[regext] FW: I-D Action: draft-ietf-regext-secure-authinfo-transfer-03.txt

"Gould, James" <jgould@verisign.com> Fri, 31 July 2020 16:00 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A76E3A09B8 for <regext@ietfa.amsl.com>; Fri, 31 Jul 2020 09:00:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XtWKPchi24iK for <regext@ietfa.amsl.com>; Fri, 31 Jul 2020 09:00:40 -0700 (PDT)
Received: from mail6.verisign.com (mail6.verisign.com [69.58.187.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BAC63A090E for <regext@ietf.org>; Fri, 31 Jul 2020 09:00:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=26403; q=dns/txt; s=VRSN; t=1596211241; h=from:to:subject:date:message-id:mime-version; bh=ku7ivNS8dIXD5tewhL5AWzj/NO88mrpzh0TttTmNuiw=; b=MtnMQb8iZDvfcmz4MxSBEdZ6f264EFhv/2vnMHmFdV/sXs4R6XZ5C5ff l0G0XVavBb22JzjJ/iBg0Y+MdF1jeOydXYlJubw/ZMjIImwylINGEUlMS 6WJCOHKrgLhZMkCgQowHg/UFeukYzSbmYrc4SHxdMjYeJqLteEC5k4jbl XklbTg9GEEhil8znI+GppadLahTr7SVa0+WN0OAwd/tvBFJYaROzsPTt+ YvN84a76z40r9Apuuw4d8BGIuKguJgvsKuDQ28fsUAm/PulmA7AsjPJoq BYwLsG78Z4EMoDnV8lQnJG5p6hmqtvW/BLqJoLyj8r9REU+6sxnKvB89U w==;
IronPort-SDR: xII9ZvaWMWl2eUhRcekTwm7GU9Nldg+ebZuNLxtB2ihyor+EeXWDGaPczmdzjdCm37mNGitJKr 6ieqbOzXssNrOoszqIWrW3y97Nf5rAdQYLR8Pgrth9SyT7DD95YCeu+jdNf+t9fK6hiKVHXDTC 7OA0mVjXGDzRQdh4KhM5EjFD2niRO8BeTksCNL45PnWP6rzSradwA4oWI8sRseicBne4PqIXPA 7ZiXGMVK+T+AbFULhgWxKfGSKHoEcevFW2L3V66CeZlD12ARkuTEt4ouX9X3pkCj95KxpZ+H5y gWM=
X-IronPort-AV: E=Sophos;i="5.75,418,1589256000"; d="scan'208,217";a="2377109"
IronPort-PHdr: =?us-ascii?q?9a23=3AQLfb3R2mH/VoMdl3smDT+DRfVm0co7zxezQtwd?= =?us-ascii?q?8ZseMSL/ad9pjvdHbS+e9qxAeQG9mCtbQa26GG7OjJYi8p2d65qncMcZhBBV?= =?us-ascii?q?cuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx?= =?us-ascii?q?7xKRR6JvjvGo7Vks+7y/2+94fcbglVhTexe7J/IRa5oQjStMQdnJdvJLs2xh?= =?us-ascii?q?bVuHVDZv5YxXlvJVKdnhb84tm/8Zt++ClOuPwv6tBNX7zic6s3UbJXAjImM3?= =?us-ascii?q?so5MLwrhnMURGP5noHXWoIlBdDHhXI4wv7Xpf1tSv6q/Z91SyHNsD4Ubw4RT?= =?us-ascii?q?Kv5LptRRT1iikIKiQ5/XnXhMJukaxbvByvqR9xzI7VfI6aO+FzcbnBcdMfX2?= =?us-ascii?q?dNQtxcWi5HD4ihb4UPFe0BPeNAooXzplUOqga+BQ2xC+/31zRGgmX53agk3O?= =?us-ascii?q?Q6Hw3NwQstH9ABsHTTsdX1MLodXPurzKbW1zXDbuhW2Tby6IjOaBwuvfaMXb?= =?us-ascii?q?dpfMfX1EIgGB/LgE+Kpoz5IzOayP4Ns26D4uRuW+yhi2Eppx1xrzWvycohiI?= =?us-ascii?q?jEi4Abx17E6yl0zog4KcC6RUN1fdKpEppduiGUOYV2Rs4vX31ktDonxrMGp5?= =?us-ascii?q?K2ejUBxpogxx7acfOHco6I7wr9VOmPOzd4hWlleLOwhxa08EigzPHzWtOo31?= =?us-ascii?q?ZNqypJisXDtnEW1xPP7ciLUOdy/kCk2TqX1gDc9P1EIU4umarcMZ4hzbg9nY?= =?us-ascii?q?cQv0TbBiL6hVn6gLWLekgm9OWk8fnrb7Xoq5OGOIJ5jhnyPrkylsClHOg1MB?= =?us-ascii?q?QCU3KG9emz17Dv51D1TbZMg/YriKfWqoraKt4epqOhBg9V1Zss5AinAje91d?= =?us-ascii?q?QYgWEHLFVYeBKbl4TpO0/BIPT/DfqnnlmijC9ly+3GMbP5DZvCL2TPnKn7cb?= =?us-ascii?q?Zj90FczxAzzchF651OF74NOuzzWlXqtNzeFBM2Lwu0w+P/BNV80IMRR36PD7?= =?us-ascii?q?eEPK/Oq1OE++AiLueWaIMIuDvwJeIp6vHqgHMhnF8SZ6ip3Z8ZaHCiGfRmJl?= =?us-ascii?q?2UYXjjgtcGDGcKuhcxQff0iFKcSz5TZm2yX6Mz5jE9Eo6pEYDDRoW1jLybwC?= =?us-ascii?q?i7BoFWZnxBCl2UC3fnaYqEVOkDaSKOOcJhkyILVaSvS4M70hGurgD6mPJbKb?= =?us-ascii?q?+e4CAXuIL//Nl4++OVkgs9v3QgFcmS3nGRZ2B5gm1OQCU5ivNRu0t4nx2s1r?= =?us-ascii?q?V8j7gQN9VW6ugDGlM4OpnBy+BSFd3oWxnAcdHPQ1GjFIb1SQotR848loddK3?= =?us-ascii?q?12HM+v20jO?=
X-IPAS-Result: =?us-ascii?q?A2GnCQAvPyRf/zGZrQpdAx0BATwBBQUBAgEJAYFhgSEbA?= =?us-ascii?q?oFZgTMKhCuQc4QZljCBLBcmCwEBAQEBAQEBAQcBEwwQBAEBAoRKGYIeJTgTA?= =?us-ascii?q?gMBAQsBAQEFAQEBAQEGAwEBAQKGRQELgjciej0JPQEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBAQEBAQUCCAc0GQc1EiAGI0sdAQgwEgIEMBsBB?= =?us-ascii?q?gUECgmDJgGBfrIkgTKFUoR6gTYCAQGGTYZZgUI+gREnDBCCTT6CXAIDgUICJ?= =?us-ascii?q?AsKJgiCRzOCLQSSb4ZdJosykGYDB4JgiFyRKxUJgnuBIogqkzCNN4RsgWqGZ?= =?us-ascii?q?RKBUpRwAgQCBAUCFYFqgXtwFRohKgGCPglHFwINjioYg06FFIVCdA4mAwIGA?= =?us-ascii?q?QcBAQMJjn+BD4ERAQE?=
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Fri, 31 Jul 2020 12:00:37 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.1913.005; Fri, 31 Jul 2020 12:00:37 -0400
From: "Gould, James" <jgould@verisign.com>
To: "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [regext] I-D Action: draft-ietf-regext-secure-authinfo-transfer-03.txt
Thread-Index: AQHWZ1O7AOnIoJqxZ0iVjT50bWHPJw==
Date: Fri, 31 Jul 2020 16:00:37 +0000
Message-ID: <E18622D8-BB8F-4A37-9929-B8ECD0EBAF6A@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.16.200509
x-originating-ip: [10.170.148.18]
Content-Type: multipart/alternative; boundary="_000_E18622D8BB8F4A379929B8ECD0EBAF6Averisigncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/bnP5p6W33sP3BzlpAhRtt2nW7k0>
Subject: [regext] FW: I-D Action: draft-ietf-regext-secure-authinfo-transfer-03.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 16:00:53 -0000

