IETF Logo Mail Archive

Re: [regext] I-D Action: draft-ietf-regext-change-poll-07.txt

"Gould, James" <jgould@verisign.com> Mon, 16 April 2018 14:03 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C8E4126E64 for <regext@ietfa.amsl.com>; Mon, 16 Apr 2018 07:03:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQSQ-8D_Vhb0 for <regext@ietfa.amsl.com>; Mon, 16 Apr 2018 07:03:18 -0700 (PDT)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43A14127137 for <regext@ietf.org>; Mon, 16 Apr 2018 07:03:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=47737; q=dns/txt; s=VRSN; t=1523887398; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=b7SDMQNkjLM8yKtMOC3bp4BHzBUObWL2Pkpd8Uk28yA=; b=hM2QOwXNos31chdIiBGbIiak+rPeeYykOX/VHWeSfNYYT3jOLhMvM71R nRgC+ufrl7SVcTn9csTLF2DaMTnnL3DHdcCg8+NmTVD09A35sVzJWWbMJ TUDpvi/Mad6b7TpSoHi3PoBYTYPkODFf2hjI5RzU9dhslbpfgSO/uqstC obaS/XyNgJ7EmAdeflUkEqubfSlM8QZzElyvYCtEvNI+zpYyNi1kg6tWu Il9gPBWHupbu2RwlOfRrGAOcvgrzAfqiBHviheBXO4+OYo+SR6EvOG7Rc BCKI38pXLnGFwQFNzHX4ApqTDinSXuoL5BjG4uhXjv77Oia9nsX7EvqFw g==;
X-IronPort-AV: E=Sophos;i="5.48,459,1517875200"; d="scan'208,217";a="6407265"
IronPort-PHdr: 9a23:NtIcrh++BXRQO/9uRHKM819IXTAuvvDOBiVQ1KB21u0cTK2v8tzYMVDF4r011RmVBd6ds6oMotGVmpioYXYH75eFvSJKW713fDhBt/8rmRc9CtWOE0zxIa2iRSU7GMNfSA0tpCnjYgBaF8nkelLdvGC54yIMFRXjLwp1Ifn+FpLPg8it2O2+55Pebx9UiDahfLh/MAi4oQLNu8cMnIBsMLwxyhzHontJf+RZ22ZlLk+Nkhj/+8m94odt/zxftPw9+cFAV776f7kjQrxDEDsmKWE169b1uhTFUACC+2ETUmQSkhpPHgjF8BT3VYr/vyfmquZw3jSRMNboRr4oRzut86ZrSAfpiCgZMT457HrXgdF0gK5CvR6tuwBzz4vSbYqINvRxY7ndcMsaS2RfQ8hRSyJPDICyb4QNAeUBPPpXoIbmqlQUsRe+ABOhCP/1xzJKgHL9wK000/4mEQHDxAEsEdMAsHPJrNXxKageSf2+wq3SwjXGcfxWwjnx45XPfxAjrvGMWq9wcc7MxkQ0CQPKkE+QqY3+PzOU2eQNtXKX4PZnVeKqkmMqrRx6rDaoxscpkIbJh4QVx0ja9Spn2oY1JMa4SE90Yd6iEZtQsT2VO5FqTcMlRmFkoCc6xaMauZ61ZiQKz44nxxHZZveacIaI+gruWPuNLTtimX5oeryyiwyv/UWgxODwTNe43VlKoyZdj9XAqmoB2wLc58WGUPdx40es1SiV2wzN6uxJJ10/m7DBJJ472LEwk4IesUHEHiDrhkr7lLSWdkA4+uiw7OTnf6nmqoecN4BqjgH+NbwjldelAeQ+LwQOW2ea+eGm273i+U35R6hKjuEqnqXHqpzaO9oUprS4Aw9O04Yj5BC/Ay2639QfmHkLNFNFeBSZgIj1I1zCPez0Ae2ij1munjpn3e3KM73vD5nXMHTOn7fsca5460FGyQozyd5f54hTCrEEOP/zWEDxtNvFDh89LgO52PjnB8tn1oMfQmKPA6CZMKXIvVCU4eIvJvGAZJUJtzblN/gl+/nugGcjmVADcqmmw5QWaGyjE/RnPUqZfXTsjs0GEWcQsQo0VPbqh0GaUT5Pe3ayWLox5ik+CI+9EIjDQZytj6aH3CimApJWYXpKBUyLEXftJM24XKI0YT6II8Ri2hkJS6qsSMd1zRSGuAjmwrxrJe2S8Sod49arnsJ46ODDiTkz+CB6ScOH3CvFG3t5kW4YWxc30bxx50tnxQHQ/7J/hqkSOttO4/8NGiUzMJPHhaQuCd/1RwbNVsmEUle9Q9qgRzo2S4RikJc1f09hFoD63Vj41C2wDupQzuTTCQ==
X-IPAS-Result: A2HPAACZrNRa//WZrQpZAx0BAQUBCwGCTUaBEBeBCwqDXYgCjmQhEX6SaIFAFyEDCxgBCgiBT4I+SwIagks0GAECAQEBAQEBAgEBAoEEDII1JAEOLxwhCAEFAQEBAQEBJgEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQgCCAcvEgEBGQEBAQIBAQEhCkEQCwIBCA0BIAEJAQkCAgIlCyUCBAESG4QOXBekDRGBIIIchFeDZYIviVs+gQ8jDIFdf4MRAQGBSiILCiYBAYI3MIIkAowEi2ADBQKFV4UlhHA7il2HMIF6AoZMAgQLAhMBgSUcggtwFTsqAYIYCYIXF4NFhRSFPm8NI4tFDR6BAYEXAQE
Received: from BRN1WNEXCHM01.vcorp.ad.vrsn.com (brn1wnexchm01 [10.173.152.255]) by brn1lxmailout02.verisign.com (8.13.8/8.13.8) with ESMTP id w3GE3FU1018818 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 16 Apr 2018 10:03:16 -0400
Received: from BRN1WNEXMBX02.vcorp.ad.vrsn.com ([::1]) by BRN1WNEXCHM01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0301.000; Mon, 16 Apr 2018 10:03:15 -0400
From: "Gould, James" <jgould@verisign.com>
To: Patrick Mevzek <pm@dotandco.com>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] I-D Action: draft-ietf-regext-change-poll-07.txt
Thread-Index: AQHTmTjzmewJcqSoVUmmrJyNES69SqOMykaA///ttgCAAb8LgP//w4sAgGQxAoCAEXlMAA==
Date: Mon, 16 Apr 2018 14:03:14 +0000
Message-ID: <58605AC6-A8B3-4428-A71E-580E6BC01EFF@verisign.com>
References: <3266784A-E663-4465-8ABF-A3305B83C253@verisign.com> <e7916b75-1555-14e3-43bc-644059cd68f0@switch.ch> <605AC23F-D7B3-4A37-876E-45EC8E6BEEB8@verisign.com> <84309e91-dbe9-8865-fd06-528266aa93e7@switch.ch> <FAFB62AE-C0D1-4D74-888C-00C632D73211@verisign.com> <1522912361.3587146.1327243736.6AB5A07D@webmail.messagingengine.com>
In-Reply-To: <1522912361.3587146.1327243736.6AB5A07D@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.b.0.180311
x-originating-ip: [10.246.152.25]
Content-Type: multipart/alternative; boundary="_000_58605AC6A8B34428A71E580E6BC01EFFverisigncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/U3PASmA2EjKQC99lKedOyXRs5WY>
Subject: Re: [regext] I-D Action: draft-ietf-regext-change-poll-07.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Apr 2018 14:03:26 -0000

