IETF Logo Mail Archive

Re: [eppext] New draft for keyrelay available

"Gould, James" <JGould@verisign.com> Fri, 09 January 2015 14:29 UTC

Return-Path: <JGould@verisign.com>
X-Original-To: eppext@ietfa.amsl.com
Delivered-To: eppext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34B7A1A89FC for <eppext@ietfa.amsl.com>; Fri, 9 Jan 2015 06:29:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dPe0ttKy6G7s for <eppext@ietfa.amsl.com>; Fri, 9 Jan 2015 06:29:22 -0800 (PST)
Received: from exprod6og120.obsmtp.com (exprod6og120.obsmtp.com [64.18.1.236]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D33CC1A8972 for <eppext@ietf.org>; Fri, 9 Jan 2015 06:29:17 -0800 (PST)
Received: from brn1lxmailout02.vcorp.ad.vrsn.com ([72.13.63.42]) (using TLSv1) by exprod6ob120.postini.com ([64.18.5.12]) with SMTP ID DSNKVK/lvTPIha4bsdHx3FVSoIRTD+gyxcIu@postini.com; Fri, 09 Jan 2015 06:29:21 PST
Received: from brn1wnexcas02.vcorp.ad.vrsn.com (brn1wnexcas02.vcorp.ad.vrsn.com [10.173.152.206]) by brn1lxmailout02.vcorp.ad.vrsn.com (8.13.8/8.13.8) with ESMTP id t09ETGC0018040 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 9 Jan 2015 09:29:16 -0500
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0174.001; Fri, 9 Jan 2015 09:29:16 -0500
From: "Gould, James" <JGould@verisign.com>
To: Rik Ribbers <rik.ribbers@sidn.nl>
Thread-Topic: [eppext] New draft for keyrelay available
Thread-Index: AdArSKQ+n3FmCyCWSq6l2+OWlzutMwA+eoEA
Date: Fri, 9 Jan 2015 14:29:15 +0000
Message-ID: <0ED7237B-F4E8-45D7-971F-1625350DB0FC@verisign.com>
References: <C80127C588F8F2409E2B535AF968B768B927CDA8@kambx2.SIDN.local>
In-Reply-To: <C80127C588F8F2409E2B535AF968B768B927CDA8@kambx2.SIDN.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.173.152.4]
Content-Type: multipart/related; boundary="_004_0ED7237BF4E845D7971F1625350DB0FCverisigncom_"; type="multipart/alternative"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/eppext/nccRnb5vieLmWi6A5HdZMCrLXQA>
Cc: "eppext@ietf.org" <eppext@ietf.org>
Subject: Re: [eppext] New draft for keyrelay available
X-BeenThere: eppext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPPEXT <eppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/eppext>, <mailto:eppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/eppext/>
List-Post: <mailto:eppext@ietf.org>
List-Help: <mailto:eppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/eppext>, <mailto:eppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jan 2015 14:29:25 -0000

Rik,

Below is my feedback to the updated draft:


  1.  As noted in past mailing list comments and in person discussions, I don’t agree with the mixing of a protocol extension for the command and an object mapping for the poll response.  I have provided examples of implementing this draft using either an object mapping or a command response extension of domain.  In it’s current form, I’m assuming that the EPP greeting and login would include the urn:ietf:params:xml:ns:relay-1.0 URI in both a <objURI> and an <extURI> element.  I highly recommend that you reconsider this.
  2.  You are making keyrelay more generic by creating a new extension point of the data to relay, with the key data being one concrete type.  I still believe that creating a Key Relay Object Mapping would have been the best route to go, since the creation of a Key Relay object would add it into the poll queue for consumption by the losing registrar.  The only command supported by the mapping is create along with the poll info response.  The create is creating a transient object.  If other types of data need to be “relayed”, a similar approach could be taken without having to add an additional layer of extensibility.  A new EPP object mapping would be defined for the new type.  The key relay along with any other relay objects will be properly exposed in the EPP greeting and login <objURI> elements.
  3.  Nit in 3.1.1, “An OPTIONAL <clTRID> (client transaction identifier) element that MAY be used to uniquely identify the command to the registrar”, should reference client instead of registrar.
  4.  What is the expected response to the <relay> command?  I’m assuming that it’s as EPP response as defined in section 2.6 of RFC 5730 where the <clTRID> value is set with the <r:clTRID> value associated with the command if supplied by the client.

Regards,


—


JG


[cid:77031CC3-BE7A-4188-A95F-D23115A30A4D@vcorp.ad.vrsn.com]

James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

VerisignInc.com<http://VerisignInc.com>

On Jan 8, 2015, at 8:41 AM, Rik Ribbers <rik.ribbers@sidn.nl<mailto:rik.ribbers@sidn.nl>> wrote:

All,

As you (may) have noticed we submitted a new version of the keyrelay draft. In this draft we tried to solve all the open issues, remarks and feedback we received.

The major  changes are:

  1.  Introducing the <relay> command, and thus seperating the data and
       the command.

   2.  Updated the Introduction, describing the general use of relay vs
       the intended use-case of relaying DNSSEC key data.

   3.  Restructuring the document to make it more inline with existing
       EPP extensions.

In the end it has become a major rewrite and as always feedback is welcome.

Kind regards,
Rik Ribbers
_______________________________________________
EppExt mailing list
EppExt@ietf.org<mailto:EppExt@ietf.org>
https://www.ietf.org/mailman/listinfo/eppext

v2.8.7 | Report a Bug | By Email