Re: [regext] review of draft-ietf-regext-login-security-03

"Patrick Mevzek" <pm@dotandco.com> Tue, 09 April 2019 17:26 UTC

Return-Path: <pm@dotandco.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3277F1208C8 for <regext@ietfa.amsl.com>; Tue, 9 Apr 2019 10:26:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dotandco.com header.b=r7/lyphI; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=UDVhwjzi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rv2rDOCCRGZe for <regext@ietfa.amsl.com>; Tue, 9 Apr 2019 10:26:39 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B8021208BC for <regext@ietf.org>; Tue, 9 Apr 2019 10:26:39 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 460DC26588 for <regext@ietf.org>; Tue, 9 Apr 2019 13:26:38 -0400 (EDT)
Received: from imap1 ([10.202.2.51]) by compute3.internal (MEProxy); Tue, 09 Apr 2019 13:26:38 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dotandco.com; h= mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm2; bh=YbLdU uyMpSGaV48bS5WC1BN1B88Mh1bk7CMr50lnOjU=; b=r7/lyphIbLOaqnDQT4OSx Wk67iHKVSvgYbMnFPDbZb/xVVLIAKbt/6OFmE9xPhKZOti7mBzLDs5iw+6JWL5DT 1hBS34q+E8mAZx+/hnxLDtIO1kzFtdFyntIkBoDuzyQ5Nw8NlO5nTzfh5LzNEPJg d9faZkLxBKxvNKDKuoX0xKkivXx6v+8LI6GjZQpNR4bWr3meA9Wil9YHlBDNYHD7 ASobvTmBCIBe8XZnNuh5+WycwGrkzQhSI7fD/xvQK1KrG2V2kQiB8zNljI03oiH5 eH3lTjcnwSZPEsq7BxOoXueMCK/2+pEonkgVtiDJFMYKqpOKzP8g24I87y+AkdcT A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=YbLdUuyMpSGaV48bS5WC1BN1B88Mh1bk7CMr50lnO jU=; b=UDVhwjziuQ0zLzFZKC34qjtsbxUeWaTIRRe7P2I+zVEc3v3KEPiABnPli Fd2U54grA3bUKYZCxZPFCHog0rYgb+NgLXv+zzZBMe9EyYth7yrDCvcTyJiy2bfk 4sEHKa5B7g0TFT0eDVJeNUe4KGn8gIAPjsYnQOl4wgwkwSxsLInzluu6XQaNf/kS Wh5GJEFGqS2H7ePce3K0a88m9Ec2IqOw7WIUnyFZxdNY5bDxI27N3on4eSocGEnk zWDRzHkHXbwdIZ6UQNTrmX4ZvEHikb/6GfNnIalxfwyk+phXtmqO7UjgCDaF/6aT Giq6zSVnUdyeBGFdrGBmXRepDGY6Q==
X-ME-Sender: <xms:ztWsXJvnPu25s7l62O_SR8s63jlVUrkpYIbpFuhoSzozIvggDb59H1KlYvU>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrudehgdduuddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtgfesth hqredtreerjeenucfhrhhomhepfdfrrghtrhhitghkucfovghviigvkhdfuceophhmsegu ohhtrghnuggtohdrtghomheqnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpmhesughoth grnhgutghordgtohhmnecuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:ztWsXKmwwJ_xaKxdyZpshA_I8gWITJx066iQikcVpXlyr3Qq3KLXyg> <xmx:ztWsXMQbKFfhGk5IxPhfXvMCMWSaqicd5vNzP_2yI46Dh0IUt5DQUQ> <xmx:ztWsXAJpIAiX3DFtS9IBu4P1775HsZd4UavktpXSgwTggWJq8RA3PQ> <xmx:ztWsXC1Tr1tH7deHZeC7h0yY3IfgW4k-ysO2dzs2hYCu85oQunXIOg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id ECD39D48AB; Tue, 9 Apr 2019 13:26:37 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.6-329-gf4aae99-fmstable-20190329v1
Mime-Version: 1.0
X-Me-Personality: 66173168
Message-Id: <b692be9f-6123-42f5-b8a8-a4bbfb986e73@www.fastmail.com>
In-Reply-To: <BE4C3FDB-0A1D-4C6F-87C7-6D9CDDB09E10@verisign.com>
References: <afac0d26-e054-54a3-306b-5ec5a49fd489@switch.ch> <7597ff38-29ba-77e3-e093-524c5cb7123a@switch.ch> <878793C3-AE5B-4364-AA0A-572467EDB0D6@verisign.com> <fa8f12c3-851b-d29a-969d-605120704ed6@switch.ch> <BE4C3FDB-0A1D-4C6F-87C7-6D9CDDB09E10@verisign.com>
Date: Tue, 09 Apr 2019 13:26:37 -0400
From: Patrick Mevzek <pm@dotandco.com>
To: regext@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/vxDuGRRQHX1wBoG-PdibVB502ts>
Subject: Re: [regext] review of draft-ietf-regext-login-security-03
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2019 17:26:45 -0000

On Mon, Apr 8, 2019, at 08:23, Gould, James wrote:
> JG – The <loginSec:client> element can be changed to the <loginSec:app> 
> element. To remove confusion for “lang”, how about changing the 
> <loginSec:lang> element to the <loginSec:tech> element. The description 
> of the app, tech, and os elements would encourage the inclusion of the 
> version. The following is the proposed description of the elements:
> 
>  <loginSec:app>: OPTIONAL name of the client application software with 
> version if available, such as the name of the client SDK "EPP SDK 
> 1.0.0".
> 
>  <loginSec:tech>: OPTIONAL technology used for the client software with 
> version if available, such as "Java 11.0.2".

Please do not use "tech". Some EPP extensions already uses tech, albeit
in a "contact" related namespace, that is they have
<contact:tech>FOOBAR</contact:tech>
instead of this other form that some may prefer:
<domain:contact type="tech">FOOBAR</domain:contact>

So this falls in the kind of same problem of (non technical but possible confusing) collision.

And more generally, "tech" is too short to convey enough meaning just by itself.

In general I also fail to see what we gain by using short names.
Why not application, technology and operationSystem if you want all those details?

-- 
  Patrick Mevzek
  pm@dotandco.com