Re: [eppext] Extension Registration Request: Registry Fee Extension for the Extensible Provisioning Protocol (EPP)
"Gould, James" <JGould@verisign.com> Fri, 13 February 2015 13:37 UTC
Return-Path: <JGould@verisign.com>
X-Original-To: eppext@ietfa.amsl.com
Delivered-To: eppext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5ACE31A70FE
for <eppext@ietfa.amsl.com>; Fri, 13 Feb 2015 05:37:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.561
X-Spam-Level:
X-Spam-Status: No, score=0.561 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_CHARSET_FARAWAY=2.45,
RCVD_IN_DNSWL_NONE=-0.0001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ILC7cAB_BaD5 for <eppext@ietfa.amsl.com>;
Fri, 13 Feb 2015 05:37:41 -0800 (PST)
Received: from mail-oi0-f97.google.com (mail-oi0-f97.google.com
[209.85.218.97])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 960961A70E2
for <eppext@ietf.org>; Fri, 13 Feb 2015 05:37:41 -0800 (PST)
Received: by mail-oi0-f97.google.com with SMTP id u20so987795oif.0
for <eppext@ietf.org>; Fri, 13 Feb 2015 05:37:41 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:from:to:cc:subject:thread-topic:thread-index
:date:message-id:references:in-reply-to:accept-language
:content-language:content-type:mime-version;
bh=WTUrDStq4WewXe/xhtS3bsUJRG3sKWpyfjQaT/i3itc=;
b=chhurqcfZOj4PcKUzGXhe+6mvEbB4f2vCaCm6LptfZC1Fh3zKYQ8iKXn3Nf8TCOUVp
orrA4Y7OFRXdF9nyAFqcFIUmt1FO7e4WjQpK0RHIW7TbJ9ti0FdWyY4012n3H7EBYAFf
0e7ZwdwMTVPffgSBP0z8lwntitOJUbuhxNu2wz9yS5RlRRoRSGteRiw8T+7TDEzzOgF1
kPemSSCfQqUkCPp59Xn8yS5LYbu6sDBlTYk0lil/+kxSZgj92IRwrRwDStOYcBT53WzE
yY2skDlGH0/Lpib692tsnym2ut2oNwN2sZvcWs9TjHRXI0Vx68KZ8VHnZo26pz6nMrik
8bVA==
X-Gm-Message-State: ALoCoQkWWrY7IkS1jLOV7oIegchQsbNl76WUguLjipOtRx6gtDPXcF3za4c7XXqJR/nm6Z9z5U9M8VHSm4RBfaKEj57AWAlu8w==
X-Received: by 10.236.27.72 with SMTP id d48mr8708825yha.60.1423834660975;
Fri, 13 Feb 2015 05:37:40 -0800 (PST)
Received: from brn1lxmailout02.vcorp.ad.vrsn.com
(brn1lxmailout02.verisign.com. [72.13.63.42])
by mx.google.com with ESMTPS id x9sm1776023qcq.0.2015.02.13.05.37.40
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Fri, 13 Feb 2015 05:37:40 -0800 (PST)
X-Relaying-Domain: verisign.com
Received: from brn1wnexcas02.vcorp.ad.vrsn.com
(brn1wnexcas02.vcorp.ad.vrsn.com [10.173.152.206])
by brn1lxmailout02.vcorp.ad.vrsn.com (8.13.8/8.13.8) with ESMTP id
t1DDbeDv013418
(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL);
Fri, 13 Feb 2015 08:37:40 -0500
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by
brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Fri, 13
Feb 2015 08:37:39 -0500
From: "Gould, James" <JGould@verisign.com>
To: Ning Kong <nkong@cnnic.cn>
Thread-Topic: [eppext] Extension Registration Request: Registry Fee
Extension for the Extensible Provisioning Protocol (EPP)
Thread-Index: AdBCEn+vvcyzjjByRt6JTgZTR3aSZADuIaYAAHxHn4A=
Date: Fri, 13 Feb 2015 13:37:38 +0000
Message-ID: <29323ABA-D158-460E-ACBC-514BB48AF830@verisign.com>
References: <831693C2CDA2E849A7D7A712B24E257F49F3C5DD@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
<EB6318D0-0AE1-4E98-95C6-F6EC14718952@cnnic.cn>
In-Reply-To: <EB6318D0-0AE1-4E98-95C6-F6EC14718952@cnnic.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.173.152.4]
Content-Type: multipart/related;
boundary="_004_29323ABAD158460EACBC514BB48AF830verisigncom_";
type="multipart/alternative"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/eppext/L1J_G_6PcP3P6MUWqdb4ux2Qqss>
Cc: "Hollenbeck, Scott" <shollenbeck@verisign.com>,
"eppext@ietf.org" <eppext@ietf.org>
Subject: Re: [eppext] Extension Registration Request: Registry Fee Extension
for the Extensible Provisioning Protocol (EPP)
X-BeenThere: eppext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPPEXT <eppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eppext>,
<mailto:eppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/eppext/>
List-Post: <mailto:eppext@ietf.org>
List-Help: <mailto:eppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eppext>,
<mailto:eppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Feb 2015 13:37:46 -0000
