IETF Logo Mail Archive

Re: [regext] Eric Rescorla's Discuss on draft-ietf-regext-org-11: (with DISCUSS and COMMENT)

"Linlin Zhou" <zhoulinlin@cnnic.cn> Thu, 25 October 2018 09:44 UTC

Return-Path: <zhoulinlin@cnnic.cn>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADC2B130DFD; Thu, 25 Oct 2018 02:44:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gJWeAaBtuW9c; Thu, 25 Oct 2018 02:44:35 -0700 (PDT)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id 5CE7A1277BB; Thu, 25 Oct 2018 02:44:29 -0700 (PDT)
Received: from zll (unknown [218.241.111.73]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0BZYPxzkNFb2IwCAA--.2999S2; Thu, 25 Oct 2018 17:44:20 +0800 (CST)
Date: Thu, 25 Oct 2018 17:45:26 +0800
From: Linlin Zhou <zhoulinlin@cnnic.cn>
To: Eric Rescorla <ekr@rtfm.com>, iesg <iesg@ietf.org>
Cc: regext-chairs <regext-chairs@ietf.org>, Pieter Vandepitte <pieter.vandepitte@dnsbelgium.be>, draft-ietf-regext-org <draft-ietf-regext-org@ietf.org>, regext <regext@ietf.org>
References: <154040431305.6967.8110836894354286749.idtracker@ietfa.amsl.com>
X-Priority: 3
X-Has-Attach: no
X-Mailer: Foxmail 7, 2, 5, 136[cn]
Mime-Version: 1.0
Message-ID: <20181025174522837431196@cnnic.cn>
Content-Type: multipart/alternative; boundary="----=_001_NextPart525412711404_=----"
X-CM-TRANSID: AQAAf0BZYPxzkNFb2IwCAA--.2999S2
X-Coremail-Antispam: 1UD129KBjvJXoWxuFW3XrW8KrWrZF13WF18Grg_yoWxurWUpr W3Jry7GF4DJr17Cw4xZ3WkX3WFvF1fJrWUJrnYqr1xtFZ8Cr1Iqr1ftrn5JFy7WryFvr1j qrWj9wn8u3WUAFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUQ2b7Iv0xC_Kw4lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_tr0E3s1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Gr1j6F4UJwA2z4x0Y4vEx4A2jsIE14v26rxl6s0DM28EF7xvwV C2z280aVCY1x0267AKxVW0oVCq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40En4AK xVAvwIkv4cxYr24l5I8CrVCF0I0E4I0vr24l5I8CrVC2j2CEjI02ccxYII8I67AEr4CY67 k08wAv7VC0I7IYx2IY67AKxVWUJVWUGwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFVCj c4AY6r1j6r4UM4x0Y48IcxkI7VAKI48JM4xvF2IEb7IF0Fy264kE64k0F24l7480Y4vEI4 kI2Ix0rVAqx4xJMxkIecxEwVAFwVW8uwCF04k20xvY0x0EwIxGrwCFx2IqxVCFs4IE7xkE bVWUJVW8JwC20s026c02F40E14v26r106r1rMI8I3I0E7480Y4vE14v26r106r1rMI8E67 AF67kF1VAFwI0_JF0_Jw1lIxkGc2Ij64vIr41lIxAIcVC0I7IYx2IY67AKxVWUJVWUCwCI 42IY6xIIjxv20xvEc7CjxVAFwI0_Jr0_Gr1lIxAIcVCF04k26cxKx2IYs7xG6rW3Jr0E3s 1lIxAIcVC2z280aVAFwI0_Jr0_Gr1lIxAIcVC2z280aVCY1x0267AKxVW8JVW8Jr1l6VAC Y4xI67k04243AbIYCTnIWIevJa73UjIFyTuYvjxUyvtZUUUUU
X-CM-SenderInfo: p2kr3zplqox0w6fq0xffof0/
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/5CLnudPTP829pP5rXiXBuwyYr_I>
Subject: Re: [regext] Eric Rescorla's Discuss on draft-ietf-regext-org-11: (with DISCUSS and COMMENT)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2018 09:44:39 -0000

Dear Eric,
Thanks for your review. Please see my feedbacks below with [Linlin].

Regards,
Linlin


Linlin Zhou
 
From: Eric Rescorla
Date: 2018-10-25 02:05
To: The IESG
CC: regext-chairs; Pieter Vandepitte; draft-ietf-regext-org; regext
Subject: [regext] Eric Rescorla's Discuss on draft-ietf-regext-org-11: (with DISCUSS and COMMENT)
Eric Rescorla has entered the following ballot position for
draft-ietf-regext-org-11: Discuss
 
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
 
 
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
 
 
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-regext-org/
 
 
 
----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------
 
Rich version of this review at:
https://mozphab-ietf.devsvcdev.mozaws.net/D3624
 
 
This DISCUSS should be easy to clear. I have noted a few points where
I do not believe that the spec is sufficiently clear to implement.
 
DETAIL
S 3.4.
>   
>      o  clientUpdateProhibited, serverUpdateProhibited: Requests to update
>         the object (other than to remove this status) MUST be rejected.
>   
>      o  clientDeleteProhibited, serverDeleteProhibited: Requests to delete
>         the object MUST be rejected.
 
