Re: [ire] Extended verification process of the escrow deposit files

Francisco Obispo <fobispo@isc.org> Mon, 17 December 2012 21:00 UTC

Return-Path: <fobispo@isc.org>
X-Original-To: ire@ietfa.amsl.com
Delivered-To: ire@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34F6F21F87BD for <ire@ietfa.amsl.com>; Mon, 17 Dec 2012 13:00:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.381
X-Spam-Level:
X-Spam-Status: No, score=-2.381 tagged_above=-999 required=5 tests=[AWL=0.219, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yoEA+1TXH2Ys for <ire@ietfa.amsl.com>; Mon, 17 Dec 2012 13:00:16 -0800 (PST)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id A767A21F87B6 for <ire@ietf.org>; Mon, 17 Dec 2012 13:00:16 -0800 (PST)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by mx.ams1.isc.org (Postfix) with ESMTPS id 1999E5F9B80; Mon, 17 Dec 2012 21:00:07 +0000 (UTC) (envelope-from fobispo@isc.org)
Received: from [IPv6:2001:4f8:3:64:f8ae:5159:defe:efeb] (unknown [IPv6:2001:4f8:3:64:f8ae:5159:defe:efeb]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 98D6C216C3D; Mon, 17 Dec 2012 21:00:05 +0000 (UTC) (envelope-from fobispo@isc.org)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Francisco Obispo <fobispo@isc.org>
In-Reply-To: <C41D7AF7FCECBE44940E9477E8E70D7A0D745B18@BRN1WNEXMBX02.vcorp.ad.vrsn.com>
Date: Mon, 17 Dec 2012 13:00:06 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <7301997D-09BB-4F90-A058-47161C39C992@isc.org>
References: <C41D7AF7FCECBE44940E9477E8E70D7A0D745B18@BRN1WNEXMBX02.vcorp.ad.vrsn.com>
To: "Gould, James" <JGould@verisign.com>
X-Mailer: Apple Mail (2.1499)
Cc: "ire@ietf.org" <ire@ietf.org>
Subject: Re: [ire] Extended verification process of the escrow deposit files
X-BeenThere: ire@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Internet Registration Escrow discussion list." <ire.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ire>, <mailto:ire-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ire>
List-Post: <mailto:ire@ietf.org>
List-Help: <mailto:ire-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ire>, <mailto:ire-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Dec 2012 21:00:17 -0000

Hi *,

On Dec 17, 2012, at 10:57 AM, "Gould, James" <JGould@verisign.com> wrote:
...
> The Data Escrow Provider should be able to validate the completeness of the deposit by verifying the signatures and verify the deposit against the format definition.  Items like email address validation should be covered by the XSD format definition. 


As long as we use the XML, if the CSV is used, the validation will have to proceed by type-checking the values in each file.

>  Applying differential deposits to the full deposit also sounds like the job of the EBERO provider and not the Data Escrow Provider.    

I agree,

What I propose is to ICANN use its contracted EBEROs to validate and confirm that they can rebuild a registry with the information in the deposits. I would say at least two (selected at random).


> In summary, I believe that only #1 below should be required of the Data Escrow Provider and the remainder should be discussed as a requirement for an EBERO provider.  

+1



Francisco Obispo 
Director of Applications and Services - ISC
email: fobispo@isc.org
Phone: +1 650 423 1374 || INOC-DBA *3557* NOC
PGP KeyID = B38DB1BE