Re: [ire] Extended Verification Process - FQDN step
Gustavo Lozano <gustavo.lozano@icann.org> Wed, 27 March 2013 01:17 UTC
Return-Path: <gustavo.lozano@icann.org>
X-Original-To: ire@ietfa.amsl.com
Delivered-To: ire@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85B4521F86A8 for <ire@ietfa.amsl.com>; Tue, 26 Mar 2013 18:17:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8AaD5AHUtDz for <ire@ietfa.amsl.com>; Tue, 26 Mar 2013 18:17:18 -0700 (PDT)
Received: from EXPFE100-1.exc.icann.org (expfe100-1.exc.icann.org [64.78.22.236]) by ietfa.amsl.com (Postfix) with ESMTP id 5068221F84BD for <ire@ietf.org>; Tue, 26 Mar 2013 18:17:18 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-1.exc.icann.org ([64.78.22.236]) with mapi; Tue, 26 Mar 2013 18:17:17 -0700
From: Gustavo Lozano <gustavo.lozano@icann.org>
To: David Kipling <David.Kipling@nccgroup.com>, "ire@ietf.org" <ire@ietf.org>
Date: Tue, 26 Mar 2013 18:17:15 -0700
Thread-Topic: [ire] Extended Verification Process - FQDN step
Thread-Index: Ac4qiNIOPgXMeCvfT06jSiMdiglETA==
Message-ID: <CD7792D1.EA82%gustavo.lozano@icann.org>
In-Reply-To: <31655AEAB7ACEE41A2D1321E18D4BF3261D5200C@manexchprd02>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.2.130206
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [ire] Extended Verification Process - FQDN step
X-BeenThere: ire@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Internet Registration Escrow discussion list." <ire.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ire>, <mailto:ire-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ire>
List-Post: <mailto:ire@ietf.org>
List-Help: <mailto:ire-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ire>, <mailto:ire-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 01:17:19 -0000
Hi David, Comments inline. Regards, Gustavo On 3/22/13 5:34 AM, "David Kipling" <David.Kipling@nccgroup.com> wrote: >Hi Gustavo, > >At NCC Group we are working on the extended verification process and >after speaking with some of our customers and registry backend providers >it was unclear as to how the step below could be tested effectively: > >"An FQDN exists only as a domain name or NNDN." > >Is this literally that any values in the name element of the domain >record should not exist as the value of the aName element of an NNDN >record? > >e.g. > ><rdeDom:name>example1.test</rdeDom:name> means the value of example1.test >should not exist as a value of the <rdeNNDN:aName> tag e.g. >rdeNNDN:aName>example1.test</rdeNNDN:aName> and vice versa so if the >element <rdeNNDN:aName>xn--exampl-gva.test</rdeNNDN:aName> exists then ><rdeDom:name>xn--exampl-gva.test</rdeDom:name> should not exist in the >deposit. You are correct. The NNDN object was created to support those registries that use a reserved list of names that are not created as domain objects and also to support the use case of using a name (but not a domain object) to specify granular policies regarding IDN variants handling. If a registry creates reserved names as domain objects with an internal registrar for example, such registry may only use domain objects. If a registry handle reserved names as a list of names, such registry may use the NNDN object. If a registry creates variants in blocked or withheld state, such registry may use the NNDN object instead of a creating a domain object. If a registry creates mirror variants algorithmically, such registry may use the NNDN to block variants that are not valid. The registry must choose if the use of a NNDN is appropriate based on the design of its SRS. Basically a NNDN is like a light domain object with no registrar, registrant or NS servers associated to it. Regards, Gustavo > >Regards > >David >________________________________ > >David Kipling >Solutions Architect >NCC Group >Manchester Technology Centre, >Oxford Road >Manchester, M1 7EF > >Telephone: +44 161 209 5430 >Mobile: >Fax: >Website: www.nccgroup.com<http://www.nccgroup.com> >Email: David.Kipling@nccgroup.com<mailto:David.Kipling@nccgroup.com> > [http://www.nccgroup.com/media/192418/nccgrouplogo.jpg] ><http://www.nccgroup.com/> >________________________________ > >This email is sent for and on behalf of NCC Group. NCC Group is the >trading name of NCC Services Limited (Registered in England CRN: >2802141). Registered Office: Manchester Technology Centre, Oxford Road, >Manchester, M1 7EF. The ultimate holding company is NCC Group plc >(Registered in England CRN: 4627044). > >Confidentiality: This e-mail contains proprietary information, some or >all of which may be confidential and/or legally privileged. It is for the >intended recipient only. If an addressing or transmission error has >misdirected this e-mail, please notify the author by replying to this >e-mail and then delete the original. If you are not the intended >recipient you may not use, disclose, distribute, copy, print or rely on >any information contained in this e-mail. You must not inform any other >person other than NCC Group or the sender of its existence. > >For more information about NCC Group please visit >www.nccgroup.com<http://www.nccgroup.com> > >P Before you print think about the ENVIRONMENT > > >For more information please visit <a >href="http://www.mimecast.com">http://www.mimecast.com<br> >This email message has been delivered safely and archived online by >Mimecast. ></a> >
- [ire] Extended Verification Process - FQDN step David Kipling
- Re: [ire] Extended Verification Process - FQDN st… Gustavo Lozano
- Re: [ire] Extended Verification Process - FQDN st… James Mitchell