IETF Logo Mail Archive

Re: [regext] New Version Notification for draft-regext-brown-epp-ttl-01.txt

Gavin Brown <gavin.brown@centralnic.com> Tue, 27 September 2022 10:48 UTC

Return-Path: <gavin.brown@centralnic.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBC5BC14F72C for <regext@ietfa.amsl.com>; Tue, 27 Sep 2022 03:48:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=centralnic.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2e5fMYWdLrk1 for <regext@ietfa.amsl.com>; Tue, 27 Sep 2022 03:48:46 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50EF3C14F692 for <regext@ietf.org>; Tue, 27 Sep 2022 03:48:46 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id l18so2367332wrw.9 for <regext@ietf.org>; Tue, 27 Sep 2022 03:48:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=centralnic.com; s=google; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date; bh=3f9Zok0r8SREZuZyMpYAqykyjK259P/bT+DM2A66hRg=; b=LweyYb8biGn2MMn9txauxTvWEYS+RO8hA6t8ULUzgfN9tbh+fg2/K7fB62HF9QDivK gREk2bF5l1vFL29Wm1OG+bQFUL0nmv0mk8erUhtoZHegvXTqDT+LWLwU4Vs+4KOCshBs +pJjwLRJXcm6SrVii9pfDAnFdu450YikgM8pGgJ8X0Axb0LIEcxyUM2pC89v2pEkTykt 4awxUJDmgWlMHsUQEr8jluVl0RfB47OUbR6ZaN8ZADXdo7hAqyArshZEBlwUJWpZLV98 QuE3+OH/3Qwle1CrGA6NUV5J8yezL4Bk7gTJp2zM/aLurfuY+Z7FOOsgPsPl6sRUwPz+ gwmg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date; bh=3f9Zok0r8SREZuZyMpYAqykyjK259P/bT+DM2A66hRg=; b=k1ZMmrBTGZXGkhMPNoiWq8bHgSG0W275MlfUFSnEVuiNPv9j56WR4Vfd3aq1IowOPW 3xxjoVEqfgzA+0Sq9z7wlwcDUjvnLiaS7Pj0JM0FC86Nl40YQFEJMrTM9RjiZYfBxfx1 zK8cUFXm9I03sfAJTuh31I/PnS1iBUh5UfYag+2yLvIcNP6e2kcj6vQuRDqHxXo2CBXM uUpRA4jNMZIw3CMLroWZIeK1KmPqQDRLB2A+E5NEHMmsprASIUY7jefvEzwEMp3I3gWj LX4/6ZIVNfV/2LagPj6sgrXwB2Dr3IeGo+Vw5mkJIa5g4+mbQ1+qLClVQrpBwvUmBfiR 8YHQ==
X-Gm-Message-State: ACrzQf3czmiOe1UuvItNJO9ruveqUK6smCC3QEsid9gR82Q8uQkZj65S mmUDE9LkuIf1uLP2Zvt5wzY7sktrJjYRRUX/
X-Google-Smtp-Source: AMsMyM6X2SwXJlZvemfJUXubQzrcVBjzYIvYsdrE1j3uMDfU5Qw5nuGgzObnVd2ClkEEj8jjdBtH1w==
X-Received: by 2002:a5d:50c1:0:b0:228:d77e:4b33 with SMTP id f1-20020a5d50c1000000b00228d77e4b33mr15926654wrt.677.1664275724678; Tue, 27 Sep 2022 03:48:44 -0700 (PDT)
Received: from smtpclient.apple ([2a00:23c7:d700:8701:20a5:8e29:c6dc:ecae]) by smtp.gmail.com with ESMTPSA id d3-20020a5d4f83000000b0022cc157bf26sm929590wru.85.2022.09.27.03.48.42 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Sep 2022 03:48:43 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Gavin Brown <gavin.brown@centralnic.com>
In-Reply-To: <BY5PR10MB4179843D8988824690DABDD7C9529@BY5PR10MB4179.namprd10.prod.outlook.com>
Date: Tue, 27 Sep 2022 11:48:42 +0100
Cc: "Gould, James" <jgould=40verisign.com@dmarc.ietf.org>, "Thomas.Corte@knipp.de" <Thomas.Corte@knipp.de>, "regext@ietf.org" <regext@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <56F14436-B1E1-42C3-95E1-63C2FBAC8131@centralnic.com>
References: <FC58BF72-0D9B-443D-B22A-10043BB6C392@verisign.com> <BY5PR10MB4179843D8988824690DABDD7C9529@BY5PR10MB4179.namprd10.prod.outlook.com>
To: Rick Wilhelm <Rwilhelm@PIR.org>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/nXwdS137JKUJts8A3GDwh5w2ypA>
Subject: Re: [regext] New Version Notification for draft-regext-brown-epp-ttl-01.txt
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2022 10:48:50 -0000

Thanks Rick and Jim for the feedback. I am happy to accept the idea of the extension working for both domain and host objects and will work towards making that a part of the next version.

