IETF Logo Mail Archive

Re: [regext] Poll messages with unhandled namespaces (was Re: I-D Action: draft-ietf-regext-change-poll-07.txt)

Patrick Mevzek <pm@dotandco.com> Mon, 16 July 2018 18:32 UTC

Return-Path: <pm@dotandco.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0DBB13119F for <regext@ietfa.amsl.com>; Mon, 16 Jul 2018 11:32:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dotandco.com header.b=nC32x8gJ; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=BQBNGL9j
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USDJjXgyBNsS for <regext@ietfa.amsl.com>; Mon, 16 Jul 2018 11:31:58 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50FFD131197 for <regext@ietf.org>; Mon, 16 Jul 2018 11:31:58 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id AFAD2220FC for <regext@ietf.org>; Mon, 16 Jul 2018 14:31:57 -0400 (EDT)
Received: from web1 ([10.202.2.211]) by compute3.internal (MEProxy); Mon, 16 Jul 2018 14:31:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dotandco.com; h= content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=pWOCQAqRHftn7Oevjkec3tsRxP1N/ iC1Cu8ttL6Q0xc=; b=nC32x8gJUf+da7NISswqpx4dTYtqLFpn5s/AgWCK04RT3 6SQc6VjVg5zXshDkr/5T0HPtKOcrM1WWn29DYIDFVrthqzEB8SxQyvaEYwDXtzYt jU67T2S7mQtSViVV8tK0plxrPbT1+KAteKthztYErhaZ+McqE8DQf3U96Wo1BEy3 V5VdRX/LrFEA6EhNaA0dDtWpjRtmc8v2djWjxo0rqaBEiaE7v3jqB1fzLiXB+qu5 GKfc0Mo6YfqWJla3etH3L6mPmtv0FQPGwZoYiF+d5q5ehALhv9mLXWyzvMaXq238 onij+iQDt+wPwws0teurvqd9EGqSA4D1neT8ZIxgw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=pWOCQA qRHftn7Oevjkec3tsRxP1N/iC1Cu8ttL6Q0xc=; b=BQBNGL9jJcmbSx0o9/FeJ+ fCH238tMS2hgtLfQ/RIpG4ANI41cotOOFre83INjaGqNRsT0UqUp9yyOrjQEfbCq wv6RuCnM5KPMi0V+PlUa+1h9SfLVMLz+Fml/NHvuWo7p1YoQdinmyPRI277zE90f LyZV11c50Eq916UsZz6UkCHUgDNjB1TJhrpe/K3EXvX66KVgwTKiEMgwwVGmaHxb kR50QCkaK+MGnndt4MZxM++GQGZEzMgvYiZ7i2vhhZhbX0ezUvXlGkQX5y9lblAC yPEJkO0/2tKaMUr/+LWcjQgSTt4eZhF9kMJ54QhW0s4XWG3TnRgxn1c+qPYsMtNA ==
X-ME-Proxy: <xmx:neRMWyJ55X8VG0eOrdhDmIFvCZxdI8JpvXcAWQ9ZYfeJHmU-3BG8Ww> <xmx:neRMW8hFU6q9a4P4ag90T4Fh7FNKQtxVXHTnzT8xz3L6cFM2VxXWEA> <xmx:neRMW79nGRT-4TuwrDfU-X-WfKVgZLHtp7TxGh-3NtDvBoBvWM9kHA> <xmx:neRMW6hx2zNLEy5rvy1LbOv_cmznaVD4ciX_B9SavM8i5hn3ktDObg> <xmx:neRMW7xd3_TF2FJGzFEdcVOp1YNhq97iJ1zhO_FCY_t23rueHoS43w> <xmx:neRMW8bNyTxhFBf4gxoKIN49nTlLWmq-_W3UWyzkBbMIDWZLUh3cWw>
X-ME-Sender: <xms:neRMWw1cJRIUz4iUVvJjACOPbaTTYeG45Su6ikvLMXPkSnqbyUVd13Tdp7w>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 699D794133; Mon, 16 Jul 2018 14:31:57 -0400 (EDT)
Message-Id: <1531765917.597855.1442619128.1D29C36A@webmail.messagingengine.com>
From: Patrick Mevzek <pm@dotandco.com>
To: regext@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-957169fa
In-Reply-To: <1490ED7C-1EB9-4ABB-AA42-508A27FDAF12@verisign.com>
References: <1490ED7C-1EB9-4ABB-AA42-508A27FDAF12@verisign.com>
Date: Mon, 16 Jul 2018 20:31:57 +0200
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/BbBL1sh-o19ZdHaXVkGE_n5NpaI>
Subject: Re: [regext] Poll messages with unhandled namespaces (was Re: I-D Action: draft-ietf-regext-change-poll-07.txt)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jul 2018 18:32:11 -0000


On Mon, Jul 16, 2018, at 19:58, Gould, James wrote:
> I believe that the login 
> services defines what the server can return to the client, so if the 
> client does not support the DNSSEC extension it is completely reasonable 
> for the server not to return it.  If a client wants to see the DNSSEC 
> information returned they should include the URI in their login 
> services. 

James, please, again, take into account some real life examples that happen today:

registries restrict the use of secDNS at login for only the registrars having passed
a specific accreditation test (trying to login with it without prior registry vetting triggers an authentication error, so the registrar can only do its business if it removes this extension from list at login)
thus, in your case (just removing the content), a registrar not wanting to do DNSSEC and not wanting to transfer
to him a currently DNSSEC-enabled domain will have no way to know that.

And saying to registrars: "then pass registry accreditation tests to be able to login with secDNS and see **others** domain names with secDNS data while you do not want to do any DNSSEC related stuff", is certainly not going to fly...

As long as we take into account only some cases and not others we will never be
able to deliver an extension used by multiple registries.
Also, before anything happen I will be very interested by intention of support
(which means deployment) from registries.

Otherwise, like I said, this problem exists since EPP started so it is not new,
and it seems the current status quo fits most of the player (due to the number of people
having participated here), so we are maybe devoting resources to trying to design
something perfect... that noone will then use :-(

-- 
  Patrick Mevzek

v2.23.0 | Report a Bug | By Email