IETF Logo Mail Archive

Re: [eppext] [IANA #814703] INSERT “Common Object Attribute (COA) Extension for the Extensible Provisioning Protocol (EPP) "

"Gould, James" <JGould@verisign.com> Wed, 01 April 2015 15:41 UTC

Return-Path: <JGould@verisign.com>
X-Original-To: eppext@ietfa.amsl.com
Delivered-To: eppext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7327D1ACE59 for <eppext@ietfa.amsl.com>; Wed, 1 Apr 2015 08:41:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.289
X-Spam-Level:
X-Spam-Status: No, score=-2.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yLrieXWaMuIC for <eppext@ietfa.amsl.com>; Wed, 1 Apr 2015 08:41:25 -0700 (PDT)
Received: from mail-qg0-f99.google.com (mail-qg0-f99.google.com [209.85.192.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8134E1ACDE2 for <eppext@ietf.org>; Wed, 1 Apr 2015 08:40:26 -0700 (PDT)
Received: by qgdq107 with SMTP id q107so1155548qgd.1 for <eppext@ietf.org>; Wed, 01 Apr 2015 08:40:25 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:thread-topic:thread-index :date:message-id:references:in-reply-to:accept-language :content-language:content-type:mime-version; bh=HBjGmCRW5wofymveOClMl71UJibrqgWLGncBG6l1uos=; b=SYfkf7t78ROgAWcnaFsSxCOBqBaionrMXOKXDpxWN2rWjrkF5FkDPpP7/sPa9xKY8W CZzAFTAUpWUdce0O9o++8WuIm1tg3om2GVkTAmfT8oBeO8ktKsIXqrTD4hw2/vE0w+wQ GUVuCMaFP2+XuhVWyRGesJTUjnkYiNqAjS3jWH2q1+mXDjHHMjKXtqy2px/sXM6cDhLU eGizlXz0FF20rB0Ag2Pyc9KN9SgC3nqq90yZh6KjENGi+d/JYlUFEZ5GdLmnwtSBzRgb G659mqVL23hQoRstjKKH1Ye94JUq+AWggexxYyO6qbcc5N7dbiH4vn6sTkcHjJzJVaDu iGzQ==
X-Gm-Message-State: ALoCoQl0eSpHaVO75SLaX+t3hNW3S/qy+xJttupyf9DRwONuw9EYfjiMiSJxNzJSd+rkQvWvZSnXDpQ7CA3SlGCBdATargkdTg==
X-Received: by 10.55.31.168 with SMTP id n40mr1197444qkh.56.1427902825633; Wed, 01 Apr 2015 08:40:25 -0700 (PDT)
Received: from brn1lxmailout01.verisign.com (brn1lxmailout01.verisign.com. [72.13.63.41]) by mx.google.com with ESMTPS id hx9sm522707qcb.3.2015.04.01.08.40.25 (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 01 Apr 2015 08:40:25 -0700 (PDT)
X-Relaying-Domain: verisign.com
Received: from brn1wnexcas01.vcorp.ad.vrsn.com (brn1wnexcas01 [10.173.152.205]) by brn1lxmailout01.verisign.com (8.13.8/8.13.8) with ESMTP id t31FeOnW018097 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 1 Apr 2015 11:40:24 -0400
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Wed, 1 Apr 2015 11:40:24 -0400
From: "Gould, James" <JGould@verisign.com>
To: Alexander Mayrhofer <alexander.mayrhofer@nic.at>
Thread-Topic: =?utf-8?B?W2VwcGV4dF0gW0lBTkEgIzgxNDcwM10gSU5TRVJUIOKAnENvbW1vbiBPYmpl?= =?utf-8?B?Y3QgQXR0cmlidXRlIChDT0EpIEV4dGVuc2lvbiBmb3IgdGhlIEV4dGVuc2li?= =?utf-8?Q?le_Provisioning_Protocol_(EPP)_"?=
Thread-Index: AQHQZMduV43PMrweGUOJCgZR82CJxZ0qUiOwgA5BMwCAAAp+gA==
Date: Wed, 1 Apr 2015 15:40:24 +0000
Message-ID: <F62E481A-9133-47EF-A86F-3742796FC00B@verisign.com>
References: <RT-Ticket-814703@icann.org> <6F585EDF-46C2-418B-8E7C-6E40335E129F@verisign.com> <rt-4.2.9-2033-1427127836-1220.814703-9-0@icann.org> <831693C2CDA2E849A7D7A712B24E257F49F89999@BRN1WNEXMBX01.vcorp.ad.vrsn.com> <19F54F2956911544A32543B8A9BDE07546798B14@NICS-EXCH2.sbg.nic.at>
In-Reply-To: <19F54F2956911544A32543B8A9BDE07546798B14@NICS-EXCH2.sbg.nic.at>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.173.152.4]
Content-Type: multipart/related; boundary="_004_F62E481A913347EFA86F3742796FC00Bverisigncom_"; type="multipart/alternative"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/eppext/4ULO6JUJJEuN_Z5I-c0_SykKF-w>
Cc: "Hollenbeck, Scott" <shollenbeck@verisign.com>, "eppext@ietf.org" <eppext@ietf.org>
Subject: Re: [eppext] =?utf-8?q?=5BIANA_=23814703=5D_INSERT_=E2=80=9CCommon_Ob?= =?utf-8?q?ject_Attribute_=28COA=29_Extension_for_the_Extensible_Provision?= =?utf-8?q?ing_Protocol_=28EPP=29_=22?=
X-BeenThere: eppext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPPEXT <eppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eppext>, <mailto:eppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/eppext/>
List-Post: <mailto:eppext@ietf.org>
List-Help: <mailto:eppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eppext>, <mailto:eppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 15:41:28 -0000

