Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Tue, 13 November 2018 15:06 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3089B128D09; Tue, 13 Nov 2018 07:06:32 -0800 (PST)
X-Quarantine-ID: <2W8aXilKn5M1>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char 9C hex): Received: ...s kaduk@ATHENA.MIT.EDU)\n\t\234by outgoing.mit[...]
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2W8aXilKn5M1; Tue, 13 Nov 2018 07:06:29 -0800 (PST)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C975E128A6E; Tue, 13 Nov 2018 07:06:28 -0800 (PST)
X-AuditID: 12074422-579ff70000000d71-69-5beae8713530
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id C0.1A.03441.178EAEB5; Tue, 13 Nov 2018 10:06:26 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.14.7/8.9.2) with ESMTP id wADF6NVv016850; Tue, 13 Nov 2018 10:06:23 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) œby outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id wADF6HLe013356 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 13 Nov 2018 10:06:20 -0500
Date: Tue, 13 Nov 2018 09:06:17 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Linlin Zhou <zhoulinlin@cnnic.cn>
Cc: regext-chairs <regext-chairs@ietf.org>, Pieter Vandepitte <pieter.vandepitte@dnsbelgium.be>, iesg <iesg@ietf.org>, regext <regext@ietf.org>, draft-ietf-regext-org-ext <draft-ietf-regext-org-ext@ietf.org>
Message-ID: <20181113150617.GI99562@kduck.kaduk.org>
References: <20181031010506.GY45914@kduck.kaduk.org> <20181031141945204989108@cnnic.cn> <20181031124321.GH45914@kduck.kaduk.org> <2018110111280976085295@cnnic.cn> <20181101222859.GH45914@kduck.kaduk.org> <B567C9E4-BF56-4BB0-8081-27264947C1F7@verisign.com> <201811060918110034890@cnnic.cn> <2018111211152341848066@cnnic.cn> <20181112194852.GE99562@kduck.kaduk.org> <2018111309283308613641@cnnic.cn>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <2018111309283308613641@cnnic.cn>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA02SbUhTURjHO/du7mx45TqnHrWobm+g+BJoDKz0Qx+WQhREkEJ6c2duuM1x 7xSVojHByDR8obAZqTQtJDJng/pgwtIwi4TECKRA5tsWZFkwtDW6x+HLtz/P7/x/h4dzIK1+ IE+FJqsdC1bezMWoZGplYkamsBIszfnm02gHBrrk2q5wO639N+qitYHmRVo72zYOtBu/AqAw Ruf5nKILdUwrdG73OnWeLlGd1GOzqRYL2afLVcaF5Q7atlpW13h3hHKAmeJmoISIzUWRzp9U M1BBNfuUQre8LYAANTsMUN8TUxR8pdD8uH8TyNgjyDk9oSA5hj2MHLdnaJI10jw01QNIgWaD AA0tDskJSGBtqN8dokhmpOs+rrTIo9YeGjmdHnkUxKN39xdkJNPsMRR++EmyQimnoccRGB3v R43e7s3LlGwW8vc7NquJ7CE0esenaAPxrl0m1y6Ta8fk2mXqBbJBsE9vaci08CaziCsyxQre asVCZl6WxWTPwvoaDyCPoDjDvQTtkSIfYCHgYhntXLBULedrxXqLD6RAiktkDJekUdzVan29 kReNZUKNGYs+gCDNaZgDSxJj9Hx9Axaqt1AalHHJTFjjL1WzlbwdV2Fsw8IW3Qshh5jWZakY L+BKXGcwme07mIJKIo+V5B3kDCPaeItoqozyKXAwNZnxEMASYKyxbnfJp0JVY9eCIFlaJYFJ IqdipS+33ZaeTtpIw9gDy0Rs53dQqgO4+/cgx3WPP1wwOFUy98Vw4tG58ivuV/PKi50lE8V5 +dSGq6C7Nemm8/LEX/ynd/DsD434zBDBk99H3w9E1o6+3bgxM3yqyDWWvtLkDFEXNDDunu7N B+MLoSon1Lfe611sKv4dyX+eHVjNMKz5O19Pjswu+Y1pXbBw/FGdN5eTiUb+eDotiPx/1Snt Di8DAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/6xGvt4AbhL-SI80FlcfU669Bq08>
Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Nov 2018 15:06:32 -0000

Hi Linlin,

I likewise forgot to look at the list archives for the HTML version.
The proposed changes (from
https://www.ietf.org/mail-archive/web/regext/current/msg01984.html) look
good to me.