In preparation for the request for WGLC, draft-ietf-regext-secure-authinfo-transfer was updated with the following changes.  The draft is now ready for WGLC.

  1.  Updated the XML namespace to urn:ietf:params:xml:ns:epp:secure-authinfo-transfer-1.0, which removed bcp from the namespace and bumped the version from 0.1 and 1.0. Inclusion of bcp in the XML namespace was discussed at the REGEXT interim meeting.
  2.  Replaced Auhtorization with Authorization based on a review by Jody Kolker.



--



JG







James Gould

Fellow Engineer

jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>



703-948-3271

12061 Bluemont Way

Reston, VA 20190



Verisign.com <http://verisigninc.com/>



On 7/31/20, 11:57 AM, "regext on behalf of internet-drafts@ietf.org" <regext-bounces@ietf.org on behalf of internet-drafts@ietf.org> wrote:





    A New Internet-Draft is available from the on-line Internet-Drafts directories.

    This draft is a work item of the Registration Protocols Extensions WG of the IETF.



            Title           : Extensible Provisioning Protocol (EPP) Secure Authorization Information for Transfer

            Authors         : James Gould

                              Richard Wilhelm

                Filename        : draft-ietf-regext-secure-authinfo-transfer-03.txt

                Pages           : 28

                Date            : 2020-07-31



    Abstract:

       The Extensible Provisioning Protocol (EPP), in RFC 5730, defines the

       use of authorization information to authorize a transfer.  The

       authorization information is object-specific and has been defined in

       the EPP Domain Name Mapping, in RFC 5731, and the EPP Contact

       Mapping, in RFC 5733, as password-based authorization information.

