[regext] Re: I-D Action: draft-ietf-regext-epp-delete-bcp-07.txt

kowalik@denic.de Wed, 31 July 2024 19:07 UTC

Return-Path: <kowalik@denic.de>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81600C14F6A8 for <regext@ietfa.amsl.com>; Wed, 31 Jul 2024 12:07:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=denic.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkZJspsXrGso for <regext@ietfa.amsl.com>; Wed, 31 Jul 2024 12:07:04 -0700 (PDT)
Received: from mout-b-203.mailbox.org (mout-b-203.mailbox.org [IPv6:2001:67c:2050:102:465::203]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18E46C14F69E for <regext@ietf.org>; Wed, 31 Jul 2024 12:07:03 -0700 (PDT)
Received: from smtp202.mailbox.org (smtp202.mailbox.org [IPv6:2001:67c:2050:b231:465::202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-b-203.mailbox.org (Postfix) with ESMTPS id 4WZ1md6G3dz9vwf; Wed, 31 Jul 2024 21:06:57 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=denic.de; s=MBO0001; t=1722452817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=vXBkd0paiIELOm17WHIrTqyNH5y8tXa0iy+7w3gQ93I=; b=ewbpQpWco64rWwBmjmsuPR73AZMslr7GuekJVkdbJVfPQHJBozm+sn7knxx16reLKakLm1 L4yVEVeMLraHsEUHw1c/QkMnczPdCUsEu4YPert0QfexgJbFBrNFe96iE5WRgMsvF+I2bn 6OXFUo1rFaVPJqSu2y5z5+Bu+kWD50fuvg5hQwiqRHRgX6mV6MEkSOKkib5Hez1YKEH4Oc LoX3WcqvuK5oYld+wQHU65oEMvUaMvyikq3Q5qfvqh91glRI2LDxGNbT8uU/WTtN4m82C7 9qm9AY57ZIFKQSPWMi+KLa5WNQIzAK+oykvpbiMQ74cP5jLhSYCw6WNJJKh5cg==
Message-ID: <56d2fd23-4a4a-4fc2-b18b-7bffaff49801@denic.de>
Date: Wed, 31 Jul 2024 21:06:56 +0200
MIME-Version: 1.0
From: kowalik@denic.de
To: "Andrew Newton (andy)" <andy@hxr.us>, "regext@ietf.org" <regext@ietf.org>
References: <172243217153.2152631.577325171851793888@dt-datatracker-659f84ff76-9wqgv> <f041e47b-0429-4439-9f61-d9efb3288f0b@denic.de> <8f747241-2c2a-4df2-b338-42bbdfdadf09@hxr.us> <9e2810a9-9f40-4c8b-8981-291b2094581d@denic.de> <7ab277ac-8dc2-49a0-b5fe-ac469296cb47@hxr.us>
Content-Language: en-GB, de-DE
In-Reply-To: <7ab277ac-8dc2-49a0-b5fe-ac469296cb47@hxr.us>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms040403090404030707060609"
X-MBO-RS-ID: 2ca5e94e98e7069a6da
X-MBO-RS-META: us46sjn6c4c533bt1beryjs4k3i6kkxr
Message-ID-Hash: CGGCZ3BNET2MWXA7J36HWSRA4IWFHYK2
X-Message-ID-Hash: CGGCZ3BNET2MWXA7J36HWSRA4IWFHYK2
X-MailFrom: kowalik@denic.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-regext.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [regext] Re: I-D Action: draft-ietf-regext-epp-delete-bcp-07.txt
List-Id: Registration Protocols Extensions Working Group <regext.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/z-vCz-x7hRAYJbMgnupjc_25D48>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Owner: <mailto:regext-owner@ietf.org>
List-Post: <mailto:regext@ietf.org>
List-Subscribe: <mailto:regext-join@ietf.org>
List-Unsubscribe: <mailto:regext-leave@ietf.org>

Just on this one topic.

On 31.07.24 19:30, Andrew Newton (andy) wrote:
>>> Would you be satisfied if the first recommendation was labeled with 
>>> "This practice has been observed in use." and the other two 
>>> recommendations are labeled with "This practice has not been 
>>> observed in use."?
>>
>> This is already stated with each single practice and it would be 
>> logically inconsistent the way Section 6 is written now ("MUST 
>> implement one of the following practices...").
>>
>> For me the BCP shall tell like "SHOULD implement practice 1 if 
>> existing and operationally proved practices are preferred or MAY 
>> consider experimenting with practice 2 or 3 in the future".
>>
> I don't understand this. A SHOULD and MAY means a practitioner can say 
> they adhere to the BCP without doing anything. Also "the future" is 
> subjective. 

Yes, "the future" is subjective. That's right. However touches on one 
important point.

If the goal is to eliminate those bad existing practices in a 
foreseeable near future, then practice 1 is the only that is practicable 
and can be implemented by only one party - the clients. This is by the 
way also an inconsistency in the current text - it tells now that EPP 
MUST servers implement practices, which is not right for this one. At 
least the description does not mention any of server changes needed. For 
others both servers and clients must implement collectively.

Practice 2 has a lot of moving parts that needs to change both by 
servers and the clients, so nothing one party can implement on the spot 
to improve the situation in any way. It maybe recommended as a target 
picture, but will take loads of time to implement. Is it then an equal 
recommendation referring to the goal?

Practice 3 also require both servers and clients to change, but likely 
is easier to implement. Easier does not mean easy, as clients tend to be 
reluctant to solutions that work only with selection of registries, so 
servers would have to move first and allow for sacrificial.invalid or 
alike. I'm not an expert in ICANN policies, but maybe it's even needed 
to change those. Also quite broad tests are likely required if with all 
those conditions mentioned in 5.1.4.3 are indeed fulfilled in the wild.

So I don't feel right to put an equal mark within Best Current Practice 
document for those three. Whatever "current" means.

Kind Regards,

Pawel Kowalik