 
Hi all,
 
The registry I work for, developed a custom extension to manage "nameserver" 
groups and "keygroups". When a registrar links a group to a domain, all member 
nameservers/keys of that group are automatically linked to that domain. This 
way, it is very convenient for DNS operators to update DNS data on their 
complete domain portfolio with a single group update, without forgetting a 
domain.
 
It is used quite a lot, but I did not find other registries having this kind of 
functionality (I did not perform an extensive search). I'm quite sure we are 
not the only ones, so do you know other registries having this?
 
Is there any interest from the community to offer such a feature to their 
registrars and collaborate on a common extension? I think of something more 
generic in a way that a registrar can create a "template" for any kind of 
object and apply that template to other objects. This way, besides the benefits 
for DNS operators, a registrar could also define e.g. a default admin contact 
for every domain, or even apply custom extensions to every domain…
 
Any feedback welcome
 
Kind regards,
 
Pieter___
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext