IETF Logo Mail Archive

Re: [DNSOP] Review of draft-manderson-rdns-xml-01

George Michaelson <ggm@algebras.org> Tue, 13 August 2013 00:04 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5F1511E80F0 for <dnsop@ietfa.amsl.com>; Mon, 12 Aug 2013 17:04:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.443
X-Spam-Level:
X-Spam-Status: No, score=-2.443 tagged_above=-999 required=5 tests=[AWL=0.533, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oY+Wc0G4OSH1 for <dnsop@ietfa.amsl.com>; Mon, 12 Aug 2013 17:04:21 -0700 (PDT)
Received: from mail-pb0-f53.google.com (mail-pb0-f53.google.com [209.85.160.53]) by ietfa.amsl.com (Postfix) with ESMTP id 04E9111E80ED for <dnsop@ietf.org>; Mon, 12 Aug 2013 17:04:20 -0700 (PDT)
Received: by mail-pb0-f53.google.com with SMTP id up15so7302011pbc.26 for <dnsop@ietf.org>; Mon, 12 Aug 2013 17:04:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=VZJ+XCgSXu00qAM3L3rDNwtNJTO6aTl2gTkhUPYFsXQ=; b=YjN0XD/N2Bt06U5wFaWZWl/+Scfqc1qzeK/0KieADduQlSQpzjQm/2QU1sDb0ATkKX QJISqKe7o2CROHjoIFGD8LPwaWpv699YQ3xlEnLxyQ1CQlRyoQPkpmMmHZXRYUARnktn rYUzgcawRAhNycT55fG6fuA/jLjDKwqev8rACTXK4YTDQ/t8b+GSEyj00hc+QVFyt74a dLfxsXnYgdnuXp9ikh3qSE46pJ3H2p3wiC7RcTE9ZjTjvg1LL8tpeFzx7RoQvOZx6Hfy wTd0h3Y7uN08wKBQ/UKmoNbmQz1dEyQJ994xlUHPF+psmlpOf6J2VNmRfm6iYVymQob1 Eb0Q==
X-Gm-Message-State: ALoCoQkHjOD9WGYAC5ZIdXWgaNKTETUelje9psTFh0X1sBgU3SwoYPo/2aKBH5IEVyjgg3vkyl0m
MIME-Version: 1.0
X-Received: by 10.66.163.199 with SMTP id yk7mr1539868pab.136.1376352260619; Mon, 12 Aug 2013 17:04:20 -0700 (PDT)
Received: by 10.70.19.98 with HTTP; Mon, 12 Aug 2013 17:04:20 -0700 (PDT)
X-Originating-IP: [2001:dc0:a000:4:b135:e004:f9ed:5af3]
In-Reply-To: <9B4EAB28-0301-474D-9F87-2BC49E55DB01@nzrs.net.nz>
References: <92F4C715-FF72-4CEE-9C17-134932228F13@nzrs.net.nz> <8247861913252083991@unknownmsgid> <9B4EAB28-0301-474D-9F87-2BC49E55DB01@nzrs.net.nz>
Date: Tue, 13 Aug 2013 10:04:20 +1000
Message-ID: <CAKr6gn2bXzBP5-=Hj255e5uAEOoPLwdpOyeXzLu608CNm-vOQA@mail.gmail.com>
From: George Michaelson <ggm@algebras.org>
To: Jay Daley <jay@nzrs.net.nz>
Content-Type: multipart/alternative; boundary="047d7b86e54094949704e3c8fbbc"
Cc: dnsop WG <dnsop@ietf.org>, Joe Abley <jabley@hopcount.ca>
Subject: Re: [DNSOP] Review of draft-manderson-rdns-xml-01
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Aug 2013 00:04:25 -0000

My personal view, from deep time, is that this protocol was offered into
the process facing upwards, as a result of an applications REST interface
which was developed in APNIC facing downwards. Terry may have a different
perspective but thats my sense: we had this working in-house as a
lightweight mechanism to solve a specific problem and it happened to be a
good fit for a very similar problem facing our parents in reverse-DNS
provisioniong.

We have frequently discussed EPP for Internet Number Resources (INR) in the
RIR system, and never found it a good fit. Ed Lewis demonstrated extensions
at an APNIC meeting in my deep memory. The critique is: its hugely complex,
and based on binary prototcols in ways we don't find tractable. The
positives are that many holders of INR have an investment in EPP to do
their provisioning for customers with domain names. The break point is that
while the provisioning investment has been made, its different people
inside the INR holding entity, and the current number holders are more
familiar with textual update mechanisms like RPSL, whois objects, and REST.

I think EPP's time window to be deployed has come and gone. thats just my
personal opinion.

-G




On Tue, Aug 13, 2013 at 9:28 AM, Jay Daley <jay@nzrs.net.nz> wrote:

>
> On 13/08/2013, at 10:57 AM, Joe Abley <jabley@hopcount.ca> wrote:
>
> > Hi Jay,
> >
> > I'm not sure I understand your conclusion. Why do you think this
> > running system should not be documented in an RFC?
> >
> > If it was a private-use protocol being used for private purposes, I
> > could see what you're getting at. However, it's neither: it's a
> > protocol in use between different organisations being used to support
> > an aspect of public infrastructure (the reverse DNS trees).
>
> I'm not sure how you can describe this as anything other than a private
> protocol. Yes it is part of the public infrastructure but then there are a
> myriad of private EPP extensions out there that also work on the public
> infrastructure and yet would equally not be suitable for an RFC.  So I
> don't think the 'public infrastructure' argument holds water.
>
> For it to be an RFC I would hope that meets a decent threshold, namely:
>
> 1.  there is at least some sense of architectural positioning in relation
> to other protocols.  This draft doesn't have that as it seems to do a small
> part of an otherwise perfectly good protocol, EPP, without any
> reference/recognition of how the two fit together.
>
> 2.  there is a relatively clean separation of layers.  This is not the
> case with this draft as it tightly binds onto HTTP.
>
> 3.  it is a public protocol.  For this to be a public protocol the rules
> are pretty clear - two implementations in different contexts.  AFAICT this
> has only one server implementation and multiple clients in the same context.
>
> While 2. can be fixed I'm not sure 1. and 3. can be.
>
> > I don't agree that there's nothing to be gained by documenting it (I
> > realise that's not exactly what you wrote, but it could be read that
> > way) and to me, the RFC series is a plausible place for that to
> > happen.
>
> There is every benefit to this being documented, I am glad that it is and
> would not wish that to change.  However using the  RFC process for a
> private protocol is inappropriate and it would be better if there was a web
> site had a section that documented all the ICANN private protocols, in much
> the same way many TLD operators do.
>
> > What am I missing?
>
> I really do not mean to cause any offence by this so apologies in advance
> if I do, but is this a case of ICANN mistaking its position here?  Yes you
> are the excellent operator of a key part of the public infrastructure but
> that doesn't mean that every protocol you develop related to your technical
> function automatically becomes an RFC when documented to a sufficient
> standard.
>
> cheers
> Jay
>
>
>
> >
> > (ObDisclaimer: Terry and I work together, but this is a personal
> > perspective; he's big and ugly enough to fight his own battles :-)
> >
> >
> > Joe
> >
> > Aue Te Ariki! He toki ki roto taku mahuna!
> >
> > On 2013-08-12, at 18:06, Jay Daley <jay@nzrs.net.nz> wrote:
> >
> >> Firstly, just to confirm that I've read the previous email from Terry
> Manderson that this draft was published more for reasons of transparency
> and starting a conversation than anything else.  So here are my comments in
> light of that:
> >>
> >> 1.  There were a number of places in this draft where I found myself
> asking "why didn't they just use EPP?".  For example:
> >>
> >> - it's a registry provisioning protocol
> >> - it's a registry provisioning protocol for NS and DS records!
> >> - it has a feature for requests to be queued and a message list to be
> polled
> >>
> >>
> >> 2.  Unless I'm being dumb (and my RelaxNG is not very good) I can't see
> any definition of either
> >>
> >> - responses to non-queued requests
> >> - errors
> >>
> >> other than the implicit standard HTTP response/error codes.
> >>
> >>
> >> 3.  It's too tightly bound to the underlying HTTP interface.  The
> response/errors is one example, another is the queue element field:
> >>
> >> # The HTTP method used to update
> >>      attribute method { "PUT" | "DELETE" },
> >>
> >> That would be better as a logical operation code (i.e. Add, Delete)
> that were mapped onto HTTP operations.
> >>
> >> 4.  Some of the key data elements that need to be provisioning are
> defined the most loosely - name the rdata field.
> >>
> >> So overall I'm pretty surprised that this path was chosen in 2011
> rather than EPP which the rest of the known universe uses for this sort of
> thing.  I realise ICANN is very much taken with lightweight REST but this
> seems to be forcing the solution onto every problem, even then solved ones.
>  However, this is indeed ICANN's choice, it is a trivial protocol and is
> working in production.  But what it isn't is a candidate for becoming an
> RFC.
> >>
> >> If the authors are interested in doing this in EPP then I would be
> willing to help.
> >>
> >> cheers
> >> Jay
> >>
> >> --
> >> Jay Daley
> >> Chief Executive
> >> .nz Registry Services (New Zealand Domain Name Registry Limited)
> >> desk: +64 4 931 6977
> >> mobile: +64 21 678840
> >> linkedin: www.linkedin.com/in/jaydaley
> >>
> >> _______________________________________________
> >> DNSOP mailing list
> >> DNSOP@ietf.org
> >> https://www.ietf.org/mailman/listinfo/dnsop
> > _______________________________________________
> > DNSOP mailing list
> > DNSOP@ietf.org
> > https://www.ietf.org/mailman/listinfo/dnsop
>
>
> --
> Jay Daley
> Chief Executive
> .nz Registry Services (New Zealand Domain Name Registry Limited)
> desk: +64 4 931 6977
> mobile: +64 21 678840
> linkedin: www.linkedin.com/in/jaydaley
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

v2.23.0 | Report a Bug | By Email