IETF Logo Mail Archive

[regext] Clarifications on server error responses in EPP over HTTP (draft-loffredo-regext-epp-over-http )

Eric Skoglund <eric.skoglund@internetstiftelsen.se> Fri, 08 November 2024 09:13 UTC

Return-Path: <eric.skoglund@internetstiftelsen.se>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 370ACC1D8759 for <regext@ietfa.amsl.com>; Fri, 8 Nov 2024 01:13:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=internetstiftelsen.se
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S98pC9v_JBGs for <regext@ietfa.amsl.com>; Fri, 8 Nov 2024 01:13:40 -0800 (PST)
Received: from GV3P280CU006.outbound.protection.outlook.com (mail-swedencentralazon11020077.outbound.protection.outlook.com [52.101.75.77]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24454C1DA1D3 for <regext@ietf.org>; Fri, 8 Nov 2024 01:13:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=OME6WcHdgLXsyIgG9J8bVsholmfTZY33oLu1hy3FzlQZIECWw0NwVyPtzgtHbkGTp4fUSsw7G2MQ92MQk9R/wOA45L3SO1Mowm2GLPF6De8JgatVDIqwbVIDtSnZPr+C0pm0EdlXblof6BKXrXhvapacRCbW6sbJOBrNEmcEJwQTrA4VUZS1i4T8y4+BHslcftyDM2tN2MEmaizJ70xc3sg3Sz9C+ZK2PoVywM832zBA4ivwAzf6U7E2nyb7kgZklcVIfmt82gEkKfQfM3jAW03qAmhnvzwc4bgnQUG+18948Fz4jK7eHI1NtI2WH/iXu1x4AgiJqmVlSxELi/Nmgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tSupLCnp5YhlPBUhG0Lhepskf6OWf0Oz2h9VxNgXyeM=; b=U0FrjQQHc3vj94rPTu6QOsfFTAG1WpGmboCjqMZuKmMweBbOHKZam7nQG6tXyGHSWDNBUS0aO88ofyOtJ5XLJe+hGVLYxZfFiW4t/nYiu8E7/P2teLhSn8luz3MpV49FKIzbcCxVeW1fi3m+uTWLAo7+0YW7qdKMUY4WoxiUH/VInaHeQR1lgDnxSSl7NDuZAXORv6om2OlMyKaluehflS06be3r3Pr+JdRmoCds/F6CVwgg9gLAMczoWgiucxcK5YosaG/5eRU/Vmuc7jzA2doX2l5GcO+NFvDp4JV0obNCAtFhwtfUQsNxQTrm0BySNwm6CSb37M04wzIAK5IqUQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internetstiftelsen.se; dmarc=pass action=none header.from=internetstiftelsen.se; dkim=pass header.d=internetstiftelsen.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsen.se; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tSupLCnp5YhlPBUhG0Lhepskf6OWf0Oz2h9VxNgXyeM=; b=n3lL6014q5/9Dj9vEf23JBZpJnrqzwIJwByLSZYGslhYnbVs+bceswGOtu/eKl2ktfAvf4dP/Vge67jm98db4N+uflF/r5XD4izShR7wiAHsrFwJrVVnmeXtEetYOSCb0pxaslT961YSko0XXYW79MOQD1xV3GK8v6K1R7UI6ilKL5xX9LGx/owMDPpIzg6XGP9vBJrbtH3A4as6+6XSqmDdK8Zv1IFlRDDp3sBZ50HfrhC0G6qZLUV8wB1eQzZ5OIVuMn91zAnzpHaO1u4inQ9qwNuTqgqN6IXyp8LWXdAM3rKdxH1nACGLXahSpAjN3EJkcFQLh9wbdSe19s/cFg==
Received: from GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:46::7) by MM0P280MB1817.SWEP280.PROD.OUTLOOK.COM (2603:10a6:190:1a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8137.21; Fri, 8 Nov 2024 09:13:33 +0000
Received: from GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM ([fe80::80f8:ab50:f055:bf82]) by GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM ([fe80::80f8:ab50:f055:bf82%4]) with mapi id 15.20.8137.019; Fri, 8 Nov 2024 09:13:33 +0000
From: Eric Skoglund <eric.skoglund@internetstiftelsen.se>
