IETF Logo Mail Archive

Re: [eppext] keyrelay draft

Rik Ribbers <rik.ribbers@sidn.nl> Wed, 27 May 2015 18:58 UTC

Return-Path: <rik.ribbers@sidn.nl>
X-Original-To: eppext@ietfa.amsl.com
Delivered-To: eppext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BB761A8969 for <eppext@ietfa.amsl.com>; Wed, 27 May 2015 11:58:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.484
X-Spam-Level: *
X-Spam-Status: No, score=1.484 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73ihmkseYtvp for <eppext@ietfa.amsl.com>; Wed, 27 May 2015 11:58:56 -0700 (PDT)
Received: from arn2-kamx.sidn.nl (kamx.sidn.nl [IPv6:2a00:d78:0:147:94:198:152:69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 203F01A8961 for <eppext@ietf.org>; Wed, 27 May 2015 11:58:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=sidn.nl; s=sidn-nl; c=relaxed/relaxed; h=from:to:subject:thread-topic:thread-index:date:message-id:references:in-reply-to:accept-language:content-language:x-ms-has-attach:x-ms-tnef-correlator:x-originating-ip:content-type:content-transfer-encoding:mime-version; bh=Qbtka1XVzc7QeseLrfWQ8Lc+Os3oEFnqLlP4ab7t5cw=; b=x38aXI8d+hrMt1RR3IzGe6oApGQpx+BSPpjT3WdMXh8IEEq71/nPH+97zx45pG6Epc+kK/Y2Z9+2EcYyExMWehpx30k9vvBvsg3HoX4JMdQ6TWl0jMIwOQ/fQd8fJTkWBn1paGI+Z9I+NTWPZ5z/JGzMiEn2RVsw4iJlZDx2uyUYgrOfTA00+6m/PUVKd1bGh4SJY0FTQeK7TMNqktNJXQqv9Dmpmd1TbCZgXq/bMTY76yJHxe2SNl5N8fJoV6ixtBc2ZUdbi+E7mr2lk1Bixz6yv8rGdJwHFRfMOaAhkLwn1kIMsjy0dHFDCZPioHhLPd2t0Wcpv20k0M1OOfqS/w==
Received: from kahubcasn02.SIDN.local ([192.168.2.74]) by arn2-kamx.sidn.nl with ESMTP id t4RIwscW029991-t4RIwscY029991 (version=TLSv1.0 cipher=AES128-SHA bits=128 verify=CAFAIL) for <eppext@ietf.org>; Wed, 27 May 2015 20:58:54 +0200
Received: from KAMBX2.SIDN.local ([fe80::b1fd:88d9:e136:9655]) by kahubcasn02 ([192.168.2.74]) with mapi id 14.03.0224.002; Wed, 27 May 2015 20:58:52 +0200
From: Rik Ribbers <rik.ribbers@sidn.nl>
To: "eppext@ietf.org" <eppext@ietf.org>
Thread-Topic: [eppext] keyrelay draft
Thread-Index: AdCEIZRovM1kBW7uQ+inotnc6EGsBgTzZ1AAAC/JhTA=
Date: Wed, 27 May 2015 18:58:51 +0000
Message-ID: <C80127C588F8F2409E2B535AF968B768BA18F3A3@kambx2.SIDN.local>
References: <C80127C588F8F2409E2B535AF968B768B97499BC@kambx2.SIDN.local> <20150526220438.GB8518@home.patoche.org>
In-Reply-To: <20150526220438.GB8518@home.patoche.org>
Accept-Language: nl-NL, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.2.155]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/eppext/e3kRF2O2iErVor7FJ5jJXkM9yGY>
Subject: Re: [eppext] keyrelay draft
X-BeenThere: eppext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPPEXT <eppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eppext>, <mailto:eppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/eppext/>
List-Post: <mailto:eppext@ietf.org>
List-Help: <mailto:eppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eppext>, <mailto:eppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 18:58:58 -0000

Hello Patrick,

Thanks for your thorough review, below is my feedback:

>- you describe the notification message under the "info response"
  section; I believe this is wrong, since you never got this reply by doing a command info, only by a result of a poll. Hence, like previously you should leave the info section empty and describe the notification message in a section clearly labeled "poll"
And for this same reason, I prefered the previous paData node name, instead of the new infData, but this is almost cosmetic.