Thanks,

Benjamin

On Tue, Nov 13, 2018 at 09:28:34AM +0800, Linlin Zhou wrote:
> Hi Benjamin,
> Sorry that I forgot your email is text/plain.
> Since we'v e already define "one or more <orgext:id> elements" in each <orgext:add>, <orgext:rem> and <orgext:chg> element. So the following text seems a little duplicated and will be removed. I add the text strikethrough and you may not find that.
> 
> The <orgext:add>, <orgext:rem> and <orgext:chg> elements contain the following child element:
>  o One or more <orgext:id> elements that contain the identifier of the organization. The "role" attribute is used to represent the relationship that the organization has to the object. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values.
> 
> This bullet will be removed from section 4.2.5. (May last email add one more sentence "Any given object MUST have at most one associated organization ID for any given role value" by mistake and this should not exist). How about changing like this?
> 
> Regards,
> Linlin
> 
> 
> Linlin Zhou
>  
> From: Benjamin Kaduk
> Date: 2018-11-13 03:48
> To: Linlin Zhou
> CC: regext-chairs; Pieter Vandepitte; iesg; regext; draft-ietf-regext-org-ext
> Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)
> Hi Linlin,
>  
> On Mon, Nov 12, 2018 at 11:15:24AM +0800, Linlin Zhou wrote:
> > Dear Benjamin,
> > James provided his suggestions and I'd like to include them in the updated text. I think this is the last issue we have and please see if these changes workable for you.
>  
> I think this looks good, thank you!  Just one minor thing (in the same vein
> as my comment just now on the companion document)...
>  
> > 1. In section 3.1 Organization Identifier, add sentences at the end of this paragraph. 
> > A "role" attribute is used to represent the relationship that the organization has to the EPP object. Any given object MUST have at most one associated organization ID for any given role value. 
> > 
> > 2. In section 4.1.2,
> > Zero or more <orgext:id> elements are allowed that contain the identifier of the organization, as defined in [section 3.1]. The "role" attribute is used to represent the relationship that the organization has to the object. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values.
> > 
> > 3. In section 4.2.1, 
> > One or more <orgext:id> elements that contain the identifier of the organization, as defined in [section 3.1]. The "role" attribute is used to represent the relationship that the organization has to the object. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values. 
> > 
> > 4. In section 4.2.5,
> >  o  An OPTIONAL <orgext:add> element that contains one or more <orgext:id> elements, as defined in [section 3.1], that add non-existent organization roles to the object. The <orgext:id> element MUST have a non-empty organization identifier value.  The server SHOULD validate that the <orgext:id> element role does not exist. 
> >  
> >    o  An OPTIONAL <orgext:rem> element that contains one or more <orgext:id> elements, as defined in [section 3.1], that remove organization roles from the object. The <orgext:id> element MAY have an empty organization identifier value.  The server SHOULD validate the existence of the <orgext:id> element role and the organization identifier if provided. 
> >  
> >    o  An OPTIONAL <orgext:chg> element that one or more <orgext:id> elements, as defined in [section 3.1], that change organization role identifiers for the object. The existing organization identifier value will be replaced for the defined role.  The server SHOULD validate the existence of the <orgext:id> element role. 
> > 
> > At least one <orgext:add>, <orgext:rem> or <orgext:chg> element MUST be provided. The <orgext:add>, <orgext:rem> and <orgext:chg> elements contain the following child element:
> > 
> > o One or more <orgext:id> elements that contain the identifier of the organization. The "role" attribute is used to represent the relationship that the organization has to the object. Any given object MUST have at most one associated organization ID for any given role value. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values.
>  
> ... this MUST duplicates the requirement from Section 3.1; it could instead
> be "Any given object has at most one [...]", optionally with a reference up
> to Section 3.1.
>  
> -Benjamin
>  
> > Regards,
> > Linlin
> > 
> > 
> > Linlin Zhou
> >  
> > From: Linlin Zhou
> > Date: 2018-11-06 09:18
> > To: jgould; kaduk@mit.edu
> > CC: regext-chairs; Pieter Vandepitte; iesg; regext; draft-ietf-regext-org-ext
> > Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)
> > Hi James,
> > Thanks for your further suggestions. I'll include them in the updated version.
> > 
> > Regards,
> > Linlin
> > 
> > 
> > zhoulinlin@cnnic.cn
> >  
> > From: Gould, James
> > Date: 2018-11-02 20:25
> > To: kaduk@mit.edu; zhoulinlin@cnnic.cn
> > CC: regext-chairs@ietf.org; pieter.vandepitte@dnsbelgium.be; iesg@ietf.org; regext@ietf.org; draft-ietf-regext-org-ext@ietf.org
> > Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)
> > I believe that we need to ensure that the 1-on-1 organization role mapping is consistently defined in the draft.  The definition of the "role" attribute, the possible value can be referenced in section 7.3, and the relationship between the organization id and the role should certainly be defined in section 3.1.  The definition in 3.1 can be referenced in the create (4.2.1) and info (4.1.2), as in "One or more <orgext:id> elements that contain the identifier of the organization, as defined in [section 3.1]."  The update (4.2.5) is a little bit more complex to provide clarity on the behavior of the <orgext:add>, <orgext:rem> and the <orgext:chg>.  The following bullet could be removed from the update (4.2.5):