To: "regext@ietf.org" <regext@ietf.org>
Thread-Topic: Clarifications on server error responses in EPP over HTTP (draft-loffredo-regext-epp-over-http )
Thread-Index: AQHbMQyRZu6EgUP8nUeyAXPAjf1inQ==
Date: Fri, 08 Nov 2024 09:13:33 +0000
Message-ID: <GVZP280MB0283586AF6DA4F03CE380497E45C2@GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_Enabled=True;MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_SiteId=c2aa68f8-18f3-48ae-81ba-02301d121d9a;MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_SetDate=2024-11-08T09:13:32.854Z;MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_Name=All Employees (unrestricted);MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_ContentBits=0;MSIP_Label_5d3b1a09-b542-4fe0-b34d-fbe9ffe8d124_Method=Standard;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=internetstiftelsen.se;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVZP280MB0283:EE_|MM0P280MB1817:EE_
x-ms-office365-filtering-correlation-id: 88096456-4f41-4b23-50cb-08dcffd59e6a
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018|8096899003;
x-microsoft-antispam-message-info: sPJ1d9z/Goz8kJyl9YoisR4YeEXwewA4KoNNx/XeWR5sLhLePWypdJBvTcUz594b0D/yVNFvNjvGr/uZxZ5JsFtU/GvMa4DQEV8xfhxoeCXAukNtnM8oMCSLpCgP/cWJDmSt7Li87rqtXUulu2WuOgPZyGknCu9/bGAlHRLsHdpoXUOA4E7d4A71+6QDXoQf1JIR+X/uws8F1xOyLOF5A34clSqaorLykXhYmxYYIH16DbNQChUZV36GhWDALMgPS3cgzSDROBk73MOhgplA+NaO3TZPWzGT+YUtoikg0rU3BJGY/VFyLr8mr7YayEQTWqYMbr3Zdcb6Vx3StdYeoG1IQ5G6TjutHGcZn+WFbgs3nWbjskCM8E/7vYMmDDRJ+1M6ptywZKmvEcciK1rOKdg19sX936VeQ4c13VGV/4wLDRU3Bxnw5uyZbdlToIvEdCzDFEY6yfkd7dpBcAGmL70xxVdJYPRbP+/4vCX3ZSFhfnF6fVdedYDFyb+tsnbo7H7tNsQFQCj+e0enFW+CMLtK6mwDII6ydtB04AMqeuZdoYAk9jNR4/S3f5Z7ArfXzd+u3XBiKk/Vv6k3IWybCKdrPevnou6rz9nbTdww8tiTk1aPHX6V0yzcC6dN4Cu8/Dwd6392zjY1Jzcl1H2IWn/OkwrqdSwDzy7pMbPGP+BSFjtQig2LjPvElOqFIemP8mkusaG/dvL697xOdQnysINg7Z09x25NUdyHZwPQSAmUdcvdzQFIymeeRll4qb9TZ1sAGUfA6rAn+bTGW5CKifGl/le+8/B4FbM8yCuPjGatkDZJrV+iHCspAPr25W2jPoPmX/eW4qqAJNe2Hg5CKp9jl6bXh9Q//A8BVY+f/WOREMnKACjaircUsI8iyJjeek5Uh0+h1/RGRWA/O93aiWV4ZSHmFdGBt5h7llS4FWAdbj/BdJQ6EZwTbl7UxDNDctFTd2vKh0E3RTEeeXt+SQ3jV73xNcCniTpr0NEnvYPtELMKmhteWuICDdkLeb67vusldZ1N3e9r5XJvW8Fq64HmsXkm13Zqsa+F990g1lGvRc4Opc0HCLpgybXGAfkH7VquWWUL57Tx5DT2pL5M2dES8zDf8/tg71hlTuHG2lWgQ0GTOmvAx0cD0Ua8e6pfi1teHcD1qcIeXgERo/bEd+Mp+blCr31PpgMsbJ+JsKCNZiC/5gKNfj8HaNuEoPXBkmCiS+uKo/r1mly8lBGGBI5eHagjiHSBVFsriXxjBgn+zFSy2D0jD57wl6W/L/KKNpClXH21fx2aYxiwyJiHVpGyX7Pbn2+FO3/4RiOrIo9b4sapD259S4UumRjYNQIFq+48wQua5aX0EgC5cxSg9F/ZaVfwatOzS13Cxm+YdXw=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018)(8096899003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1iteODV6yB6/9NOEmI75qtB+473ssHhg7NLU451FXgeyBUbArhanSKeBT9I4W4FMdLaH0XHCOM+OenALy+So38T/McAD9kthfI2mfE5MWdKlTdAoWWVXpYUG96/AXLkmPVLrldHAkKqUXh6IZpSWlM7ijaUq4BR0AHslNjl42P1YZzlgbpgX7e8XQ8RI8V9EdEn9I5b8IIFYLjQS2Ze14cmak+G6zx+yvpxn1pmauFvsTQDPsEjiRz