Protocol Action: 'Login Security Extension for the Extensible Provisioning Protocol (EPP)' to Proposed Standard (draft-ietf-regext-login-security-10.txt)
The IESG <iesg-secretary@ietf.org> Thu, 27 February 2020 17:56 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 406C43A0E3D; Thu, 27 Feb 2020 09:56:48 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Login Security Extension for the Extensible Provisioning Protocol (EPP)' to Proposed Standard (draft-ietf-regext-login-security-10.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.118.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: Joseph Yee <jyee@afilias.info>, barryleiba@gmail.com, regext@ietf.org, rfc-editor@rfc-editor.org, regext-chairs@ietf.org, draft-ietf-regext-login-security@ietf.org, The IESG <iesg@ietf.org>, jyee@afilias.info
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <158282620825.2136.9998300256715236895.idtracker@ietfa.amsl.com>
Date: Thu, 27 Feb 2020 09:56:48 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/LRWz3ODonBOuUkG5cvV5Wzdhjio>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 17:56:49 -0000
The IESG has approved the following document: - 'Login Security Extension for the Extensible Provisioning Protocol (EPP)' (draft-ietf-regext-login-security-10.txt) as Proposed Standard This document is the product of the Registration Protocols Extensions Working Group. The IESG contact persons are Adam Roach, Alexey Melnikov and Barry Leiba. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-regext-login-security/ Technical Summary The Extensible Provisioning Protocol (EPP) includes a client authentication scheme that is based on a user identifier and password. The structure of the password field is defined by an XML Schema data type that specifies minimum and maximum password length values, but there are no other provisions for password management other than changing the password. This document describes an EPP extension that allows longer passwords to be created and adds additional security features to the EPP login command and response. Working Group Summary The WG discussed this topic in both mailing list and at meetings; there are no controversies or lack of coverage. The working group agreed to submit this draft for publication on the Standards Track. There were several in-depth discussions on password complexity and its indicator ‘[LOGIN-SECURITY]’. The WG reached consensus on the approach. Document Quality There is one registry implementation captured in the Implementation Status section. Personnel Shepherd: Joseph Yee <jyee@afilias.info> AD: Barry Leiba