IETF Logo Mail Archive

Re: [ire] New version (4) of the spec and new draft on DNRD (1)

Francisco Obispo <fobispo@isc.org> Fri, 14 December 2012 17:45 UTC

Return-Path: <fobispo@isc.org>
X-Original-To: ire@ietfa.amsl.com
Delivered-To: ire@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF94021F8A8A for <ire@ietfa.amsl.com>; Fri, 14 Dec 2012 09:45:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.524
X-Spam-Level:
X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fX5PxI8NWhSq for <ire@ietfa.amsl.com>; Fri, 14 Dec 2012 09:45:15 -0800 (PST)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id 5E30B21F8A2C for <ire@ietf.org>; Fri, 14 Dec 2012 09:45:15 -0800 (PST)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by mx.ams1.isc.org (Postfix) with ESMTPS id BA4D05F9CAF; Fri, 14 Dec 2012 17:45:03 +0000 (UTC) (envelope-from fobispo@isc.org)
Received: from [192.168.255.120] (c-24-7-39-79.hsd1.ca.comcast.net [24.7.39.79]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 11D25216C85; Fri, 14 Dec 2012 17:45:02 +0000 (UTC) (envelope-from fobispo@isc.org)
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Francisco Obispo <fobispo@isc.org>
In-Reply-To: <C41D7AF7FCECBE44940E9477E8E70D7A0D743177@BRN1WNEXMBX02.vcorp.ad.vrsn.com>
Date: Fri, 14 Dec 2012 09:45:05 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <7AD06E76-CE20-4EB1-8F8E-F178A5E1E7D3@isc.org>
References: <C41D7AF7FCECBE44940E9477E8E70D7A0D743177@BRN1WNEXMBX02.vcorp.ad.vrsn.com>
To: "Gould, James" <JGould@verisign.com>
X-Mailer: Apple Mail (2.1499)
Cc: Luis Muñoz <lem@isc.org>, "ire@ietf.org" <ire@ietf.org>
Subject: Re: [ire] New version (4) of the spec and new draft on DNRD (1)
X-BeenThere: ire@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Internet Registration Escrow discussion list." <ire.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ire>, <mailto:ire-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ire>
List-Post: <mailto:ire@ietf.org>
List-Help: <mailto:ire-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ire>, <mailto:ire-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Dec 2012 17:45:17 -0000

Hi James,

I don't agree with your interpretation to me it looks more like:

clID -> Sponsoring Client
crID -> Client who was sponsoring at the time of creation
upID -> Client who was sponsoring when the last update occurred

The details of who (which user) updated what, to me is outside the scope of the EPP protocol, I'm not saying it's not important from the registry's perspective.

Our system also has tools like the one you mentioned, for example, the Registrar Web Interface provides the means for registrars to have multiple account with different roles associated with them, and even though we keep detail accounting of who does what, the operations on the SRS are done via the 'role' account, not the individual.

We as a registry are capable of answering a question who did what, from where and at what time.

The interpretation has to do with functionality. If there was a problem with "documentation" lets assume the domain required specific set of paperwork (physical), as the current sponsor (not who created domain), I could look at the <crID> and ask for the paperwork, or if an update occurred that seemed inappropriate in the past, I could also call the <upID> and ask for information. 

Sharing the detail of which individual user (not the registrar or registry org) who performed the [create|update] operation seems useless for me because as an EBERO I would not have that information/nor will need it for anything useful.

Francisco


On Dec 14, 2012, at 7:39 AM, "Gould, James" <JGould@verisign.com> wrote:

