IETF Logo Mail Archive

Re: [regext] EPP Transport Service Discovery

"Gould, James" <jgould@verisign.com> Thu, 21 March 2024 12:45 UTC

Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1640EC14F70A for <regext@ietfa.amsl.com>; Thu, 21 Mar 2024 05:45:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.305
X-Spam-Level:
X-Spam-Status: No, score=-4.305 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5_67saJd5z64 for <regext@ietfa.amsl.com>; Thu, 21 Mar 2024 05:44:55 -0700 (PDT)
Received: from mail2.verisign.com (mail2.verisign.com [72.13.63.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3061EC14F6F2 for <regext@ietf.org>; Thu, 21 Mar 2024 05:44:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=45948; q=dns/txt; s=VRSN; t=1711025095; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=ZbARMfd/5MyHV6SXHpMLNoz9iv7b7YvCv8Y1MwnH/Mg=; b=O+xe2fsME0/dRpFyldJ23bUk+idC3rka37ed17JkVdYQbUpgSKSQfZoF ctwxXWYIqxQ/Vz5P7KD5fKBgFUDOcNaB7xRVzTmRknMej5wbwn6xFa/6o tNZ4ouYjSVlxvAF6ZtrtnYs1h1OSUKygshKVIkxcIkfXytS4FFQfQOvE+ pcV7dcGpQKCh6QheJUzBPLHICD8rhqAEMqNcG7Q02hxJ1Lkw4YUb94G56 fm0AscIEECrUCrIHl5jIjZzb3dAZBda64SF7C9IqQKTQJg1akg+w/oIXu 4yhuYmcQ6ltv0rrTDU2T7WYFimcHXkiX8nOfnMY4R8rdEE3HyswOvOZzv A==;
X-CSE-ConnectionGUID: Gt8Mv7svSL+KMZqzVw6a9g==
X-CSE-MsgGUID: +JtcZdA5T86OOlNCKN/yVQ==
X-ThreatScanner-Verdict: Negative
IronPort-Data: A9a23:JmWCLa9/XQRE9XZcKid7DrUDaX+TJUtcMsCJ2f8bNWPdYAuW7oE1v jtCCD7TOv+LfCKrLOnCW/3gp01T65DRndJlQQNt+yFmFnhG9cHOWYjHdxj6MinOcMaaRxw2v pgTNtKbJpA9EyOFrEnzPOO88Hci3/qDHuXxYAKo1kGdYCc9IMt2oU46wrBRbvdUvOWE7yOxV fLa+sTRNVX0gjIvPDxP5fvY8Us04qT5sz0S5QxlPq5AsgaCzilEB58hfqzgdHGQrqu4vAKZb 72akOzmpDOxEzMFUI7NfmPTKxVSKlLqFVHTzCIQA+772kQqShUais4TLOAbZVpclwKHltVwz MQlnZGrQG/FBIWV8Agme0ceS34W0ZFuouedfSDk65XLliUqTlO3qxlQJBBuVWEn0rsvaY1+3 aRwACwAaBmFm9W3zNqTIgW7rp1+RCVDFNp3VkBIlVk1P95/KXzwa/yiCetj4dsFrpsm8cD2P JNFNGU1PHwsVDUUUrsfIMpWcO6A2CGjI2UAwL6fjfJfD2P7lGSd3FVxWTZ8lxPjqch9xy6lS mz6E2vRLQ1KEcLA0iS+1jGPo93Wjx3kBotDG+jtnhJqqAX7Km07IicwDGSdjMnh0AigUNVFM wod9mwwt7M0skesS7ERXTXh+Djd4UVaAocLVbFrgO2O4vO8DwKxBGcDUzpNQMIrrs4tRDMsk FSOmrsFABQ06eXLFSnBqN94qxvxGzQeH2MrOBNUEywi5//Ig6d0nyz2G4ML/Kmdy4ed9SvL6 zGHsCZr2+0dgM4Gzauy+FHDknSrvJfhQgs8/A6RX2+54EV+foHNT5al5lXL8d5BIZqXCF6bs xA5d9O25voIVI6LmTzVGqAWAqvv4veedTfbx1R1GcBn6S62/TioeoU4DCxCGXqF+/0sIVfBC HI/cysLjHOPFBNGtZNKXr8=