The infData is more inline with other EPP extensions, therefor we chose the infData


>- I really prefer the previous relay verb/extension instead of piggy
>  backing the create one, since keyrelay are not really registry 
>objects, only EPP messages. And EPP is a provisioning protocol, a 
>keyrelay:create command seem to imply that you are provisioning some 
>kind of new objects inside the registry system, where you are in fact 
>only queueing a message into another registry polling queue

From a personal perspective I totally agree, however going for Standards Track is also to comply with the WG feedback. There was an explicit discussion thread in the mailing list where several people stated that the current xml structure is the way to proceed. However we are thinking of publishing the relay framework as a separate document. The goal would be to help move the discussion forward on 3rd party access to the registry system from a technical point of view.

>- various nitpicks
Have been fixed in the working document and they will appear in the next version of the draft.


>Also, taking a step back, I do not fully agree with "There is no clear distinction in the EPP protocol between Registrars
>   and DNS-operators."
> The EPP protocol is clearly between a registry and a registrar. A registrar can also be a DNS-operator but this has no relationship to its role as a sponsor of a domain name.

I definitely do not agree with the last. The EPP protocol is defined between an EPP client and an EPP server. In practice most (99.99%) clients will belong to a registrar. However given the current discussion on 3rd party DNS operators (like Cloudfare) to get access to the registry system I think the model where EPP clients are automatically registrars will change in the future. This draft is one the firsts where it is an implementation issue.
 
>As for the keyData elements, even if it is straightforward you may 
>specify more in detail that it is up to registry policy to define the 
>maximum number of elements that can be provided, and if the threshold 
>is crossed what error code the registrar will have

I will update the wording and add an error code, this makes sense having updated the XSD with maxOccurs=unbounded 

>"the EPP <resData> element MUST contain a child
   <keyrelay:infData> element that identifies the keyrelay namespace."

I will update the wording to explain.

Kind regards,
Rik Ribbers

-----Original Message-----
From: EppExt [mailto:eppext-bounces@ietf.org] On Behalf Of Patrick Mevzek
Sent: woensdag 27 mei 2015 0:05
To: eppext@ietf.org
Subject: Re: [eppext] keyrelay draft

Rik Ribbers <rik.ribbers@sidn.nl> 2015-05-01 17:31
> As you might have noticed we've published a new version of the keyrelay draft. Major change is the new XML structure as suggested by the WG. Hopefully this will help the document move forward.
> 
> As always any feedback is appreciated.
 
Here are my comments on draft-ietf-eppext-keyrelay-02 that I've just
implemented:

I really prefer the previous version of your draft, not only because of the more generic 'relay' framework (more on that below) but also because of the following points:

- you describe the notification message under the "info response"
  section; I believe this is wrong, since you never got this reply by doing a command info, only by a result of a poll. Hence, like previously you should leave the info section empty and describe the notification message in a section clearly labeled "poll"
And for this same reason, I prefered the previous paData node name, instead of the new infData, but this is almost cosmetic.

- I really prefer the previous relay verb/extension instead of piggy
  backing the create one, since keyrelay are not really registry objects, only EPP messages. And EPP is a provisioning protocol, a keyrelay:create command seem to imply that you are provisioning some kind of new objects inside the registry system, where you are in fact only queueing a message into another registry polling queue

- various nitpicks:
* "A REQUIRED <keyRelayData> elements" (should be element), this  happens twice in the document.
* for your create example, the clTRID in the response does not match the one in the command
* in XSDs, I believe you have by default minOccurs="1" and maxOccurs="1" on all elements, so it should not be needed to have minOccurs="1". In fact I think your mistake is that you really wanted maxOccurs="1" (for example for the name) and not minOccurs="1"


Also, taking a step back, I do not fully agree with "There is no clear distinction in the EPP protocol between Registrars
   and DNS-operators."

The EPP protocol is clearly between a registry and a registrar. A registrar can also be a DNS-operator but this has no relationship to its role as a sponsor of a domain name.

As for the keyData elements, even if it is straightforward you may specify more in detail that it is up to registry policy to define the maximum number of elements that can be provided, and if the threshold is crossed what error code the registrar will have

"the EPP <resData> element MUST contain a child
   <keyrelay:infData> element that identifies the keyrelay namespace."

I do not understand the "that identified the keyrelay namespace": this namespace can be defined anywhere from this node up the root node, this is depending on server policy and has no consequences on the XML parsing. In fact in your own example after that, the keyrelay:infData has no namespace declaration since it is already done previously.

Same remark later on for keyrelay:create


As discussed in private, I would really favor the idea of the generic relay framework…, as it has a lot of technical merits and even if it would be difficult to make it a standard used by many registries.

I believe it may have some overlapping parts with draft-gould-change-poll and/or draft-mayrhofer-eppext-servicemessage.

--
Patrick Mevzek

_______________________________________________
EppExt mailing list
EppExt@ietf.org
https://www.ietf.org/mailman/listinfo/eppext

v2.23.0 | Report a Bug | By Email