IETF Logo Mail Archive

Re: [regext] review of draft-ietf-regext-login-security-03

"Gould, James" <jgould@verisign.com> Tue, 09 April 2019 21:19 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86C09120342 for <regext@ietfa.amsl.com>; Tue, 9 Apr 2019 14:19:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DUwkGWJ6rN3l for <regext@ietfa.amsl.com>; Tue, 9 Apr 2019 14:19:17 -0700 (PDT)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F4101201BC for <regext@ietf.org>; Tue, 9 Apr 2019 14:19:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=3178; q=dns/txt; s=VRSN; t=1554844758; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=QG3QPArj5vg19zzXqQHV6C/lGO0lN8HxMvd/LTR1rPI=; b=NIj0Y4oS6686YKmuyXieJXN0scak4iJ4RepWGe3dQd4q8jEJPTg+bcnY 2cYcmm0sBp5FK0vhM1Ogr6GRTpY8l4SGhMNMczaqGcpfPAOydXstryQzH YK8l2MG80BylId8YBxEiso++pCX/79r+0kC60yQ4gnrEWmWZsFnZ8MGgT 9adYbu1ohUBUt77ess/HJZytboErNT+noIL9ZRlMtUsGblfE0N/17IcwP 4JALiedkkxwa29Znyu50RTWpJLvNn/9jVkFUMHy/dkjEHtA5/KNtMP82/ WR52UGi/o4Ac3qojU5oVOXUCkJTms9x1qgkGN3uvZS7Q51kPkkqVqvlXx Q==;
X-IronPort-AV: E=Sophos;i="5.60,330,1549929600"; d="scan'208";a="8063500"
IronPort-PHdr: 9a23:Yvr9IBRZDfZSSNxTBH51Fferotpsv+yvbD5Q0YIujvd0So/mwa67ZBWAt8tkgFKBZ4jH8fUM07OQ7/m5HzVdqs/c4DhCKMUKC0Zdz51O3kQJO42sMQXDNvnkbig3ToxpdWRO2DWFC3VTA9v0fFbIo3e/vnY4ExT7MhdpdKyuQtaBx8u42Pqv9JLNfg5GmCSyYa9oLBWxsA7dqtQajZFtJ6os1xfFuGZEduRZyW91JV+enAv36sOs8JJ+6ShdtO8t+9JaXanmY6g0SKFTASg7PWwy+MDlrwTIQxGV5nsbXGUWkx5IDBbA4RrnQJr/sTb0u/Rk1iWCMsL4Ub47WTK576d2UxDokzsINyQ48G7MlMN9ir9QrQ+7qBx+x47UZ5yVNOZ7c6jAc94WWXZNU8BMXCFHH4iybZYAD/AZMOhYsYfzukcOoxW9CwmiBuzgxD5IiWP506I1yOkhDRrJ3Ak8E94SqnnZrtP4P7oSX+Cvy6nIyC3OY/1X1zf69YjIdg0uremRVrx0a8XRzFcgFxjLgl6NroHlPTyV1uMQs2if8uVtTvyvhHA9qwFwuTivx8gsio/Tio0JzVDE8Dx0zYAoLtO2T057ZMSrEJpWtyyCKYt5XNkiQ2BzuCY7xb0Gv5+7fC4Wx5g92xHfbPmHf5CJ4h39SOaRLy10hHV/eLKwgRu57EuuyvXkW8WpzFpGtDdJn9vCu3wXyhDe6saKRuFy80qiwTqDyhzf5vtZLU02iabXMYMtz7Ezm5YJrEjOHTf6mEvog6KVakkp/+2l5P7kb7jivZCRMoF5hh/jPakvn8GwGuA1PwkMUmWe9+mx2r/u8lD/Tb5XlPM5iLPZv4rfJckDo665BBJa3Zg75hakCjemzMwYnX4aLFJZYB6Hj5bmO1XJIP3gEPqxn0yinCpryP7eMbPuA4nBImXZnLf/Ybl97FRcyBIpwd9F+p1YEK8BIOjoWk/3rtDXEhg5Mwmsz+bmDtVyyJ8eVHqSDqOFKq/erF2F6+w1L+WRZIIYtizxJvcm6vL2iH82g14dfa2n3ZsNb3C4G+xrI0eWYXrrn9cBFXoFsxEgTOP0kl2CUCVTZ3e9X6I6/D00FIWmDYLbSoC3nLOBxDu7HoFRZm1eElCMFGzleJiDW/cQci2SJNJunSADVbS7V4Ah0hSuvhfgy7V7NurU5jEYtZX72dhv+eLTmg899DNoD8mG0mGCUX10nm0SSz8xxqB/rh819lDWm7B9q/BfCdVV6/hOFAw9MNSUm/R/I9z1RgvHctyODl2hR4PiSXsrQ90808MmYkthFZOllB+Jl36wDrAYh6CjBZEo/OTbxXendOhnzHOTnoYmkl0qBoNtPGirneQ3owrcAJPNn22HmryrbqUT2mjG82LVnjnGh11RTAMlCfaNZnsYfEaD9dk=
X-IPAS-Result: A2EgAAC6C61c/zCZrQpiAxwBAQEEAQEHBAEBgVIGAQELAYJ4gSoKhASVSYNdlGmBPxcbCg8BGAsLgUmCL0YCF4VsNQgNAQEDAQEBCAEBAQECAQECgQUMgjoiHDEcLwkBBQEBAQEBAScBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEIAggHNRIBARkBAQEDAQEhETgCCBMCAQgYAgISARMCAgIlCxUQAgQBEoMiAYIEriOBL4VGhGyBCyUBi12BQT6BOB+CTD6CYQEBgW0LCiYBAoJAMYImA4pLgkiETJQnAwYCiAKHY4Q3ggZdhTmMQ4tThVRDC41bAgQCBAUCFYFQAYINcBU7KgGCQQmFcIUUhT9yDSSNcA2BH4EgAQE
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 9 Apr 2019 17:19:15 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%5]) with mapi id 15.01.1713.004; Tue, 9 Apr 2019 17:19:15 -0400
From: "Gould, James" <jgould@verisign.com>
To: "pm@dotandco.com" <pm@dotandco.com>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] review of draft-ietf-regext-login-security-03
Thread-Index: AQHU7fXWTO7xTfBRyEuEUWULkm6x66YyQH0AgAIZaoD///3xgA==
Date: Tue, 09 Apr 2019 21:19:15 +0000
Message-ID: <F66B4693-C2BF-4E5A-B360-6433C5026EDF@verisign.com>
References: <afac0d26-e054-54a3-306b-5ec5a49fd489@switch.ch> <7597ff38-29ba-77e3-e093-524c5cb7123a@switch.ch> <878793C3-AE5B-4364-AA0A-572467EDB0D6@verisign.com> <fa8f12c3-851b-d29a-969d-605120704ed6@switch.ch> <BE4C3FDB-0A1D-4C6F-87C7-6D9CDDB09E10@verisign.com> <b692be9f-6123-42f5-b8a8-a4bbfb986e73@www.fastmail.com>
In-Reply-To: <b692be9f-6123-42f5-b8a8-a4bbfb986e73@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.7.190210
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <1BA259619FF1B648AB26287B39004BCE@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/ZnmefYA7tCgkR7vEOJ1VOHW86Dc>
Subject: Re: [regext] review of draft-ietf-regext-login-security-03
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2019 21:19:19 -0000

Patrick,

I believe the most important aspect is that there are three separate sub-elements to make the <loginSec:userAgent> element structured.  There will not be any confusion with "tech" contact attribute value and the draft describes the meaning of each of the sub-elements.  My preference is to leave the sub-elements as defined in draft-ietf-regext-login-security-04.
  
—
 
JG



James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/> 

On 4/9/19, 1:26 PM, "regext on behalf of Patrick Mevzek" <regext-bounces@ietf.org on behalf of pm@dotandco.com> wrote:

    On Mon, Apr 8, 2019, at 08:23, Gould, James wrote:
    > JG – The <loginSec:client> element can be changed to the <loginSec:app> 
    > element. To remove confusion for “lang”, how about changing the 
    > <loginSec:lang> element to the <loginSec:tech> element. The description 
    > of the app, tech, and os elements would encourage the inclusion of the 
    > version. The following is the proposed description of the elements:
    > 
    >  <loginSec:app>: OPTIONAL name of the client application software with 
    > version if available, such as the name of the client SDK "EPP SDK 
    > 1.0.0".
    > 
    >  <loginSec:tech>: OPTIONAL technology used for the client software with 
    > version if available, such as "Java 11.0.2".
    
    Please do not use "tech". Some EPP extensions already uses tech, albeit
    in a "contact" related namespace, that is they have
    <contact:tech>FOOBAR</contact:tech>
    instead of this other form that some may prefer:
    <domain:contact type="tech">FOOBAR</domain:contact>
    
    So this falls in the kind of same problem of (non technical but possible confusing) collision.
    
    And more generally, "tech" is too short to convey enough meaning just by itself.
    
    In general I also fail to see what we gain by using short names.
    Why not application, technology and operationSystem if you want all those details?
    
    -- 
      Patrick Mevzek
      pm@dotandco.com
    
    _______________________________________________
    regext mailing list
    regext@ietf.org
    https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email