IronPort-HdrOrdr: A9a23:GIflh63sf8MFzpcHdFX5YQqjBG8kLtp133Aq2lEZdPUzSL38qy nOpoV46faaslYssR0b9+xoW5PufZq0z/cc3WB7B8bAYOCJggqVBbAnw4fkzybpBiHyssVMvJ 0NT4FOTPn9F0Jzg8q/wgWpeuxL/PC3tISln/3XwXsodxxtcK0I1WpEIxyWCVJ7XzNLApcFFJ 6Rj/Atmwad
X-Talos-CUID: 9a23:P/oGAGC3LpabcxT6EwZ7pGsKRds7SVme71LiOl2GFjhgGbLAHA==
X-Talos-MUID: 9a23:TKVkbQi3GsC+WyvAbei59MMpd+V06JaiIR0xwcshnM2iHg9WfCajtWHi
X-IronPort-AV: E=Sophos;i="6.07,142,1708387200"; d="png'150?scan'150,208,217,150";a="31064346"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.37; Thu, 21 Mar 2024 08:44:53 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2507.037; Thu, 21 Mar 2024 08:44:53 -0400
From: "Gould, James" <jgould@verisign.com>
To: "ietf=40feherfamily.org@dmarc.ietf.org" <ietf=40feherfamily.org@dmarc.ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] EPP Transport Service Discovery
Thread-Index: AQHaer4P4KUm1UrxOEyuGuBBSmI7nrFBp7uAgACoVwCAABZrAP//vyqA
Date: Thu, 21 Mar 2024 12:44:53 +0000
Message-ID: <2622C45A-7D3A-4C37-AEFE-53EE24511E97@verisign.com>
References: <c9fd4e5780f740dc9129e42a28a21813@verisign.com> <CABf5zvKJWitvjvxt23cJdoeVBs3DcqutJJZrKL+cMgLbUbZ0xA@mail.gmail.com> <SA1PR02MB8541D15E2B07D218E0C16433BF332@SA1PR02MB8541.namprd02.prod.outlook.com> <E5B2D1A2-1D63-40D6-8519-B949855F00DB@tobiassattler.com> <CAAQiQRd-9Kbo4cRUFoJYXxMydw7RQ2cVyXUwhWCTyXFcGfvFBQ@mail.gmail.com> <3d4f3867-f610-4205-94a9-c2527ed1ef3f@feherfamily.org>
In-Reply-To: <3d4f3867-f610-4205-94a9-c2527ed1ef3f@feherfamily.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.82.24021116
x-originating-ip: [10.170.148.18]
Content-Type: multipart/related; boundary="_004_2622C45A7D3A4C37AEFE53EE24511E97verisigncom_"; type="multipart/alternative"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/n_QSmmgB9V1-FiMmf7sHk2BknDs>
Subject: Re: [regext] EPP Transport Service Discovery
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2024 12:45:00 -0000

