IETF Logo Mail Archive

Re: [regext] EPP and DNAME records?

"Gould, James" <jgould@verisign.com> Fri, 05 January 2018 15:46 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E959912D82E for <regext@ietfa.amsl.com>; Fri, 5 Jan 2018 07:46:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RsoL_wJkRP8Y for <regext@ietfa.amsl.com>; Fri, 5 Jan 2018 07:46:21 -0800 (PST)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D948126C2F for <regext@ietf.org>; Fri, 5 Jan 2018 07:46:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=5572; q=dns/txt; s=VRSN; t=1515167182; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=IfgwAH57B3ZyEpI4hp1DU+dm7F+YLKx9DdXpR8KyHH8=; b=JyTNvJejt4M6giEvoMLS2i6ASNJKbKPUqvoIgP9M5gQnh5hd+RGAi7PV h9RuA9SAF+3nOetp+2SLHYJ03SMcSQnDxO80lvnMMbTBFXS3VqaWP1MqH 6YbsGWbk2sR+bMdnhzIEaVltph9Hra+87NE72Gqv1g0G8k5vPmhXHG/aj 6r8+WEatcTzAPI4ZYBD0rLv63oj0hJxHClzJiYSD77YDqHAJgSV0Q3qm0 yxKm88BWInNqO5VhxiiAYEwl8bP4HWcsLdfyd9kf2Ug7qbB7zqVZ8PnPK aEynAUQapD9rI3TJwq/B5/kgDJnNa+p4lGzTG3JvoSA1LZ8TlxdWQX5qB Q==;
X-IronPort-AV: E=Sophos;i="5.46,318,1511827200"; d="scan'208";a="3531575"
IronPort-PHdr: 9a23:SpOaaBWOctBWSiLKHDzLmMf2/FjV8LGtZVwlr6E/grcLSJyIuqrYbR2Bt8tkgFKBZ4jH8fUM07OQ7/i5HzRYqb+681k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAAjwOhRoLerpBIHSk9631+ev8JHPfglEnjWwba9vIBmssQndqtQdjJd/JKo21hbHuGZDdf5MxWNvK1KTnhL86dm18ZV+7SleuO8v+tBZX6nicKs2UbJXDDI9M2Ao/8LrrgXMTRGO5nQHTGoblAdDDhXf4xH7WpfxtTb6tvZ41SKHM8D6Uaw4VDK/5KpwVhTmlDkIOCI48GHPi8x/kqRboA66pxdix4LYeZyZOOZicq/Ye94RWGhPUdtLVyFZAo2ycZYBD/YPM+hboYnypVUBrRqiCgejC+zi0SNIiWTz3aEmz+gsCwPL0Qo9FNwOqnTUq9D1Ob8cXe60y6nI0DHDYO5O1Tzg7IbHaBUhru+XXb5+bMHczksvFwzCjlWNrYzqIiiY1voTvGiB7upgTuOvi2Ehqw1rvjevwcIsh5DPi4kIxF7E8iB5z5w0Jd2+UEN7f8CrEIFRtyGBNot2TcUiQ2BuuCkm0LEJpZm7fC0SxJQm2RHfd/KHf5KP4hL5W+adOTl4hGh/d7K6nRmy/kmgyvHmWsmzylZKoSxImcTPuHAVzxHf99SLRuFg8kqj1zuDzR3f5+FKLEwui6bWJJ4szqYtmpYPq0jPAy37lFnsgKOLeUgp+fKk5/nkb7jgu5SSLZV7ihvkPaQrgsG/BOM4PRUQUGWD4uS80aHj/VX+QLVXkv06iqnZv47eJcQcvqO2GBVV0oA+5xa7ADam1c4XnXgDLFJCZRKHk5TlN0/ULPDmE/i/mVWskCxqx/DJOL3tGInCLn/GkLv5fLZ97VBTyBYrwNxC+55YEKwNLfD9V0PrqdDVDhE0Pxaqz+voCNhxzoYeVniOAq+dPqPSq1iI5uc3LumOa48Vvyv9K/w46PP1k382h0Udfaiy3ZsWZ3C4GO5qLFmeYXrpmtsBC3sFvhIiTOz2j12PSSRTaGi9X60i6TA7FJmrDYbdSYCxjryNxiC7HodZZmpeEFCDDW/od5mYW/cLcC+dOchhkiYYVbmgTo8uyxGvuxHgy7d8KOrU+zEXuYjt1NhvtKXvkkQJ6TFsD82b3imnSHtojGYFVjIslPR1plZh2FKOwKViq/pZHppd/aUNGk0gOJHR3/BSCt3uVETGZNjDAAK8T9qrES0ZT98tzZkJeUkrSPu4iRWWlQWtHrsZ0/SpDZk56eiUi3r+INt5x17Y2bMglFgpRI1EMmjw1f03zBTaG4OcyxbRrK2tb6lJmXeVrGo=
X-IPAS-Result: A2FmAgAxnU9a//WZrQpaAx0BAQUBCwGEJIEbB4QKmmknmHwbIQcKGAuESU8CGoRaFAEBAQEBAQEBAQECgRCCOCQBDkshBgEFAQEBAQEBAQEBIwEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQgCCAUCLxIBARkBAQECAQEBIRE4AhsCAQgNDQISARMCAgIlCxUQAgQBCQmKJxiwTYInikABAQEBAQEBAQIBAQEBAQEBAQEBAR2BD4MFg2yBaCkMgnmDLwEBgVctCiYBAYIRDDExgjQFkiSRMgYCiASHTYV1ggtlkQqKX4JRAok0AgQLAhkBgTw2gXNvFT0qAYF/CYJLHIFneCqGaA2BJYEXAQEB
Received: from brn1wnexcas01.vcorp.ad.vrsn.com (brn1wnexcas01 [10.173.152.205]) by brn1lxmailout02.verisign.com (8.13.8/8.13.8) with ESMTP id w05FkJAG008901 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Fri, 5 Jan 2018 10:46:20 -0500
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0301.000; Fri, 5 Jan 2018 10:46:29 -0500
From: "Gould, James" <jgould@verisign.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] EPP and DNAME records?
Thread-Index: AQHThhXOFA7AxlOmhESoJUsQxqSV/KNlbDSA
Date: Fri, 05 Jan 2018 15:46:28 +0000
Message-ID: <E0584941-69D8-4DBA-9429-6DC9CD84B925@verisign.com>
References: <20171112130006.GA31496@laperouse.bortzmeyer.org> <20180105111014.52tdcpky3hy3imth@nic.fr>
In-Reply-To: <20180105111014.52tdcpky3hy3imth@nic.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1f.0.170216
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <FA0C522173E2A942A29D86BA5BE15934@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/j1y2qnOOU2lXAFGAZr-7UTtdKAg>
Subject: Re: [regext] EPP and DNAME records?
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2018 15:46:24 -0000

