IETF Logo Mail Archive

Re: [regext] Eric Rescorla's Discuss on draft-ietf-regext-org-11: (with DISCUSS and COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 08 November 2018 09:52 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18FAB128D09; Thu, 8 Nov 2018 01:52:44 -0800 (PST)
X-Quarantine-ID: <tmQIils87FuJ>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char 9C hex): Received: ...s kaduk@ATHENA.MIT.EDU)\n\t\234by outgoing.mit[...]
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tmQIils87FuJ; Thu, 8 Nov 2018 01:52:42 -0800 (PST)
Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D11812007C; Thu, 8 Nov 2018 01:52:40 -0800 (PST)
X-AuditID: 12074425-ad3ff70000000ff5-89-5be407656502
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id 4F.D5.04085.66704EB5; Thu, 8 Nov 2018 04:52:39 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.14.7/8.9.2) with ESMTP id wA89qZPw032261; Thu, 8 Nov 2018 04:52:36 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) �by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id wA89qSh7002404 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 8 Nov 2018 04:52:31 -0500
Date: Thu, 08 Nov 2018 03:52:28 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Gould, James" <jgould@verisign.com>
Cc: "zhoulinlin@cnnic.cn" <zhoulinlin@cnnic.cn>, "ekr@rtfm.com" <ekr@rtfm.com>, "regext-chairs@ietf.org" <regext-chairs@ietf.org>, "pieter.vandepitte@dnsbelgium.be" <pieter.vandepitte@dnsbelgium.be>, "iesg@ietf.org" <iesg@ietf.org>, "regext@ietf.org" <regext@ietf.org>, "draft-ietf-regext-org@ietf.org" <draft-ietf-regext-org@ietf.org>
Message-ID: <20181108095228.GA54966@kduck.kaduk.org>
References: <154040431305.6967.8110836894354286749.idtracker@ietfa.amsl.com> <20181025174522837431196@cnnic.cn> <CABcZeBMtZXNJR5oAsb8Do995herP010tShq46N_6JZaZxHtp8A@mail.gmail.com> <20181029161835451937137@cnnic.cn> <CABcZeBO5n1WXmaQAkOYBkhtOi6BJXzdnBWxxyskauHjX1myiug@mail.gmail.com> <2018103110254261670452@cnnic.cn> <20181031032312.GF45914@kduck.kaduk.org> <36DF20D1-5898-4403-9EC2-CAFEE8E38277@verisign.com> <20181107164342.GI54966@kduck.kaduk.org> <1C2BE312-7596-425B-9508-82AA45B2A256@verisign.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <1C2BE312-7596-425B-9508-82AA45B2A256@verisign.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrDKsWRmVeSWpSXmKPExsUixCmqrZvO/iTa4NlJfosLlzqZLFa8Psdu MePPRGaLr3v2MFv83TuL2eJl11Nmi6sTjjBa/Pr4ktGBw2PTNUmP75POs3ssWfKTyWPy4zZm j12bG9gCWKO4bFJSczLLUov07RK4Mp5NOMxY8NasYv/z/AbGLYpdjBwcEgImEi8OxHUxcnEI CaxhkujYvpG5i5ETyNnAKPHjMSdE4g6TxKbZs9hAEiwCKhI/f15gArHZgOyG7stgDSICGhLt z18xgtjMAp+ZJI4sEQSxhQWKJXZOucYCsowXaNnEu34QM7tYJD6cOAE2h1dAUOLkzCcsEL3q En/mXWIGqWcWkJZY/o8DIiwv0bx1NtgqTgEHic3zbrCD2KICyhJ7+w6xT2AUnIVk0iwkk2Yh TJqFZNICRpZVjLIpuVW6uYmZOcWpybrFyYl5ealFuhZ6uZkleqkppZsYQZHC7qK6g3HOX69D jAIcjEo8vBKKj6OFWBPLiitzDzFKcjApifKWsDyJFuJLyk+pzEgszogvKs1JLT7EKMHBrCTC e+cfUDlvSmJlVWpRPkxKmoNFSZz3jwhQSiA9sSQ1OzW1ILUIJivDwaEkwZvNBjRUsCg1PbUi LTOnBCHNxMEJMpwHaHgBSA1vcUFibnFmOkT+FKOilDhvAkhCACSRUZoH1wtKZBLZ+2teMYoD vSLMawVSxQNMgnDdr4AGMwENtv4KcnVxSSJCSqqB0ZrL43USz0L/xNxPMir7/X4odcw1TdD5 5jX5xRk12wSW067XTbeFuk/OLJGfK3Bi6/MrfsdMLs1+ci48SX7n+RvSXfXtOyda5KVXTdq1 K+7cxPM5k6Sf7GrZmn4y/MO628sNFSzuOEinX8t3sFL8Ui72VrbyhXiRbeuZLRsnBncvz2Vm /dr0Q4mlOCPRUIu5qDgRAPcuBbE/AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/HCSUCqJjzM2yFzWJBOT7HlubNak>
Subject: Re: [regext] Eric Rescorla's Discuss on draft-ietf-regext-org-11: (with DISCUSS and COMMENT)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2018 09:52:44 -0000