We can look to add a section on signaling within the EoH and EoQ drafts that leverages the SVCB record.  I believe the rate limiting and exclusivity or non-exclusivity on a single transport as server policy and out of scope for the definition of the transports.

Thanks,

--

JG

[cid87442*image001.png@01D960C5.C631DA40]

James Gould
Fellow Engineer
jgould@Verisign.com<applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com>

703-948-3271
12061 Bluemont Way
Reston, VA 20190

Verisign.com<http://verisigninc.com/>

From: regext <regext-bounces@ietf.org> on behalf of Kal Feher <ietf=40feherfamily.org@dmarc.ietf.org>
Date: Thursday, March 21, 2024 at 8:37 AM
To: "regext@ietf.org" <regext@ietf.org>
Subject: [EXTERNAL] Re: [regext] EPP Transport Service Discovery


Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


+1

this appears to be solving a problem that doesnt exist and is unlikely to exist.

for a multiple transport registry, I'd be more interesting in whether rate limit behaviour would be consistent between transports and whether clients are expected to be exclusively on a single transport at a time or can use both in parallel, which would be my preference.


On 21/3/2024 9:16 pm, Andrew Newton (andy) wrote:

Registries have a financial incentive to make sure registrars are kept

up to date, so your experience is almost certainly the norm. And I

agree that any service discovery mechanism that gets complicated is

not worth the effort in the registry/registrar space.



That said, George's idea of using an SVCB record seems pretty

straightforward and is low effort.



-andy





On Wed, Mar 20, 2024 at 9:14 PM Tobias Sattler

<tobias=40tobiassattler.com@dmarc.ietf.org><mailto:tobias=40tobiassattler.com@dmarc.ietf.org> wrote:



+1



During my 14-year tenure on the registrar side, where we implemented almost every gTLD and many ccTLDs, I always felt well-informed by registries if they intended to make substantial changes. While this feature seems nice, I don’t know if the effort is worth it.



Best,

Tobias



On 20. Mar 2024, at 12:59, Jody Kolker <jkolker=40godaddy.com@dmarc.ietf.org><mailto:jkolker=40godaddy.com@dmarc.ietf.org> wrote:



Just adding my 2 cents.







It seems that designing and implementing a discovery system seems to be a bit complicated and will take some time to design and complete.  Every registry will be contacting registrars when a new system is enabled, or at least should be.  I don’t see a huge benefit of adding a service discovery system compared to the amount of time it will take to design and implement.  I would rather we spend our time defining the separate transport system than designing a discovery system.











Thanks,

Jody Kolker

319-329-9805  (mobile)







Please contact my direct supervisor Scott Courtney (scourtney@godaddy.com<mailto:scourtney@godaddy.com>) with any feedback.



This email message and any attachments hereto is intended for use only by the addressee(s) named herein and may contain confidential information. If you have received this email in error, please immediately notify the sender and permanently delete the original and any copy of this message and its attachments.







From: regext <regext-bounces@ietf.org><mailto:regext-bounces@ietf.org> On Behalf Of Steve Crocker

Sent: Wednesday, March 20, 2024 5:11 AM

To: Hollenbeck, Scott <shollenbeck=40verisign.com@dmarc.ietf.org><mailto:shollenbeck=40verisign.com@dmarc.ietf.org>

Cc: regext@ietf.org<mailto:regext@ietf.org>

Subject: Re: [regext] EPP Transport Service Discovery







Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad@.







Scott, et al,







This seems to me an excellent idea, but let me suggest adding a bit more content.







And before doing so, let me acknowledge that a registry will likely inform its registrars well in advance of any changes and will likely provide a test system for registers to use in advance of a cutover to a new transport system.  But rather than depending on this alone, an automated process for discovering the transport will be very helpful.







And now for the added content:







If a registry upgrades to a new transport method, it will likely operate both the old and new transport for a period of time.  Indeed, it might even support three or more transport methods during some periods.  Accordingly, the response to a service discovery query will likely contain multiple answers.  Each answer should also include a flag indicating whether it is a preferred method.







But wait, there's more.







Each transport method will go through a lifecycle.  The transport method lifecycle has the following states.







A. Announcement that the method will be supported in the future.  (Including the anticipated date is a good idea, but the date should be interpreted as a guess, not a certainty.)







B. Announcement that the method is now supported.  Include the date it became supported.  (A transport method in this state is "preferred."  There should be at least one method in this state, but there could be more than one.)







C. Announcement that the method that has been supported is scheduled to be removed.  Include the estimated date of removal.  This will serve as notice that any registrar still using the transport should move to another available method that has reached state B.  (And, of course, there should indeed already be at least one method in state B.)







D. Announcement that the method will become unavailable on a specific date.  (All use of a method in this state should have ceased.  However, if the method is still in use by a registrar, it will work.  The registry's system or other monitoring systems can take note and escalate attention to the appropriate managers,)







E. Removal of the transport method from the set of answers.







Extension of the proposal to include these states is easy.  Just add a flag to indicate whether the transport method is in state A, B, C or D, and include the date.







Comments?