Alex,

Thank you for the review and thoughtful comments.  I provide feedback to your comments below.


—


JG


[cid:77031CC3-BE7A-4188-A95F-D23115A30A4D@vcorp.ad.vrsn.com]

James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

VerisignInc.com<http://VerisignInc.com>

On Apr 1, 2015, at 11:02 AM, Alexander Mayrhofer <alexander.mayrhofer@nic.at<mailto:alexander.mayrhofer@nic.at>> wrote:

All,

As one of the assigned Designated Experts, I've completed my review of the extension and I have the following (minor) comments:

- From reading the " VERISIGN PROPRIETARY INFORMATION" paragraph, i understand that i cannot "copy or communicate" the documentation under the link without "written prior consent of Verisign". I'm not a legal person, but personally i find this an restriction that is inappropriate for a public web page, because i can hardly even "view" the web page without my web browser "copying" it to its cache ... Anyways, i understand that such "boilerplates" are a requirement of many companies, and this probably stems from a paper version of this document?


Yes, this is standard Verisign copyright language that is applied to all of the proprietary extensions.


- I do understand the XML namespace URI currently used in the document is not yet registered in the IANA XML registry, and i suggest that authors register it accordingly once the EPP extension itself is registered.

By convention, all of the custom Verisign extensions used a URI starting with “http://www.verisign-grs.com/epp/” or “http://www.versisign.com/epp/”, since there was no intent on them being used outside of the Verisign registries.  We will consider registering these URI’s independently with the IANA XML registry.


- I didn't see in the document whether or not a certain KEY could be used multiple times for a single object, or not. Clarifying this could improve interopability, and Section 2.1 would probably be an appropriate place. From the description of the "update" command, the KEY seems to be used to identify a certain Key/Value pair, so duplicate KEYs are likely not intended?


You are correct, this is Verisign’s version of a key/value pair extension, where the keys are unique and cannot be duplicated.  We could look to make that clearer in the extension.

- The specification is silent about error conditions, and does not recommend any specific EPP error codes for specific situations (eg. when an "update" tries to remove an attribute that is not set for an object, or when an attribute is not allowed due to server policy).


Good point; although the EPP RFC 5730 provides a good set of error codes that map well to most common use cases (e.g. 2303 “Object does not exist” for an “update” that tries to remove a non-existent key or 2306 “Parameter value policy error” for a non-supported key) in the extension.  We could consider adding more guidance to the error conditions in the extension.

- Security: The specification does not specify whether or not CoA's provisioning by client A are returned to the info response for client B. I hence understand that this is server policy? If there are any restrictions on server policy in this regard, those should be listed - or, alternatively, it should be clarified that this is individual server policy.


In general, keys set by client A will not be available to B in an info response, but there may be some keys that are less restrictive.  The actual keys supported and the policies for the keys would be defined outside of the extension, so we could consider adding clarifying text about the keys being defined external to the extension along with their security requirements.


tia & thanks,
Alex

-----BEGIN FORM-----
Name of Extension:
“Common Object Attribute (COA) Extension for the Extensible Provisioning
Protocol (EPP)"

Document Status:
Informational

Reference:
http://www.verisigninc.com/assets/epp-sdk/verisign_epp-
extension_coa_v00.html

Registrant Name and Email Address:
VeriSign Inc., epp-registry@verisign.com

TLDs: Any

IPR Disclosure: None

Status: Active

Notes: None
-----END FORM-----

—


JG





James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

VerisignInc.com

“This message (including any attachments) is intended only for the use of the
individual or entity to which it is addressed, and may contain information that
is non-public, proprietary, privileged, confidential and exempt from
disclosure under applicable law or may be constituted as attorney work
product. If you are not the intended recipient, you are hereby notified that
any use, dissemination, distribution, or copying of this communication is
strictly prohibited. If you have received this message in error, notify sender
immediately and delete this message immediately.”

Download BF09FAA4-32D8-46E0-BED0-CD72F43BD6E0[81].png

image/png 4KiB

_______________________________________________
EppExt mailing list
EppExt@ietf.org
https://www.ietf.org/mailman/listinfo/eppext
_______________________________________________
EppExt mailing list
EppExt@ietf.org<mailto:EppExt@ietf.org>
https://www.ietf.org/mailman/listinfo/eppext

v2.8.7 | Report a Bug | By Email