Hi James,

On Thu, Nov 08, 2018 at 07:31:21AM +0000, Gould, James wrote:
> Benjamin,
> 
> 
> 
> How about the following clarifying changes?
> 
> 
> Client status values that can be added or removed by a client are prefixed
> with "client".  Corresponding server status values that can be added or
> removed by a server are prefixed with "server".
> 
> 
> 
> And
> 
> 
> 
> A client MUST NOT alter server status values set by the server.

That works for me.  Thank you for fine-tuning the wording.

-Benjamin

> 
> 
> —
> 
> JG
> 
> 
> 
> 
> 
> 
> 
> James Gould
> 
> Distinguished Engineer
> 
> jgould@Verisign.com
> 
> 
> 
> 703-948-3271
> 
> 12061 Bluemont Way
> 
> Reston, VA 20190
> 
> 
> 
> Verisign.com <http://verisigninc.com/>
> 
> 
> 
> On 11/7/18, 11:43 PM, "Benjamin Kaduk" <kaduk@mit.edu> wrote:
> 
> 
> 
>     [Sorry for the misattribution in the quoting -- the text/plain I'm
> 
>     responding to did not indicate any quoting at all and I'd probably mess it
> 
>     up if I tried to manually fix it]
> 
> 
> 
>     On Wed, Nov 07, 2018 at 11:39:40AM +0000, Gould, James wrote:
> 
>     > Benjamin,
> 
>     >
> 
>     >
> 
>     >
> 
>     > This seems overly zealous to the point of being harmful.  For example, if a
> 
>     >
> 
>     > server sets the status to "ok", a client cannot replace it by
> 
>     >
> 
>     > clientLinkProhibited?
> 
>     >
> 
>     >
> 
>     >
> 
>     > The “ok” status is the default status and not classified as a server status, since it is not prefixed with “server”.  The sentence “A client MUST NOT alter status values set by the server.” means that the client cannot set or remove a server status, such as serverUpdateProhibited.  I hope this clarifies what is defined in the EPP RFCs (5730-5733) and draft-ietf-regext-org.
> 
> 
> 
>     To be clear, I'm solely commenting on the specific wording -- a "status set
> 
>     by the server" is a different meaning than a "server status".  In the
> 
>     dumbest possible reading, the server sets the "ok" status at creation, and
> 
>     the exact proposed text could be read as denying the client from changing
> 
>     it.  So, my point is just "be careful about the way you word it".
> 
> 
> 
>     -Benjamin
> 
> 
> 
>     >
> 
>     >
> 
>     > —
> 
>     >
> 
>     > JG
> 
>     >
> 
>     >
> 
>     >
> 
>     >
> 
>     >
> 
>     >
> 
>     >
> 
>     > James Gould
> 
>     >
> 
>     > Distinguished Engineer
> 
>     >
> 
>     > jgould@Verisign.com
> 
>     >
> 
>     >
> 
>     >
> 
>     > 703-948-3271
> 
>     >
> 
>     > 12061 Bluemont Way
> 
>     >
> 
>     > Reston, VA 20190
> 
>     >
> 
>     >
> 
>     >
> 
>     > Verisign.com <http://verisigninc.com/>
> 
>     >
> 
>     >
> 
>     >
> 
>     > On 10/31/18, 10:23 AM, "Benjamin Kaduk" <kaduk@mit.edu> wrote:
> 
>     >
> 
>     >
> 
>     >
> 
>     >     Trimming to just one potentially problematic suggestion...
> 
>     >
> 
>     >
> 
>     >
> 
>     >     On Wed, Oct 31, 2018 at 10:25:42AM +0800, Linlin Zhou wrote:
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     > Linlin Zhou
> 
>     >
> 
>     >     > ----------------------------------------------------------------------
> 
>     >
> 
>     >     > DISCUSS:
> 
>     >
> 
>     >     > ----------------------------------------------------------------------