Patrick,



Thanks for your thoughts of the 4 options presented for handling the returning of a poll message that the client does not support based on the client login services.  To note, this is not specific to draft-ietf-regext-change-poll, so it is an important topic for defining a generic solution for all poll messages.  I re-reviewing the options, I believe option 4 is the only option that is protocol compliant and that would not result in a poison poll message.  I provide a response to your feedback embedded below prefixed with "JG-".  For option 4, I propose to define a simple <msgQ><msg> ABNF formatted message that indicates what poll message service namespaces (object or extension) are not supported are therefore not returned by the server.  A poll message may include multiple EPP services (object and extensions).  It would be up to the server to filter the services not supported by the client and add the service namespace to the encoded <msgQ><msg> element.  The <msgQ><msg> element is defined as mixed with a sequence of any elements that skip processing, which means that we can mix XML with text without causing negative side effects on the client-side.  Any attributes for a non-supported service (object or extension) can be retrieved from the server out-of-band using the message identifier (<msgQ> "id" attribute).    I propose supporting a list of <notSupported> XML elements appended to the end of the <msgQ><msg> text.  Each <notSupported> element contains the XML namespace of the EPP service (object or extension) that is not supported by the client.  The ABNF for the <msgQ><msg> element is:



msg                   = msg-text *LWSP *(not-supported-service *LWSP)

msg-text              = *VCHAR

not-supported-service = “<notSupported>” 1*VCHAR “</notSupported>”



The following is an example of a Change Poll Message where the client does not support the Change Poll Extension:



<?xml version="1.0" encoding="UTF-8"?>

<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">

  <response>

    <result code="1301">

      <msg lang="en-US">

       Command completed successfully; ack to dequeue</msg>

    </result>

    <msgQ id="202" count="1">

      <qDate>2013-10-22T14:25:57.0Z</qDate>

      <msg>Registry initiated update of domain.