> >  
> > One or more <orgext:id> elements that contain the identifier of
> > the organization.  The "role" attribute is used to represent the
> > relationship that the organization has to the object.  See
> > Section 7.3 in [ID.draft-ietf-regext-org] for a list of values.
> >  
> > The reference to the <orgext:id> child elements and the expected behavior can be embedded under the definition of the <orgext:add>, <orgext:rem>, and <orgext:chg> elements, such as:
> >  
> >    o  An OPTIONAL <orgext:add> element that contains one or more <orgext:id> elements, as defined in [section 3.1], that add non-existent organization roles to the object.  The <orgext:id> element MUST have a non-empty organization identifier value.  The server SHOULD validate that the <orgext:id> element role does not exist.  
> >  
> >    o  An OPTIONAL <orgext:rem> element that contains one or more <orgext:id> elements, as defined in [section 3.1], that remove organization roles from the object.  The <orgext:id> element MAY have an empty organization identifier value.  The server SHOULD validate the existence of the <orgext:id> element role and the organization identifier if provided.  
> >  
> >    o  An OPTIONAL <orgext:chg> element that one or more <orgext:id> elements, as defined in [section 3.1], that change organization role identifiers for the object.  The existing organization identifier value will be replaced for the defined role.  The server SHOULD validate the existence of the <orgext:id> element role.     
> >   
> > —
> > JG
> >  
> >  
> >  
> > James Gould
> > Distinguished Engineer
> > jgould@Verisign.com
> >  
> > 703-948-3271
> > 12061 Bluemont Way
> > Reston, VA 20190
> >  
> > Verisign.com <http://verisigninc.com/> 
> >  
> > On 11/1/18, 6:29 PM, "regext on behalf of Benjamin Kaduk" <regext-bounces@ietf.org on behalf of kaduk@mit.edu>; wrote:
> >  
> >     On Thu, Nov 01, 2018 at 11:28:10AM +0800, Linlin Zhou wrote:
> >     > Dear Benjamin,
> >     > I found that following sections may be the proper place to restrict the 1-to-1 mapping. I think we can have restrictions in section 3.1 only or in 3.1&4.2.1&4.2.5. I've not decided which one is better and hope to have others' suggestions.
> >     
> >     I'd be happy to hear others' suggestions as well.  I don't have a strong
> >     preference, but if forced to choose would put text in all three places.
> >     (That is, others should feel free to choose "just section 3.1" and not
> >     force me to choose, if they want.)
> >     
> >     Thanks for putting together the proposals,
> >     
> >     Benjamin
> >     
> >     > 1. In section 3.1 Organization Identifier, add sentences at the end of this paragraph.
> >     > A "role" attribute is used to represent the relationship that the organization has to the EPP object. Any given object MUST have at most one associated organization ID for any given role value.
> >     > 
> >     > 2. In section 4.2.1,
> >     > One or more <orgext:id> elements that contain the identifier of the organization. The "role" attribute is used to represent the relationship that the organization has to the object. Any given object MUST have at most one associated organization ID for any given role value. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values.
> >     > 
> >     > 3. In section 4.2.5
> >     > One or more <orgext:id> elements that contain the identifier of the organization. The "role" attribute is used to represent the relationship that the organization has to the object. Any given object MUST have at most one associated organization ID for any given role value. See Section 7.3 in [ID.draft-ietf-regext-org] for a list of values. 
> >     > 
> >     > If we have the restrictions, the 1-to-multiple mapping cases are not necessary to be specified in this document.
> >     > 
> >     > Regards,
> >     > Linlin
> >     > 
> >     > 
> >     > Linlin Zhou
> >     >  
> >     > From: Benjamin Kaduk
> >     > Date: 2018-10-31 20:43
> >     > To: Linlin Zhou
> >     > CC: regext-chairs; Pieter Vandepitte; iesg; regext; draft-ietf-regext-org-ext
> >     > Subject: Re: [regext] Benjamin Kaduk's Discuss on draft-ietf-regext-org-ext-09: (with DISCUSS and COMMENT)
> >     > Dear Linlin,
> >     >  
> >     > On Wed, Oct 31, 2018 at 02:19:45PM +0800, Linlin Zhou wrote:
> >     > > Dear Benjamin,
> >     > > Thanks for your input. We believe that relationship between an object and an organization should be 1-to-1, one organization ID with just one role. 1-to-many is an exception for the organization extension. Indeed that is our concern, "the multiple examples may be overkill". Many thanks.
> >     >  
> >     > I won't object to requiring the 1-to-1 mapping, as the impact of the
> >     > restriction seems minor.  I am not entirely sure where the best place to
> >     > add some text that clarifies this restriction would be; perhaps in Section
> >     > 4.2.1 where we describe the <orgext:id> elements in <create>?  (I assume
> >     > that the formal syntax does not provide for a maxOccurs that applies
> >     > per-type.)  It may also be worth a (non-normative) reminder in the <update>
> >     > description that the semantics of <orgext:chg> are well-defined because
> >     > there is only one entry per role value, but I'm not sure about that.
> >     >  
> >     > Thanks,
> >     >  
> >     > Benjamin
> >     >  
> >     > _______________________________________________
> >     > regext mailing list
> >     > regext@ietf.org
> >     > https://www.ietf.org/mailman/listinfo/regext
> >     
> >     _______________________________________________
> >     regext mailing list
> >     regext@ietf.org
> >     https://www.ietf.org/mailman/listinfo/regext
> >     
>  
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext