To:
ietf-provreg@cafax.se
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Thu, 26 Jul 2001 07:08:08 -0400
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Proposed agenda
>-----Original Message----- >From: James Seng/Personal [mailto:James@Seng.cc] >Sent: Wednesday, July 25, 2001 10:06 PM >To: Rick H Wesson; Edward Lewis >Cc: ietf-provreg@cafax.se; jaap@sidn.nl >Subject: Re: Proposed agenda > > >OPP is designed for some specific registry we doing for China and EPP is >not able to meet the security requirements. The focus of OPP is on >end-point authentication and authorization. The statement "EPP is not able to meet the security requirements" caught my attention. One of the primary features of EPP is distinct layering so that different types of service layers (such as additional security services) can be defined with relative ease. While it's true that there's nothing in the current EPP specs that describes how transactions can be protected using (as an example) XML digital signatures, the architecture is such that anyone can write a draft describing such an additional service layer without having to define a new protocol. <Scott/>