        <notSupported>urn:ietf:params:xml:ns:changePoll-1.0

        </notSupported>

      </msg>

    </msgQ>

    <resData>

      <domain:infData xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">

        <domain:name>domain.example</domain:name>

        <domain:roid>EXAMPLE1-REP</domain:roid>

        <domain:status s="serverUpdateProhibited"/>

        <domain:status s="serverDeleteProhibited"/>

        <domain:status s="serverTransferProhibited"/>

        <domain:registrant>jd1234</domain:registrant>

        <domain:contact type="admin">sh8013</domain:contact>

        <domain:contact type="tech">sh8013</domain:contact>

        <domain:clID>ClientX</domain:clID>

        <domain:crID>ClientY</domain:crID>

        <domain:crDate>2012-04-03T22:00:00.0Z</domain:crDate>

        <domain:upID>ClientZ</domain:upID>

        <domain:upDate>2013-10-22T14:25:57.0Z</domain:upDate>

        <domain:exDate>2014-04-03T22:00:00.0Z</domain:exDate>

      </domain:infData>

    </resData>

    <trID>

      <clTRID>ABC-12345</clTRID>

      <svTRID>54321-XYZ</svTRID>

    </trID>

  </response>

</epp>



The following is an example of a Change Poll Message where the client does not support the Domain Mapping and the Change Poll Extension to show the many case:



<?xml version="1.0" encoding="UTF-8"?>

<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">

  <response>

    <result code="1301">

      <msg lang="en-US">

     Command completed successfully; ack to dequeue</msg>

    </result>

    <msgQ id="202" count="1">

      <qDate>2013-10-22T14:25:57.0Z</qDate>

      <msg>Registry initiated update of domain.

         <notSupported>urn:ietf:params:xml:ns:domain-1.0

         </notSupported>

         <notSupported>urn:ietf:params:xml:ns:changePoll-1.0

         </notSupported>

       </msg>

    </msgQ>

    <trID>

      <clTRID>ABC-12345</clTRID>

      <svTRID>54321-XYZ</svTRID>

    </trID>

  </response>

</epp>



What do you think of this proposal?



—

JG







James Gould

Distinguished Engineer

jgould@Verisign.com



703-948-3271

12061 Bluemont Way

Reston, VA 20190



Verisign.com <http://verisigninc.com/>

On 4/5/18, 3:12 AM, "regext on behalf of Patrick Mevzek" <regext-bounces@ietf.org on behalf of pm@dotandco.com> wrote:



    On Wed, Jan 31, 2018, at 18:11, Gould, James wrote:

    > Yes, there is no great solution to the problem of including extensions

    > (object or command-response) in poll messages to clients that don’t

    > support the extension as indicated by their login services.  So, to

    > clarifying for the list, there are 4 options that include:



    I favor option 1 (return the extension independent of the login services) from your list.



    And now for my detailed rationale about that:



    - the list of extensions at greeting/login time do not convey enough semantics, like for example which extension is mandatory for login (especially complicated when the registry offers at the same time multiple versions of the same  extension). The registry can only react by refusing the login, hopefully with a good enough error message, but nothing is guaranteed here.

    So for now, this kind of information is lost in documentation (James, another useful data item to have in the Registry Mapping in fact).



    - the registrar has to specifically acknowledge a message, after having seen it; so the responsability is on him.



    - poll results, aka notification messages are by definition not real time: a registrar could as well download them all, store them locally in some way and parse them later, including later when he has a software capable of understanding them



    - some registries let registrars choose, out-of-band, which kind of notification messages they wish to receive; hence when this feature exists it should again be the burden of the registrar to make sure it receives the notification it needs to receive.



    - giving the registrar all messages, irrespective of its choices at login time, is also the case giving less work to the server.





JG-I don’t believe the server returning something that the client does support based on the login services as being protocol compliant.  There is the issue of the message becoming a poison message for validating clients.  The Verisign EPP SDK does support XML schema validation of the responses by default, where the server returning an XML namespace that is not configured on the client-side will result in an XML parser error and result in a poison poll message.  The XML schema validation can be disabled, but it really should not need to be disabled if the server is protocol compliant.  The Verisign EPP SDK is one example of a validating client that would have an issue with the server returning a poll message independent of the login service.  I don’t view this as a realistic option.



    >   2.  Return an Error (e.g., 2307 “Unimplemented object service”) to

    > Poll Request for Unsupported Poll Message



    This would be hugely detrimental for registrars because this would block all of their queue for one message about something maybe that they explicitely do not care about and have not implemented the relevant extension.

JG-I agree that this will result in blocking the queue, which I refer to as a poison poll message.  I don’t view this as a realistic option.





    >   3.  Return a Successful EPP Poll Response with an Extension Element

    > that Indicates Lack of Client Support



    If this means the original message is lost, I think it is a show stopper.

    And if the registrar was not inclined to code a parser for some registry notification that forces the registry to respond with this case, why should we imagine that he would have coded the parser for this new extension also?



JG-I agree that creating a new extension for this runs into the same issue of the client not supporting the new purpose built extension.  I don’t view this as a realistic option.





    >   4.  Return a Successful EPP Poll Response with an Encoded <msgQ><msg>

    > Element Indicating Lack of Client Support



    Same remark. Also <msg> is defined as a human-readable element content, hence

    I do not think it is good to overload it with other data in it formatted

    in some way. XML is a format, if you need to carry some formatted things it should be using XML elements/attributes, and not be serialized in some way in a string element.

JG-I agree that this is not perfect, but it is the only option that is protocol compliant, that will not result in a poison poll message, and will enable the server to convey to the client the XML namespaces of the services (object and extensions) that they can request the attributes out-of-band using the message id.





    --

      Patrick Mevzek

      pm@dotandco.com



    _______________________________________________

    regext mailing list

    regext@ietf.org

    https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email