Ning, I provide some feedback below to your feedback. — JG [cid:77031CC3-BE7A-4188-A95F-D23115A30A4D@vcorp.ad.vrsn.com] James Gould Distinguished Engineer jgould@Verisign.com 703-948-3271 12061 Bluemont Way Reston, VA 20190 VerisignInc.com<http://VerisignInc.com> On Feb 10, 2015, at 9:19 PM, Ning Kong <nkong@cnnic.cn<mailto:nkong@cnnic.cn>> wrote: Hi Scott and all, As one of the designated experts, I read this request and draft. I have some comments as follows. #1 The document status is Informational according to the request, but the intended status of draft is Experimental. I believe this draft should be targeted for Standards track based on the amount of interest in it by the community. I believe it is passed Experimental and it is certainly being looked at by multiple independent parties. Hopefully the EPPEXT WG will be re-charted to include this draft. #2 IMO, the extension of <check> is not necessary. It seems that the extended <check> is a little overused. I think the extension of <info> is enough. I believe the draft should stay as is. Since the fee draft is an extension and not an object mapping, how would you represent the price for a non-existing domain name using an extension of the info command? The extension really could not extend the info response for a non-existing domain name since RFC 5731 requires the name, roid, and clID element to be returned in the response. As is, the extension to the check command and response enables a client to get pricing information for existing and non-existing domain names, and the extension to the info command and response enables a client to get the pricing information for an existing domain name. #3 I’m afraid this extension may increase the risk of Security and Privacy. The fee information of domain registration is sensitive and maybe trade secrets for most registrars and registries. Because different registrars would get different price based on their each commercial contract. So usually the fee information can only be known by the business people. But if the EPP is extended with the fee function, the sensitive information about fee may be accessed by the technical guys even through the log file of EPP system. I don’t agree with this feedback. The client system needs to know the fee to ensure that the expected fee will or is going to be charged by the server. I don’t believe this can only be known by a client business person. The extension is optional and the business person can decide to require the client system to support the fee extension or not. The security practices of the client for disclosure of the fee information is up to the client to define and enforce, and really does not play into the protocol between the client and the server. Regards, Ning 在 2015年2月6日,下午9:40,Hollenbeck, Scott <shollenbeck@verisign.com<mailto:shollenbeck@verisign.com>> 写道: IANA has received a request to register an EPP extension titled "Registry Fee Extension for the Extensible Provisioning Protocol (EPP)". Per RFC 7451 they have requested designated expert review of the request. The list of designated experts appointed by the IESG can be found IANA's registry web page: http://www.iana.org/assignments/epp-extensions/epp-extensions.xhtml#epp-extensions-1 This is the form received by IANA: -----BEGIN FORM----- Name of Extension: Registry Fee Extension for the Extensible Provisioning Protocol (EPP) Document Status: Informational Reference: http://tools.ietf.org/html/draft-brown-epp-fees Registrant Name and Email Address: Gavin Brown, <gavin.brown@centralnic.com> TLDs: any IPR Disclosure: None Status: Active Notes: None -----END FORM----- As specified in RFC 7451 the discussion of this request is to take place on this mailing list. So let's discuss it. I have no issue with the extension itself. Given that this request refers to an existing Internet-Draft document, I believe it would be more appropriate for the document to include an IANA Considerations section that includes a request to register the extension if the document becomes an RFC. My recommendation to IANA would be to hold off on processing the request until the document is either submitted to and approved by the IESG or it is published outside the IETF process. Would the other designated experts please share the results of your individual evaluations in this thread. Scott _______________________________________________ EppExt mailing list EppExt@ietf.org https://www.ietf.org/mailman/listinfo/eppext _______________________________________________ EppExt mailing list EppExt@ietf.org<mailto:EppExt@ietf.org> https://www.ietf.org/mailman/listinfo/eppext
- [eppext] Extension Registration Request: Registry… Hollenbeck, Scott
- Re: [eppext] Extension Registration Request: Regi… Ning Kong
- Re: [eppext] Extension Registration Request: Regi… Alexander Mayrhofer
- Re: [eppext] Extension Registration Request: Regi… Gavin Brown
- Re: [eppext] Extension Registration Request: Regi… Gould, James
- Re: [eppext] Extension Registration Request: Regi… Keith Gaughan