One point for possible further discussion is the "priority" of TTL values: I am going to state that the TTL value of the host object takes priority over the TTL of the superordinate domain. So if:

	com default TTL: 172800
	example.com TTL: 3600:
	ns1.example.com TTL: (undefined)

then the TTL for NS records delegating to ns1.example.com should be 3600, but if

	com default TTL: 172800
	example.com TTL: 3600:
	ns1.example.com TTL: 86400

then the TTL should be 86400.

G.

> On 26 Sep 2022, at 13:41, Rick Wilhelm <Rwilhelm@PIR.org> wrote:
> 
> Gavin,
>  
> Just a +1 for having this extension cover both the domain and host objects.
>  
> The sibling glue model has enough deployment that having the extension cover both models makes sense.
>  
>  
> One other thing… and this is not a call for a change, just concurrence to an existing design choice that is in the draft.  I like the behavior described for Server Processing of TTL Values (Section 4, paragraph 2) where the description covers the scenario where the TTL values are outside the range.
>  
> The doc says to reject the command with a 2004 “Parameter value range error”.  I was wondering if this might be “too aggressive” for a <create> (it clearly makes sense for an <update>), but after some thought, I agree with the current behavior.
>  
> First, it’s consistent.  Second, since the extension is optional (and since hosts links are optional on domain::create, the extension is “2x-optional”), it is better to “fast fail” due to validation enforcement.  Because to let the <domain::create> go through and have the invalid values flagged with only a warning is more likely to lead to confusion in the future.  That is, a client that is not properly respecting the limits of the TTL values is also unlikely to be heading a hypothetical warning value.
>  
> So, bottom line, after some thought, I like the way that this works.
>  
>  
> Thanks
> Rick
>  
>  
>  
>  
>  
> From: regext <regext-bounces@ietf.org> on behalf of Gould, James <jgould=40verisign.com@dmarc.ietf.org>
> Date: Monday, September 19, 2022 at 9:48 AM
> To: gavin.brown@centralnic.com <gavin.brown@centralnic.com>, Thomas.Corte@knipp.de<Thomas.Corte@knipp.de>
> Cc: regext@ietf.org <regext@ietf.org>
> Subject: [EXTERNAL] Re: [regext] Fwd: New Version Notification for draft-regext-brown-epp-ttl-01.txt
> 
> CAUTION: This email came from outside your organization. Don’t trust emails, links, or attachments from senders that seem suspicious or you are not expecting.
> 
> Gavin,
> 
> The TTL for the A/AAAA records need to be applied to the host object and the TTL for the NS and DS records need to be applied to the domain object. Setting the A/AAAA TTL at the host object level would apply to registries that implement sibling glue as well as CentralNic and TANGO that implement in-bailiwick only glue. 
> 
> -- 
> 
> JG
> 
> 
> 
> James Gould
> Fellow Engineer
> jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>
> 
> 703-948-3271
> 12061 Bluemont Way
> Reston, VA 20190
> 
> Verisign.com <http://verisigninc.com/>
> 
> On 9/16/22, 9:17 PM, "regext on behalf of Gavin Brown" <regext-bounces@ietf.org on behalf of gavin.brown@centralnic.com> wrote:
> 
> Hi Thomas, 
> 
> Thanks for the suggestions. I will add them to the next version.
> 
> G.
> 
> > On 15 Sep 2022, at 01:11, Thomas Corte (TANGO support) <Thomas.Corte@knipp.de> wrote:
> > 
> > On 9/14/22 13:35, Gavin Brown wrote:
> > 
> >> Greetings all,
> >> 
> >> Many years ago CentralNic had a proprietary EPP extension for managing
> >> the TTL values of domain names. ...
> >> 
> >> However I've had a bit of feedback about the draft since then, so I've
> >> just published a new version and am now sharing it with the WG for
> >> feedback.
> > 
> > I have two comments:
> > 
> > 1) The specification should probably address the effect of the TTLs on 
> > IDN variants. If a registry supports IDN variants as attributes of a 
> > domain name (either automatically added or via an extension), they will 
> > usually add some DNS records dedicated to these variants to the TLD zone, 
> > so the spec should specify that the same TTL is applied to these 