How does access control work here? If either of these values are set,
then it must be rejected?
[Linlin] If you mean that clientUpdateProhibited and serverUpdateProhibited are set, these two statuses can coexist in the system. "clientUpdateProhibited" is set by the client and "serverUpdateProhibited" is set by the server.
 
 
S 4.1.2.
>      C:        <org:id>res1523</org:id>
>      C:      </org:info>
>      C:    </info>
>      C:    <clTRID>ABC-12345</clTRID>
>      C:  </command>
>      C:</epp>
 
So I can only <info> one org?
[Linlin] Yes, <info> command supports one org id.
 
 
S 4.1.2.
>   
>      o  One or more <org:status> elements that contain the operational
>         status of the organization, as defined in Section 3.4.
>   
>      o  An OPTIONAL <org:parentId> element that contains the identifier of
>         the parent object, as defined in Section 3.6.
 
It's not clear to me what's really optional here, because you say
above that it's up to the server but then you label some stuff here as
OPTIONAL
[Linlin] If this sentence makes confusion. How about changing it to "It is up to the server policy to decide 
what optional attributes will be returned of an organization object." or just remove it?
 
 
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
 
S 3.2.1.
>      object.  A client can change the role of an organization object using
>      the EPP <update> command.
>   
>   3.2.1.  Role Type
>   
>      An organization role MUST have a type which supports a list of
 
Editorial: I found this confusing. I think you want to say "MUST have
a type field. This may have any of the values listed in ...."
 
It's not the type that supports the list.
 [Linlin] Yes, thank you for your text.
 
 
 
S 3.4.
>         rejected.
>   
>      o  linked: The organization object has at least one active
>         association with another object.  The "linked" status is not
>         explicitly set by the client.  Servers should provide services to
>         determine existing object associations.
 
I'm not following this text. It is set by the server?
[Linlin] Yes, it is set by the server. Benjamin's comment will be adopted. Adding a sentence to clarify. "Other status values that do not begin with either "client" or "server" are server-managed".
 
 
S 3.4.
>         has been processed for the object, but the action has not been
>         completed by the server.  Server operators can delay action
>         completion for a variety of reasons, such as to allow for human
>         review or third-party action.  A transform command that is
>         processed, but whose requested action is pending, is noted with
>         response code 1001.
 
Who can set this?
 [Linlin] The server can set the error code to 1001 and send the response to the client.
 
S 3.5.
>         association with another object.  The "linked" status is not
>         explicitly set by the client.  Servers SHOULD provide services to
>         determine existing object associations.
>   
>      o  clientLinkProhibited, serverLinkProhibited: Requests to add new
>         links to the role MUST be rejected.
 
see above question about access control
[Linlin] If both the clientXXXProhibited and serverXXXProhibited are set, this situation is permitted.
 
 
S 3.6.
>      not defined for the top level reseller, namely the registrar of the
>      registry.  An N-tier reseller has a parent reseller and at least one
>      child reseller.  A reseller customer has a parent reseller and no
>      child resellers.
>   
>      Loops MUST be prohibited.  For example: if organization A has B as
 
Who is this a levy on? The server MUST enforce it? What does it do if
there is an error?
 [Linlin] It is up to the servers to manage the organization levels. For example, if client creates a new organization with parentID, the server should validate this ID has no loop relation with others. If validation fails , the server should respond with an error code such as "2305" or other proper error codes.
 
S 4.1.2.
>         email address.
>   
>      o  An OPTIONAL <org:url> element that contains the URL to the website
>         of the organization.
>   
>      o  Zero or more OPTIONAL <org:contact> elements that contain
 
Isn't 0 and OPTIONAL redundant?
 [Linlin] Yes. This will be updated.
 
S 4.1.2.
>         organization object.  Contact object identifiers MUST be known to
>         the server before the contact object can be associated with the
>         organization object.  The required "type" is used to represent
>         contact types.  The type values include "admin", "tech",
>         "billing", "abuse", and "custom".  The OPTIONAL "typeName"
>         attribute is used to define the name of a "custom" type.
 
Are duplicates allowed?
 [Linlin] If you mean the org can have two contacts with the same "admin" type, this is allowed according to the XML schema.
 
S 4.2.1.
>         status of the organization, as defined in Section 3.4.
>   
>      o  An OPTIONAL <org:parentId> element that contains the identifier of
>         the parent object, as defined in Section 3.6.
>   
>      o  Zero to two <org:postalInfo> elements that contain postal-address
 
These rules looks duplicative of <info>. Is there a way to collapse
them?
 
S 4.2.5.
>      where at least one child element MUST be present:
>   
>      o  An OPTIONAL <org:parentId> element that contains the identifier of
>         the parent object.
>   
>      o  Zero to two <org:postalInfo> elements that contain postal-address
 
This also seems duplicative.
[Linlin] Indeed some elements descriptions appear some times in the document. I'd like to have some explanations here again.
This document borrowed the text structure from RFC5731, RFC5732 and RFC5733 of EPP. I think the intension of having some duplicated descriptions is for users' easy reading. When seeing the examples, they do not have to scroll up and down to find the elements definitions. Some descriptions are a little different, although <org:postalInfo> elements appear to be duplicated. Such as, "One or more <org:status> elements" in <info> response and "Zero or more <org:status> elements" in <create> command. Of course putting all the elements definitions in a section is a concise way for the document structure.
 
 
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email