> 
>     >
> 
>     >     [...]
> 
>     >
> 
>     >     > [Linlin] Our proposal is to add the lead-in bolded text to match the existing EPP RFC's to the Organization mapping. There has been no issues with the interpretation of the statuses with the EPP RFCs, so it's best to match them as closely as possible. In section 3.4,
> 
>     >
> 
>     >
> 
>     >
> 
>     >     [bold does not work super-well in text/plain mail, but
> 
>     >
> 
>     >     https://www.ietf.org/mail-archive/web/regext/current/msg01912.html can show
> 
>     >
> 
>     >     it]
> 
>     >
> 
>     >
> 
>     >
> 
>     >     > An organization object MUST always have at least one associated status
> 
>     >
> 
>     >     > value. Status values can be set only by the client that sponsors an
> 
>     >
> 
>     >     > organization object and by the server on which the object resides. A
> 
>     >
> 
>     >     > client can change the status of an organization object using the EPP
> 
>     >
> 
>     >     > <update> command. Each status value MAY be accompanied by a string
> 
>     >
> 
>     >     > of human-readable text that describes the rationale for the status
> 
>     >
> 
>     >     > applied to the object.
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     > A client MUST NOT alter status values set by the server. A server
> 
>     >
> 
>     >
> 
>     >
> 
>     >     This seems overly zealous to the point of being harmful.  For example, if a
> 
>     >
> 
>     >     server sets the status to "ok", a client cannot replace it by
> 
>     >
> 
>     >     clientLinkProhibited?
> 
>     >
> 
>     >
> 
>     >
> 
>     >     -Benjamin
> 
>     >
> 
>     >
> 
>     >
> 
>     >     > MAY alter or override status values set by a client, subject to local
> 
>     >
> 
>     >     > server policies. The status of an object MAY change as a result of
> 
>     >
> 
>     >     > either a client-initiated transform command or an action performed by
> 
>     >
> 
>     >     > a server operator.
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     > Status values that can be added or removed by a client are prefixed
> 
>     >
> 
>     >     > with "client". Corresponding status values that can be added or
> 
>     >
> 
>     >     > removed by a server are prefixed with "server". The "hold" and
> 
>     >
> 
>     >     > "terminated" status values are server-managed when the organization
> 
>     >
> 
>     >     > has no parent identifier [Section 3.6] and otherwise MAY be client-
> 
>     >
> 
>     >     > managed based on server policy. Status values that
> 
>     >
> 
>     >     > do not begin with either "client" or "server" are server-managed.
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     > Take "clientUpdateProhibited" for example.
> 
>     >
> 
>     >     > If status value "clientUpdateProhibited" is set by a client
> 
>     >
> 
>     >     > then <update> command is not allowed to perform by a client
> 
>     >
> 
>     >     > If status value "clientUpdateProhibited" is removed by a client or a server
> 
>     >
> 
>     >     > then no limitation of performing EPP commands
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >     >
> 
>     >
> 
>     >
> 
>

v2.23.0 | Report a Bug | By Email