5PZaRxfTuE3QI/MismD4O1M7m2JSpLu/5JEU6wfYlFUnxjOj8JGEiDvze+wM+dFMVmmgGDPPfwlmsx4HvKV4iUQfWeKfWkmWFkbbHsxhKEx6cbtvGbmGwZ/iff8m1+PyV20vxPHQclf+VGAyeK+sdm8lacEqVU+FEkrgnL+VznDwrAXiJxSAvb4u/gFQF2Jw5flvDN6hiKGSdhwHOFDu709BMSP1arEyofv5rYkHtu0YjF2lxVW+jc1K58sxWWGbMAHn5geB0Daq+UP4WHAWfemeBQIgUWqXVHqKRThTKwXAgq6i8zCQ1nfguAuLrUgSP0WZwauYSZTpjM8cRRF2MtY74LHlSGTt5gPnj0lnXQ4a2Fy90Xz+Ogx6o0dAb5z6OLt8+d6axqSu2Dt0CAo82NeM0HtLgnE0g4a/BFpsJewB5wFE4HbZZ+lwATlczYMXBLTnn3Ri9CHHppLXguWKa/vbkg4+T/JHsuxljwy5X25xELb9yRh3yUdy8HUi4ImYHt1gG5L1AefZaTJ4OIquqp0nAm5p6B0GiCMQsUMkEQB1f12t1ujXY9Nx6GeE1J7ERllWLmIE7G0AWxWznB7tKw6ynChpFKkDehzZG0SJZaqouRG8DGN+zvDSJc5omhi22QRiJdo6crwbFk3a7bwwRpBUCM4eYI1Yfy7cCLrtsJpTf4+tK52LQUT4vs/wFu3woup2qVgBL0cZFZufBDfZ58b00kNH69cquTfbgO/96HJs9p+GTxZG5nr7XZTMA+YazTPHPeqwMvrH1w8Wla29jGWpexlYJdBbOzmFhaboK+LoVnANPmpxY35n7JnBuintX+Pj71KmJgEgflMmYhLaxwgY8zwEgGe3cezBixgPGoMeyB1Uzx/yTxJ6eBjFECzGGjSuCCF+IVOR/jPEVmUMljsDOSxtx5Ga1a8wrqk9JsNHOGG+EAO7Y8QyVgwmVY4tkG0T5iNdl5T3PYthbwr/X52tGwbfSHFSGBAFYRpxkuIJt4IB1OmMTS2lDMsz8eLLg18H1KDztlrOM1lYmj/pAiQsewNsBZJo3MtZplNR/uJ/H4cRv3zHOBb2QtnLh+Zw2yARBB9tQr/kE4kwaARVIF4N2174ypprDJ0epigA5Rg4YNWswP7+Swla124e58ESwUeU/gReWReSFmr+6YAb8jf4q7nCtK293ljkYsf4elro7wIN5+JAp5So6LcHZARmotsLBbtNKlEMataHX20kpSYY9q2Vj2xE4durqFanzs2Rd+W0kXcw24xsPxH/JvBjuPfw05oexDQXrw9cxLLlPgHWUry72G9v53OzePfwywXcHcmBAXLyREwFCKR3Bl7Nu+Zlxj0Bd3gSMC0N7NBIbeOEbyuWc/F3W3I8VswZ9EUcpJdnPjApY=
Content-Type: multipart/alternative; boundary="_000_GVZP280MB0283586AF6DA4F03CE380497E45C2GVZP280MB0283SWEP_"
MIME-Version: 1.0
X-OriginatorOrg: internetstiftelsen.se
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVZP280MB0283.SWEP280.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 88096456-4f41-4b23-50cb-08dcffd59e6a
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Nov 2024 09:13:33.0273 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2aa68f8-18f3-48ae-81ba-02301d121d9a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KHgYh/m+JNU72y/n86yjwI18RUdtoddy+hiS1rUStJPBliu2ZffZWNUbt+y/xzX+jl+n8VDKjiRiDWVkDlwtzyP201mYU5y7lTiZxMejWWJhtI7baHQJmzevKxAEWUZd
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MM0P280MB1817
Message-ID-Hash: THBCBMAQHWTBVDWXTW2N5GY6GQY37FBV
X-Message-ID-Hash: THBCBMAQHWTBVDWXTW2N5GY6GQY37FBV
X-MailFrom: eric.skoglund@internetstiftelsen.se
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-regext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [regext] Clarifications on server error responses in EPP over HTTP (draft-loffredo-regext-epp-over-http )
List-Id: Registration Protocols Extensions Working Group <regext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/Z53PZY_iBRooK1OjfimjBgjkovA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Owner: <mailto:regext-owner@ietf.org>
List-Post: <mailto:regext@ietf.org>
List-Subscribe: <mailto:regext-join@ietf.org>
List-Unsubscribe: <mailto:regext-leave@ietf.org>