> > dedicated records as well. If IDN variants are managed as their own 
> > objects, they can receive their own specific TTL values.
> > 
> > 2) I'd suggest to add this boilerplate text (or something similar) to the 
> > draft:
> > 
> > "EPP uses XML namespaces to provide an extensible object management
> > framework and to identify schemas required for XML instance parsing
> > and validation. These namespaces and schema definitions are used to
> > identify both the base protocol schema and the schemas for managed
> > objects. The XML namespace prefixes used in examples (such as the
> > string "ttl" in "xmlns:ttl") are solely for illustrative purposes. A
> > conforming implementation MUST NOT require the use of these or any
> > other specific namespace prefixes."
> > 
> > This is a pet peeve of mine, as some registries still haven't managed to 
> > implement this correctly.
> > 
> >> In our implementation, glue records are only published if the
> >> superordinate domain is delegated to them, and the current
> >> specification assumes the same design choice. However this is
> >> obviously not true for other registries, so being able to change the
> >> TTL on a host object independently of the superordinate domain may be
> >> needed to account for scenarios where the client wishes to change the
> >> TTL of all NS records *except* those of the superordinate domain.
> >> However I am not sure if this is a scenario that justifies the
> >> additional complexity entailed - but I'd appreciate the list's input
> >> on that point.
> > 
> > Our own TANGO system's zone generation also suppresses glue records if 
> > they're unnecessary, so I'd agree that the extra complexity shouldn't be 
> > required.
> > 
> > Best regards,
> > 
> > Thomas
> > 
> > -- 
> > TANGO REGISTRY SERVICES®
> > Knipp Medien und Kommunikation GmbH Thomas Corte
> > Technologiepark Phone: +49 231 9703-222
> > Martin-Schmeisser-Weg 9 Fax: +49 231 9703-200
> > D-44227 Dortmund E-Mail: Thomas.Corte@knipp.de
> > Germany
> > 
> > 
> > 
> > 
> > 
> 
> --
> Gavin Brown
> Head of Registry Services
> CentralNic Group plc (LSE:CNIC)
> https://secure-web.cisco.com/14iQKw6gpSA8BoJOmhv6QjiaCTMGaV1jtoe_uIp8bRMky-K_waMharMEg1LYAtlWQzbHVPm2AmR56O6ydcDKobgVBEd8Mp95GJ4pfxuUZclcuaVBTXohuG6UFiZL8xJ3nqGu2mdmXKQsJPMkec8furVUgjMJNBPl8lwD5Bq0rklXDq-hFZXWTKZmWa5fb8Uwnk0OsfYNX4uZhal8J_rCVACHGBTdRrXemWcsjenM7fbYJzUttkEdStu8R7PY547eg/https%3A%2F%2Fcentralnicregistry.com
> 
> Cal: https://secure-web.cisco.com/1hJ_Ypbd5OAM--cIUke4ujR8-8LTMV4cqpfYs9QUL3-xaEmFm7OPW_RKJa5TaJZ-HneITtwkOeMVSKTCbmrMbjcErDdz8Dn9s8KdDKMHHT_n0P5y-9uAWYPonAmrg9XVm72gORCQ9yh_SEzHxdAInQcg2pxTqBSDiW21bw4Msfzp7DQlftiKFeHB_z6wxjFlsu1gkcEBSt3buj5OUNEPih8pWx70nO2sXSue_OSN30cn26q27kvkyDHix9BcqlRSV/https%3A%2F%2Fcnic.link%2Fgbcalendar
> 
> CentralNic Group plc is a company registered in England and Wales with company number 8576358. Registered Offices: Saddlers House, Gutter Lane, London EC2V 6BR.
> 
> https://secure-web.cisco.com/1dbi9wWVJ28DEfKsxyfgDEQU-jFqu7mdY6XAsqbxvETOtZUTia8UHVG3wWzYeRemA7OPimBJnEWIQ_chpT9e5Sa-J20mZ-lg7OKtsrHauuCHNraZIrO2sRn6I4uLLUnXzu7GzOmhVsqGk-bob53BCqaJDheGvFW_lx1FJtJFFdvwqJk7jnOmAXoXJh9o7jqHERzAzFZQabrHdQPUpCk_gViXXZQ3itKXVeka3mdJHHng6f07BY0VfTk3jZ8prKebY/https%3A%2F%2Fwww.centralnic.com
> 
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://secure-web.cisco.com/17iGVT_AU5IsvLflCUT5ypMVunmm1fTgnPxEcMeRIVbSjVZJoJIWdWHyw157N9qknJiHgZkxVaZWRtrflXFk_7WtXpCWF_Gwe7PdF_lmQJh07SRN5vMVGi3XbZKgIdtWTMfx3R-diYwdR5a2_tC-ByoLYtPrGe7Mnivy3oZbVWZlEGNeiP0fE_5Nccxc5kNkVoPC0hdk-f9gyPQAaiVMskLu5OoHGs-thMpK2RAklTTuW5nbCC9f53GvnO4SlCwKo/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext
> 
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext
> 

--
Gavin Brown
Head of Registry Services
CentralNic Group plc (LSE:CNIC)
https://centralnicregistry.com

Cal: https://cnic.link/gbcalendar

CentralNic Group plc is a company registered in England and Wales with company number 8576358. Registered Offices: Saddlers House, Gutter Lane, London EC2V 6BR.

https://www.centralnic.com

v2.23.0 | Report a Bug | By Email