       Other authorization mechanisms can be used, but in practice the

       password-based authorization information has been used at the time of

       object create, managed with the object update, and used to authorize

       an object transfer request.  What has not been fully considered is

       the security of the authorization information that includes the

       complexity of the authorization information, the time-to-live (TTL)

       of the authorization information, and where and how the authorization

       information is stored.  This document defines an operational

       practice, using the EPP RFCs, that leverages the use of strong random

       authorization information values that are short-lived, that are not

       stored by the client, and that are stored using a cryptographic hash

       by the server to provide for secure authorization information used

       for transfers.





    The IETF datatracker status page for this draft is:

    https://secure-web.cisco.com/1C414k8FewwrqHU1Ris3PLUlyGRrttIG8UoHfX0ZuaWxmoCXR8V8Uy8F-2iRijPsSovIT2dTS9ARZaSHA4DtWp-_mP2saWCRz1-8EPcGq1eoxjk08vePwmmwkQryUl72OjNEXOaq5KXq4rlAbKmu8gixCzuRqRjE8Qdck3u636_sXex5EPihL5Nhv6J2UIev6lV0UwIKv52OMfCW1v1ABCClsm3oCVoS6u_FY5e3QY45bc7w2Qn2U0S6XKZG0FZ8dcJkR2ZDWBaIjTGdmjuTClg/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-regext-secure-authinfo-transfer%2F



    There are also htmlized versions available at:

    https://secure-web.cisco.com/1mkXAvaMvJQ9wtYc5bYfRsIU2ikJdPQ1TjU6OCzQTIupsJnuRVei-yQoRup00xLAFWKkoBEIWe6W32_AtF1_k4hJRVQIoG0gAWi9cbVUmmFOXT9ikGGyRbE3nGZQP9z6khIaGd5J5y-REvIw5iJmqX4zPszwm-WFCP7r7vryJHiliRENlffSLK4TS6zd0izu185XaOXOA3J4SOXHR2WCQpSa37NPjn45e99OoFLeIrfDfDVTYkoG0nFMk3mNXYUD1I3Rip6-_2jjwlS2sSWktcQ/https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-regext-secure-authinfo-transfer-03

    https://secure-web.cisco.com/1et18U6_XXQuc6tvSXuGgZQnR_dFdYuCHH-QNmClUW-Nhk-iE1vB8Uf_57qMm6vi9yeIqbYgbc9BC5d5jruKGfafZXjK3chqO6nCdKCe97F-pboHj__Rb3REJ0YvxXZjvgg18t3WmCM4oJ9n1Po1H1mKuyhx3-__emx5Bbuj62yyWMMhHJz7V-G3WSilbtgfUigt3Hxhevm5-52muWd8w-_XRhsBQuUlFX_p8H4sYfnut9Jopdmhz5K1C2nqfp8mmFAsrUl4mxJ6JZvrwEM6WTw/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-regext-secure-authinfo-transfer-03



    A diff from the previous version is available at:

    https://secure-web.cisco.com/1maR9nqxnGcukV3vH8ZLkmvIrXmCJGXy8e7IzKTryr_wLzw1w779EQh0MX7bciQoY5weuNS5dRhR6_Jl0HnL2CUby04O-avJGmmsMvX0oM9gDNjUr66HPYIBVcPCrVGT3EIeVFrabUnPicMXvdxM2biG-Y42kaz4faaai3xpHDQMyOlFBovPVnxSOXCxU3WSh-9TSf_dwWjOizEGMKFy7G5HX0hNGYQ60h2R-h1iz_PMUBJbr9U57sbbOZCm-QSV6jOmP-1JjfmIpXw_xihZZfooTq01hvPJS8QkaZJEdXBI/https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-regext-secure-authinfo-transfer-03





    Please note that it may take a couple of minutes from the time of submission

    until the htmlized version and diff are available at tools.ietf.org.



    Internet-Drafts are also available by anonymous FTP at:

    ftp://ftp.ietf.org/internet-drafts/





    _______________________________________________

    regext mailing list

    regext@ietf.org

    https://secure-web.cisco.com/1MjTjWp19QQbNYvZhhu7Ys9Yd6Osn_N7bkqJyXMx1FKOk7znR-zRObBcT0Qzu3wquaqu_un-YFBUJd9_XfQv7H6jZfTFC6CKRirXz-CgZ1A3xzwYGPG2QV0uOlqURSzddBT8cP0iJbLvCpq7bvCm46XAORHxvVwUrdKZWzs6pZC3zfElNoF_TSPON7pS5hO9C5-J0Q6CMt4iDWu6N8FxdCx5au26kDrJLY0IroGZdWsYXn_8LRJGJ6zrsc5Hd3H86tJS7gF_NT9exCACn87JyjGqvEpY9E2_hLOZE-wqx-UU/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext