IETF Logo Mail Archive

Re: [regext] Tidbits after monday meeting, related to registry mapping extension => RFC5730

"Gould, James" <jgould@verisign.com> Fri, 20 July 2018 19:31 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3190130DFC for <regext@ietfa.amsl.com>; Fri, 20 Jul 2018 12:31:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sprZyyjzuFuJ for <regext@ietfa.amsl.com>; Fri, 20 Jul 2018 12:31:47 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07F5E130E27 for <regext@ietf.org>; Fri, 20 Jul 2018 12:31:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=5014; q=dns/txt; s=VRSN; t=1532115107; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=BED9FBMPnc9KYFzVcprQ6rS7tbK+O6DSNEb3Lath0f0=; b=INLw0CgLL8am46cDZ3vACnJYO1WETfPgwt77b1TvGLG0rg5PyifS2/jP 4YKHiL6DT5651taDF4hPRhAYPgN8MnJaZmTMvPRFOvLIYxiV0ZBvnnwyD bSyavqTMoHYPw9gdjsOnxcYhfHEZE51XAGu31zGSDx7dQ3lItSN9Lxgvv R662cOZVvYcz7thziWM0tSFB6XyoQWskyr2A1Xs2KboAoXxSwtvoe7ztx vpBm0jwxsXo4agV9zdVhKbaL2iqafALY5MpWY/n5u1d7dQtpG+BaolZL2 3v66fpHGI3V265C7SqBUzwKBxqOQDmy3QnGEpTQcysJaZvuaffi+4gSsU w==;
X-IronPort-AV: E=Sophos;i="5.51,380,1526342400"; d="scan'208";a="7231314"
IronPort-PHdr: 9a23:3dsvvh1VKF9fotTesmDT+DRfVm0co7zxezQtwd8ZsesWKvvxwZ3uMQTl6Ol3ixeRBMOHs6wC07KempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9JDffwRFiCChbb9uMR67sRjfus4KjIV4N60/0AHJonxGe+RXwWNnO1eelAvi68mz4ZBu7T1et+ou+MBcX6r6eb84TaFDAzQ9L281/szrugLdQgaJ+3ART38ZkhtMAwjC8RH6QpL8uTb0u+ZhxCWXO9D9QKsqUjq+8ahkVB7oiD8GNzEn9mHXltdwh79frB64uhBz35LYbISTOfFjfK3SYMkaSHJBUMhPSiJBHo2yYYgBD+UDM+lYrpXyqVQBohalGQmjH+bvxiNUinLs36A31fkqHwHc3AwnGtIDqHrYotTyNKcPVeC60bHExijHYfxM3Dfy9pPIfh48qvyLX7Jwfs3RyVQrFwzYlViQt5LqPymU1uQWsmib4OxgWfizhG4grgF8uz6izdoihInOg4Ia0FHE9SNhzYYrO9K4Uk97YcWlEJtfsSGaNo12Td84T250vyY6z6UKuZ+lcygWxpQr3Rnfa+aIc4WO/xntV/6RLC9liH55Yr6zmhS//Ea6xuHhVsS53kxGoyVBn9XUq3wBywbf5tWFR/dh5EutxDmC2gPJ5u1ZIk04jaTbJIAiz7Isk5cetF7MEyzylUrtiaKbeFso9fWp5uniebrrop6ROo1xhwzwPKkjmNGwDOIlOQYURWeb4/6z1Lj78E38R7VFk+M5n7HCsJDfOcQbvqm5AxJJ0oo76xawETOm0NMAkHQaMFxLYA+LgIjxNV/BIf/0Eemzj06ykDh3wPDGJKXhDo/XIXfeirvhY6x961VayAYp0d9f4JdUBqkAIPL1REDxqMTVAgIlPwCu3urqCttw2pkDVW+PDKKVKqzfvFuQ6uIqOeaMZYsVuDjnK/gi4v7jlX05mVAafam02ZsYdWu1Hup4LEWDYHrsmdYBEWgMvgYkUOPqj1iCXSZJZ3muR6I8+i07CIW+AIfbQ4Cgm6GO3CCnHpJMYGBJF0yDEXDye4qYXPcMbTqYItV9nTwcSbihV4gh2Am0tADkxLpoMOXV+jEDuJLiytd1++PTmQs19TxuAMTOm12KGll9gnkJTDx++a1hs0F+ggOb1IB0hOBRE9BY4LVCVQJscdaW1eF1BsDucgPMYtnPT0ypCJ3yGzw+Q8It694Df0g7HM+t2EPtxS2vVvU6kKGPCNh80KvZ0mO7b5J/xHHb0KUJkVQ8Q9BOOmvgjal6oVuAT7XVmlmUwv75PZ8X2zTAoSLalTKD
X-IPAS-Result: A2GGBAC5N1Jb/zGZrQpSBwMcAQEBBAEBCgEBhDCBJwqDdJYeg1ySBIE/Fx0HCxgLC4N4RgIXgxc2FgECAQEBAQEBAgEBAoEFDII1JAEOLxwvCAEFAQEBAQEBJwEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQgCCAc1EgEBGQIBAwEBIRE6GwIBCA4MAh8HAgICJQsVEAIEAQkJgyABgg6sKYEuilWBC4lPPoE4DIIwLoFBgVgBAYE1KwwLCiaCOjGCJAKZbAMGAoYPgi2IN0OLaogDgj0ChzgCBAIEBQIUgUgCggJwFTsqAYI+CYIoHIM0hRSFPm8NI4osK4EBgRsBAQ
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1466.3; Fri, 20 Jul 2018 15:31:45 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%5]) with mapi id 15.01.1466.003; Fri, 20 Jul 2018 15:31:45 -0400
From: "Gould, James" <jgould@verisign.com>
To: Patrick Mevzek <pm@dotandco.com>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] Tidbits after monday meeting, related to registry mapping extension => RFC5730
Thread-Index: AQHUHaEZ7p/yFkZBOUm+UeGsowgjYKSYhVIA
Date: Fri, 20 Jul 2018 19:31:45 +0000
Message-ID: <D273066D-3998-4084-A8F0-05951B2AD5EC@verisign.com>
References: <1531812793.3821313.1442996256.7A640353@webmail.messagingengine.com> <1531813069.3822236.1443238816.5A534724@webmail.messagingengine.com>
In-Reply-To: <1531813069.3822236.1443238816.5A534724@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.e.1.180613
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <1D16DACBCE68B24EB321274A896044AC@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/NRCrM28gLT6mny6BQ0RETk7zw0w>
Subject: Re: [regext] Tidbits after monday meeting, related to registry mapping extension => RFC5730
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 19:31:50 -0000

Patrick,

Thank you for this information.  I provide feedback embedded below.  Our goal is to address the crosscutting policy choices, so it's important to understand how many registries implement the policies (many, some, few, or just one), where "just one" or potentially a "few" may be best suited for the registry or registries to define a policy extension.   

  
—
 
JG



James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/> 

On 7/17/18, 3:38 AM, "regext on behalf of Patrick Mevzek" <regext-bounces@ietf.org on behalf of pm@dotandco.com> wrote:

    Specific points related to RFC5730:
    
    * clTRID is optional; but some registries make it mandatory

JG - Does this apply to all commands sent to the registry system or is it a policy that applies at the zone-level (e.g., .FOO requires the clTRID but .BAR does not require the clTRID)?  The reason that I ask is to determine where such a policy would be defined at the system-level or at the zone-level.  How many registries implement this policy (many, some, few, or just one)?  

    * some registries do not allow some commands, like contact:transfer being not implemented (this is very frequent)
    or even sometimes contact:check (especially if registrars do not control their IDs), or other operations.
    Should that be specified somehow?

JG-yes, I can see this.  I assume this policy would be classified as "many".  It may make sense to add a <registry:supportedCommands> element that supports an "all=<boolean>" attribute along with a list of sub-elements to identify which commands are supported.  Such an element would be used under each of the objects (domain, host, contact).  In draft-gould-regext-launch-policy, the policy associated with the check forms and create forms supported by the zone kind of matches this use case for the operations supported by RFC 8334.  

    * for domain:info you have the hosts boolean with 3 values, not all registries are supporting all 3 cases.
    
JG- How many registries implement the policy of support for a subset of the "hosts" values in RFC 5731 (many, some, few, or just one)?  If this needs to be added, I would imagine  that we would need to include a list of the supported host values; although this is certainly not compliant with RFC 5731.  

    * also, some commands, like updates may always be asynchronous (return code 1001), should that be specified?

JG-I believe it's good enough to include "pendingUpdate" in the list of <registry:status> sub-elements of the <registry:supportedStatus> element.  The client then knows that an update may result in a pendingUpdate.
    
    * for authInfo: <registry:authInfoRegEx>:  The OPTIONAL regular expression used
               to validate the domain object authorization information
               value.
    I do not think again that a regext will solve all problems. For example some registries say:
    with at least one uppercase and one digit and one "special" character. This is hard to express in a regex
    as the position does not matter.

JG-A regular expression can precisely define the required syntax.  Yes it may be hard, but a client can directly pull the regular expression for execution on their side.  I would like to hear from a registry that can't express their policy without the use of a regular expression.  

    
    -- 
      Patrick Mevzek
    
    _______________________________________________
    regext mailing list
    regext@ietf.org
    https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email