Re: [regext] [check] <reason> always prohibited when avail="1" ?
"Gould, James" <jgould@verisign.com> Wed, 29 September 2021 12:20 UTC
Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0FFC3A1520 for <regext@ietfa.amsl.com>; Wed, 29 Sep 2021 05:20:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s7OmO8fltlsY for <regext@ietfa.amsl.com>; Wed, 29 Sep 2021 05:19:56 -0700 (PDT)
Received: from mail2.verisign.com (mail2.verisign.com [72.13.63.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 587603A1510 for <regext@ietf.org>; Wed, 29 Sep 2021 05:19:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=5214; q=dns/txt; s=VRSN; t=1632917997; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=zXCIoOm1PSojViTaT6zsYdwL0gV1HbUVPbgniFl6mmY=; b=THczMZ6U/4zu6FXsKkg6acDJhVn85LrTe+5ERwMZGJ2AjIVXHr84XV9c t3av2QB0q4GbgovSz7rq60Vt5s9eRi5/VafqXbjHvxUR9CAD/CYd1ADJN WXW0eCzkaurHajRymv/YVgRbDA+6BTVCazwAiurTeGNvvzG4JyJAkFHf2 YCJp7YyC9IJljsg5BURkD0kBOnDSqqFbATLO6rSStLTrz/TYvW9XdWkGN VbWVkOfPtrRNDUgdk2diZDDAA7Vlh4Nf9EDQDQSjscSYCi+6L37P21xws 9Wpaf8qn1ZTBdHrxj26kdNckxC5wKGetVoz2sbrVu4exH/5NcikmTPqGQ g==;
IronPort-SDR: nIXDldNSIeIMNC0lu+rCB25dn4Z1bgidJmHbPHGHf5f/R7X6rinaIvNyskuizm1KBddHix5NhA ZIIPnio/zIGIciWG5/7JWjfjA96tjliicQ+Oa3c0rTiwQMDqgTa9iereYcdonvSj3Yl/deuklh GBE0x2xBBtSUONXyililZIk97iZ2/GB5QxXcnsOzkH6R9gdBZvqpoVuObWUVzAXBSmCzs47PLv kZged0pgrRSsa8NXWWXXPnnCIIy7Htb7L2yZupcoGXG5hMAWCo9r49dvNfZecEwDuBFQyzItBv cB8=
IronPort-Data: A9a23:bQGV26iXxDMKjtieNkaRM1VuX161LBEKZh0ujC45NGQN5FlHY01je htvDWiDb62PZWagKN4gYITno0lVsMfTndI1HQRtryphEn8W8JqUDtmndUqhZCn6wu8v7K5EA 2TyTvGacajYm1eF/k/F3oAMLhCQ7InQLlbGILes1htZGEk0FU/NtTo5w7Rg2t8y0IDja++wk YiaT/P3aQfNNwFcbzp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMebS4K8bhL wr1IBFVyUuCl/slIovNfr/TLBVWEuaKVeSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Nplq6f3VBoLPp/wgPUSciB4ARNXJ4sY9+qSSZS/mZT7I0zuWUHKmspIIXFuZ8sG8eFtGSdH+ boGMisLKBuEgopawpriEq812Z9ldZSwet9O0p1j5Wix4fIOQ5/EXqHGzcFVxjYrh89IW/3ZY qL1bBI+M0qZO0AXUrsRIIIQo8CHoCDdTz1dmVuJgIgZyGKJ/hMkhdABN/KQILRmX/59okafo 2vduU/+GA0XHN+ZyCKdtH6h7sfVkCz2SJ46FbCk+LhtmlL77ncOEAURT0eTvfC/hUn7QckZI EsRkhfCtoA47kryUd/wT0Xi5WWapFgZWsEVGep84huLk+zK+R2fQGMDS1atdeAbiSP/fhRyv nfhoj8jLWUHXGG9IZ5FyoqpkA==
IronPort-HdrOrdr: A9a23:yoyPca7D9322D9EMcgPXwBXXdLJyesId70hD6qkXc20xTiX4rb HNoB1173/JYVoqNk3I+uruBEDoexq1yXcf2/hzAV7NZmjbkVrtAo1k4ZDr3jHsXwbvn9Qw6Y 5QN4xzEsf5A1Q/r8rriTPTL/8QhP2K6rqhi+ub9WpqVg0CUcxdxh10ERmWCXd7QwR6BZ40fa D22vZ6
X-IronPort-AV: E=Sophos;i="5.85,332,1624320000"; d="scan'208";a="9761050"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 29 Sep 2021 08:19:54 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.2308.008; Wed, 29 Sep 2021 08:19:54 -0400
From: "Gould, James" <jgould@verisign.com>
To: "Thomas.Corte@knipp.de" <Thomas.Corte@knipp.de>, "regext@ietf.org" <regext@ietf.org>
CC: "support@tango-rs.com" <support@tango-rs.com>
Thread-Topic: Re: [regext] [check] <reason> always prohibited when avail="1" ?
Thread-Index: AQHXtSxOqLxu4UzfiEqfGbhNYCHVOw==
Date: Wed, 29 Sep 2021 12:19:53 +0000
Message-ID: <BDB296BF-9631-4C52-A3E3-3D3DBDA74BA2@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.47.21031401
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <74D0395CC6270A4AA6E6EB4E8DF4B93D@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/aEkwhNpOlgcJaehtCp3ujtmcg68>
Subject: Re: [regext] [check] <reason> always prohibited when avail="1" ?
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2021 12:20:02 -0000
I would be more concerned about injecting domain names into the check response that were not queried for in the command than the inclusion of the optional reason element to explain why the domain name was added. I looked at the approach taken with a similar extension, which is the Related Domain Extension (https://www.verisign.com/assets/epp-sdk/verisign_epp-extension_related-domain_v01.html). The Related Domain Extension doesn't extend the domain check command / response, but does extend the domain info command / response, by including an explicit element extension in the command to include the additional information in the response, and including the additional information in the extension instead of changing the response information in RFC 5731. RFC 9095 is an Informational RFC and RFC 5731 doesn't explicitly disallow, with normative language, including additional domains in the response or including a reason for an available domain. This would fall into the territory of a functional extension (https://datatracker.ietf.org/doc/html/draft-ietf-regext-epp-eai#section-4), but RFC 9095 is a command-response extension, where an extension should be only one type. I would have recommended following the approach taken with the Related Domain Extension in this case to use a single type of extension and to not change the behavior of the RFC 5731 response elements. -- JG James Gould Fellow Engineer jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> 703-948-3271 12061 Bluemont Way Reston, VA 20190 Verisign.com <http://verisigninc.com/> On 9/29/21, 7:37 AM, "regext on behalf of Thomas Corte (TANGO support)" <regext-bounces@ietf.org on behalf of Thomas.Corte@knipp.de> wrote: Hello, On 9/29/21 13:01, Stephane Bortzmeyer wrote: > RFC 5731 3.1.1 seems to clearly prevent a <reason> to be sent when > avail="1". > > But RFC 9095 6.1.1 has an example with a <reason> for avail="1". > > So, is it really forbidden to send a <reason> to the client when the > domain is available but you want to send some extra conditions? Technically, it seems to me that the check response in RFC 9095 violates RFC 5731 anyway, because it asks for returning check results in the check response for domain names which were not present in the check command, while RFC 5731 clearly requires the check response to contain "A <domain:name> element that contains the fully qualified name of the queried domain object." Semantically, including a reason for a domain name's availability feels pointless, and the authors of RFC 5731 seemingly thought so, too. Most EPP clients won't expect a reason to be present for avail=1 and will simply ignore it. To me, using the <reason> element to add *conditions* that must be met for the name to be available feels like a misuse of that element. Best regards, Thomas -- TANGO REGISTRY SERVICES® is a product of: Knipp Medien und Kommunikation GmbH Technologiepark Phone: +49 231 9703-222 Martin-Schmeisser-Weg 9 Fax: +49 231 9703-200 D-44227 Dortmund E-Mail: support@tango-rs.com Germany _______________________________________________ regext mailing list regext@ietf.org https://secure-web.cisco.com/1o2D30Rdgr4WB9Fk9Xg9fLhpUAVN-Y9xfouuDKQ143L2BAhvOWr-J96nH8DwVKUhiY6TUG147yoC_ot-kLG2eF0qW_DGEUWDCHy7JSZS6QDIdbu_GqNN2qTkhWLXAlKUfxuos35xAO4xc2AcqlRVxXSHJG8R2_F-ekRL6OjI1jD_E6xuLzG9vkOqA5LHr2e_Uit-OEjPMOq5DZg6mNhlciMplOVFzumAkdNwBrd9-77gYwuQxuqGz8EvVwdp-SPEm/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext
- [regext] [check] <reason> always prohibited when … Stephane Bortzmeyer
- Re: [regext] [check] <reason> always prohibited w… Thomas Corte (TANGO support)
- Re: [regext] [check] <reason> always prohibited w… Gould, James