Stephane,

Thanks for posting the draft for review.  The following is my initial feedback:

1. If the registry starts accepting more resource record types in addition to or as an alternative to the existing record types, why not define a more generic RR extension that allows for the CRUD of the RR associated with a domain name?  
a. DNAME could be one of the supported RR types.  
b. If new resource record types can be managed by the registry, do we need to create an EPP extension for each one?  
c. It would be up to server policy which RR types are supported.  A RR policy extension of the Registry Mapping could be leveraged to define the RR types supported by the server along with any RR restrictions.      
2. It would be best to reference eppcom:labelType for the dnameTarget element instead of a string.  One issue with the eppcom:labelType is that it has a minimum length of 1, so an empty element cannot be used to remove it.  The dnameDeleg schema could define its own labelType that sets the minimum length to 0.  
3. It may be best to make the setting or removing of the dname explicit in the extension to the update command, as in the following
<dnameDeleg:update>
  <dnameDeleg:set>foo.bar.example</dnameDeleg>
</dnameDeleg:update>

or 

<dnameDeleg:update>
  <dnameDeleg:delete/>
</dnameDelete:update>
4. I assume that return of the dnameDeleg extension in the info response would be based on the existence of the dnameDeleg data, server policy, and support of the client for dnameDeleg based on the EPP login services provided by the client.
a. An alternative to leveraging the EPP login services of the client, is to extend the EPP info command with an empty element like <dnameDeleg:info/> to explicitly specify the inclusion of the dnameDeleg extension in the response.  If it were explicit, then the case of no data would need to be handled.  One option is to support a <dnameDeleg:infData> element in the extension of the info response that includes the <dnameDeleg:dnameTarget> element if it’s set.  
i. One advantage to the explicit approach is that it’s clear which version of dnameDeleg is desired if there are multiple supported versions (e.g., urn:ietf:params:xml:ns:dnameDeleg-0.1, urn:ietf:params:xml:ns:dnameDeleg-0.2); otherwise the server would need to choose the highest version supported by the client based on the client’s login services.
5. For issue #3 listed at https://framagit.org/bortzmeyer/ietf-epp-dname/issues, I believe the client can determine support for DNAME via the services returned in the EPP greeting by the server.  
6. One additional complexity is how to handle transfers when the gaining registrar does not support dnameDeleg.  There are other mechanisms to determine the state of the transferred domain (e.g., DNS, reports), but the gaining registrar will simply not be able to get or set the dname via EPP until they support dnameDeleg.        
  
—
 
JG



James Gould
Distinguished Engineer
jgould@Verisign.com

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com <http://verisigninc.com/> 

On 1/5/18, 6:10 AM, "regext on behalf of Stephane Bortzmeyer" <regext-bounces@ietf.org on behalf of bortzmeyer@nic.fr> wrote:

    On Sun, Nov 12, 2017 at 09:00:06PM +0800,
     Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote 
     a message of 19 lines which said:
    
    > we could imagine a registry accepting registrations implemented as a
    > DNAME record, not NS records.
    > 
    > Would it make sense to create an extension (may be an addition to RFC
    > 5731) to allow these "DNAME registrations"?
    > 
    > I'll be at the meeting tomorrow, if you prefer to discuss it AFK.
    
    After the discussion in Singapore, here is the draft. Comments and
    criticisms are welcome.
    
    https://datatracker.ietf.org/doc/draft-bortzmeyer-regext-epp-dname/
    
    _______________________________________________
    regext mailing list
    regext@ietf.org
    https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email