Steve











On Tue, Mar 19, 2024 at 7:11 PM Hollenbeck, Scott <shollenbeck=40verisign.com@dmarc.ietf.org><mailto:shollenbeck=40verisign.com@dmarc.ietf.org> wrote:



As noted during this morning’s regext session, we need to consider how a client can discover the transport services provided by an EPP server. Opportunistic probing is one method, another is server capability publication using something like an SVCB record that’s published in a DNS zone maintained by the EPP server operator. Perhaps something like this:







epp.example.net.  7200  IN SVCB 3 epp.example.net. (



       alpn="bar" port="700" transport="tcp")







There is no “transport” SvcParamKey currently registered with IANA, but that’s easy to do. I think there’s a draft here that needs to be written.







Scott



_______________________________________________

regext mailing list

regext@ietf.org<mailto:regext@ietf.org>

https://www.ietf.org/mailman/listinfo/regext<https://secure-web.cisco.com/1CGrBi574rjgoLX16HhL8tJNpqrguaSIZ2pbFlJKmAaCutHwWxhlq1RJp839TYzs2BakkyH3JD5RCiUCi7Ak2330aNQDpsfKZpTVUSNJyiOUMNxMcIl0TmlJ2ozggfoLqiq-4uheVLzgvP4S5BtYOzJXGUt33NxMDxMKP_fLA-G_-iRaHz0_kRfVzhUudzI6LMTVY0C-jsLH_gHMBPuFEvR5gAAjagIHn88HF0HXJ00wuYF7_kI_aK_EE0RgCzkJwkBsfqFR4vZ5qN1gjcNcApLtYKmX2w30IhTNtCB4rBO0/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext>









--



Sent by a Verified



sender



_______________________________________________

regext mailing list

regext@ietf.org<mailto:regext@ietf.org>

https://www.ietf.org/mailman/listinfo/regext<https://secure-web.cisco.com/1CGrBi574rjgoLX16HhL8tJNpqrguaSIZ2pbFlJKmAaCutHwWxhlq1RJp839TYzs2BakkyH3JD5RCiUCi7Ak2330aNQDpsfKZpTVUSNJyiOUMNxMcIl0TmlJ2ozggfoLqiq-4uheVLzgvP4S5BtYOzJXGUt33NxMDxMKP_fLA-G_-iRaHz0_kRfVzhUudzI6LMTVY0C-jsLH_gHMBPuFEvR5gAAjagIHn88HF0HXJ00wuYF7_kI_aK_EE0RgCzkJwkBsfqFR4vZ5qN1gjcNcApLtYKmX2w30IhTNtCB4rBO0/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext>





_______________________________________________

regext mailing list

regext@ietf.org<mailto:regext@ietf.org>

https://www.ietf.org/mailman/listinfo/regext<https://secure-web.cisco.com/1CGrBi574rjgoLX16HhL8tJNpqrguaSIZ2pbFlJKmAaCutHwWxhlq1RJp839TYzs2BakkyH3JD5RCiUCi7Ak2330aNQDpsfKZpTVUSNJyiOUMNxMcIl0TmlJ2ozggfoLqiq-4uheVLzgvP4S5BtYOzJXGUt33NxMDxMKP_fLA-G_-iRaHz0_kRfVzhUudzI6LMTVY0C-jsLH_gHMBPuFEvR5gAAjagIHn88HF0HXJ00wuYF7_kI_aK_EE0RgCzkJwkBsfqFR4vZ5qN1gjcNcApLtYKmX2w30IhTNtCB4rBO0/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext>



_______________________________________________

regext mailing list

regext@ietf.org<mailto:regext@ietf.org>

https://www.ietf.org/mailman/listinfo/regext<https://secure-web.cisco.com/1CGrBi574rjgoLX16HhL8tJNpqrguaSIZ2pbFlJKmAaCutHwWxhlq1RJp839TYzs2BakkyH3JD5RCiUCi7Ak2330aNQDpsfKZpTVUSNJyiOUMNxMcIl0TmlJ2ozggfoLqiq-4uheVLzgvP4S5BtYOzJXGUt33NxMDxMKP_fLA-G_-iRaHz0_kRfVzhUudzI6LMTVY0C-jsLH_gHMBPuFEvR5gAAjagIHn88HF0HXJ00wuYF7_kI_aK_EE0RgCzkJwkBsfqFR4vZ5qN1gjcNcApLtYKmX2w30IhTNtCB4rBO0/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext>

v2.23.0 | Report a Bug | By Email