Protocol Action: 'Login Security Extension for the Extensible Provisioning Protocol (EPP)' to Proposed Standard (draft-ietf-regext-login-security-10.txt)

The IESG <iesg-secretary@ietf.org> Thu, 27 February 2020 17:56 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 406C43A0E3D; Thu, 27 Feb 2020 09:56:48 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Login Security Extension for the Extensible Provisioning Protocol (EPP)' to Proposed Standard (draft-ietf-regext-login-security-10.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.118.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: Joseph Yee <jyee@afilias.info>, barryleiba@gmail.com, regext@ietf.org, rfc-editor@rfc-editor.org, regext-chairs@ietf.org, draft-ietf-regext-login-security@ietf.org, The IESG <iesg@ietf.org>, jyee@afilias.info
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <158282620825.2136.9998300256715236895.idtracker@ietfa.amsl.com>
Date: Thu, 27 Feb 2020 09:56:48 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/LRWz3ODonBOuUkG5cvV5Wzdhjio>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 17:56:49 -0000

The IESG has approved the following document:
- 'Login Security Extension for the Extensible Provisioning Protocol
   (EPP)'
  (draft-ietf-regext-login-security-10.txt) as Proposed Standard

This document is the product of the Registration Protocols Extensions Working
Group.

The IESG contact persons are Adam Roach, Alexey Melnikov and Barry Leiba.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-regext-login-security/





Technical Summary
The Extensible Provisioning Protocol (EPP) includes a client
authentication scheme that is based on a user identifier and password. 
The structure of the password field is defined by an XML Schema data type
that specifies minimum and maximum password length values, but there are
no other provisions for password management other than changing the
password.  This document describes an EPP extension that allows longer
passwords to be created and adds additional security features to the EPP
login command and response.


Working Group Summary
The WG discussed this topic in both mailing list and at meetings; there
are no controversies or lack of coverage.  The working group agreed to
submit this draft for publication on the Standards Track.  There were
several in-depth discussions on password complexity and its indicator
‘[LOGIN-SECURITY]’.  The WG reached consensus on the approach.

Document Quality
There is one registry implementation captured in the Implementation Status section. 

Personnel
Shepherd: Joseph Yee <jyee@afilias.info>
AD: Barry Leiba