> Francisco, 
> 
>> From a high-level, independent of the EPP RFC's interpretation that I will
> cover below, the description of the <crID> and <upID> elements must
> exactly match the description in the EPP RFC's.  The data escrow draft
> must not attempt to apply a specific interpretation of the EPP RFC's.
> 
> Below is the text from RFC 5731 for the matching <clID>, <crID>, and
> <upID> elements of draft-arias-noguchi-dnrd-objects-mapping:
> 
> -  A <domain:clID> element that contains the identifier of the
>      sponsoring client.
> 
>   -  An OPTIONAL <domain:crID> element that contains the identifier of
>      the client that created the domain object.
> 
> -  An OPTIONAL <domain:upID> element that contains the identifier of
>      the client that last updated the domain object.  This element MUST
>      NOT be present if the domain has never been modified.
> 
> As I pointed out in my past message, the <domain:clID> element references
> "sponsoring client" and the <domain:crID> and the <domain:upID> elements
> reference simply "client".  The proper interpretation of "sponsoring
> client" is to indicate the registrar and the "client" to indicate the
> user.  A registry might provide additional tools beyond EPP, like a
> Registrar Web Tool, for registrars to manage the objects, where the access
> to these tools would require user authentication.  A registry will also
> have additional tools and components for authorized internal(registry)
> users to make changes like a CSR Web Tool or batches.  The security model
> should require different user login credentials per actual user and all
> actions taken by that user would be tracked in the system.  If one of the
> users created or updated an object, obviously the crDate or upDate should
> be set, but the crID or upID fields should be set to the actual user that
> took the action.  I'm sure the Registrar would like to know exactly who in
> their organization or in the registry created or updated the object.  The
> crID and upID fields should reflect the detail of exactly who took the
> action.  If the crID and upID fields only referenced the organization, the
> registrar would have no way other then reaching out to the registry to
> look in their audit tables for the detail of who took the action.  By
> linking to the user of the account (registrar or registry) and not
> directly to the account for these fields, the registrar and registry
> directly knows who took the action without having to scan the audit
> records.  The info response would return the detail required via the crID
> and upID fields.
> 
> Assuming that you do change the text of
> draft-arias-noguchi-dnrd-objects-mapping to match RFC 5731 for the <crID>,
> and <upID> elements, there is still the open question of what needs to be
> deposited for successful recovery by an EBERO provider.  I see the
> following options:
> 
> 1. Include a user deposit that at a minimum would include a user
> identifier (e.g. login name) and an account (clID) element.  The account
> could be the registrar or registry account.  The crID and upID would link
> to the user identifier.
> 2. Just include the crID and upID as simple strings without any object
> references (user or account).  The EBERO provider most likely will not
> actually attempt to activate any of the users in the user deposit, so the
> crID and upID migrated fields are simply informational and kept to ensure
> that the info response is consistent after the transition.  The EBERO
> provider would have another set of fields that would properly link to
> users (or accounts if that is how their system is built) for future
> creates and updates.  If there was any question to who actually created or
> updated the object, the EBERO provider would indicate that the user in the
> string form was imported from the data escrow that has no additional
> information.   
> 
> I don't believe referencing the registrar in place of the actual user for
> the crID and upID is the intent of the EPP RFC's, but a level of
> indirection (user's account) wouldn't be completely out of the question.
> The data escrow would then need to support both, meaning that option #2
> above would be the only real option.  In any case as stated in my first
> sentence above, the description of the <crID> and <upID> elements in
> draft-arias-noguchi-dnrd-objects-mapping must match the description of
> those fields in the EPP RFC's.
> 
> 
> -- 
> 
> JG
> 
> 
> 
> James Gould
> Principal Software Engineer
> jgould@verisign.com
> 
> 703-948-3271 (Office)
> 12061 Bluemont Way
> Reston, VA 20190
> VerisignInc.com
> 
> 
> 
> 
> 
> 
> 
> On 12/13/12 1:31 PM, "Francisco Obispo" <fobispo@isc.org> wrote:
> 
>> 
>> 
>> 
>> 
>> On Dec 13, 2012, at 9:42 AM, "Gould, James" <JGould@verisign.com> wrote:
>> 
>>> Your interpretation is different from mine of the EPP specifications.
>> 
>> I find myself in this situation more ofter than I would like, but it is
>> my job to do fine grain review, and you guys have a better view because
>> Verisign played an important role in the authorship of the docs, which is
>> why I come to these lists to try to get clarification to those grey areas.
>> 
>> 
>>> The
>>> term client is generic, where the reference to the "sponsoring client"
>>> in
>>> the description of <clID> refers to the registrar.  The reference to
>>> simply "client" in the description of crID and upID can and should refer
>>> to any client including the actual user.
>> 
>> Yes, but my interpretation is that those fields track 'registrars' not
>> internal users.
>> 
>> 
>> 
>>> It makes no sense to only return
>>> the sponsoring client information for the crID and upID fields, since
>>> they
>>> would pretty much almost always match the same value of clID.
>> 
>> 
>> Not necessarily, 
>> 
>> 1) REGISTRAR_A  creates a domain name (crID and clID = REGISTRAR_A)
>> 2) Domain name is transferred to REGISTRAR_B (clID = REGISTRAR_B crID =
>> REGISTRAR_A)
>> 3) Domain name is updated (upID=REGISTRAR_B)
>> 4) Domain name is transferred to REGISTRAR_C (clID=REGISTRAR_C)
>> 
>> Final state:
>> 
>> clID=REGISTRAR_C
>> crID=REGISTRAR_A
>> upID=REGISTRAR_B
>> 
>> 
>> 
>> 
>>> It's best
>>> to reference the actual user (Registrar User, Registry User, or whoever)
>>> actually created or updated the object via any of the supported channels
>>> (EPP, Registrar Web Tool, CSR Web Tool, Batch, etc.).  I believe you
>>> need
>>> to change the description of the crID and upID fields of the data escrow
>>> to match that of the EPP specifications.  We can continue to debate our
>>> interpretation of the EPP specification as it relates to the crID and
>>> upID
>>> elements.  
>> 
>> My design choice would be to keep the changes done by the registry
>> somewhere else and not on these fields since in my opinion, they relate
>> to authorized clients (a registry/system user might belong to a client),
>> so in your example, it is important that 'verisign' did it and not
>> jgould, jgould would be referenced in an audit table as a person acting
>> on behalf of verisign performing a specific transaction in the logs.
>> 
>> Regards,
>> 
>> 
>> Francisco Obispo 
>> Director of Applications and Services - ISC
>> email: fobispo@isc.org
>> Phone: +1 650 423 1374 || INOC-DBA *3557* NOC
>> PGP KeyID = B38DB1BE
>> 

Francisco Obispo 
Director of Applications and Services - ISC
email: fobispo@isc.org
Phone: +1 650 423 1374 || INOC-DBA *3557* NOC
PGP KeyID = B38DB1BE

v2.23.0 | Report a Bug | By Email