After Jim Goulds presentation on implementing EoH and EoQ I was inspired to start hacking on the two protocols in our own EPP server implementation, while doing so, some questions about EoH popped up.

In the EoH draft there is a couple of MUSTs for the client when sending a request:

 - The GET request MUST include "application/epp+xml" (Appendix B of [RFC5730]) in the "Accept" HTTP   header.
 - An EPP client MUST send all commands as HTTP POST requests (Section 6.4 of [RFC9110]).
 - Each POST request MUST include the HTTP session identifier in the "Cookie" header and "application/epp+xml" in the "Accept" header.

The current draft provides the following for dealing with misbehaving clients.

          Servers MUST NOT use HTTP return codes to signal clients about the
          failure of the EPP commands.  The HTTP code 200 MUST be used for both
          successful and unsuccessful EPP requests.  Servers MUST use HTTP codes
          to signal clients about the failure of the HTTP requests.

          Servers MUST return an EPP 2002 response (i.e.  Command use error) if
          the client issues an EPP command with either an empty or an invalid
          HTTP session identifier.

The only thing covered in detail is what should happen if an EoH server receives a request without a session identifier. I think it would be useful for the spec to be clear on what a server should return if any
of the requirements above are broken.

My 2 cents on what a server should do:

- A request with the correct Accept header but wrong HTTP method (say we get a PATCH instead of a POST): A server MUST return a 405 HTTP status code
- A request with the incorrect Accept header: A server MAY return a 406 HTTP status code (I guess one could think of a server that handles EPP and other stuff so MAY is probably best).

// Eric
The Swedish Internet Foundation

v2.46.0 | Report a Bug | By Email | System Status