Re: EPP reliance on registrar sponsorship model

["Jordyn A. Buchanan" <jordyn@register.com>]

Hi Jarle:

Glad to have your comments.  Your concerns reflect others that 
several folks from the ccTLD community have raised, and I feel like 
we need to do a better job addressing them because so many ccTLD 
folks have similar reactions to the existing drafts.  (For that 
matter, we've got similar problems with non-DNS registries such as 
the RIRs.)

It's true that the existing documents rely on a registrar sponsorship 
model.  I've heard the following explanations of why reseller/broker 
approaches are different from the registrar model:

1) Resellers have the right to register objects, but once the domain 
is registered, they're done.  After the initial registration, all 
modifications and other operations must be performed by the registry. 
In this case, I think the solution is to only enable the registration 
of new objects.  Commands other than <create> can be disabled.  The 
EPP drafts don't explicilty allow for this at present, but that 
wouldn't be very hard to fix (and I certainly wouldn't have any 
problem with it).

2) Resellers are just like registrars, but the contractual 
relationship is different (in other words, the registrant is 
contracting with the registry, not with the registrar, but the 
registrar can still maintain the objects on behalf of the 
registrant).  If this is the case, I think the existing protocol 
works fine.  The difference in this case is not a technical one.

No one has described (that I can remember) a model other than these 
that is in use today.  It's likely that they exist, but I think we 
need to have a better understanding of what they are in order to 
accommodate them.

Jarle makes the specific suggestion of allow authorization of each 
command by providing a password, digital signature, etc.  This is 
potentially a helpful suggestion, and not that long ago, Scott's 
drafts included a requirement that some sort of authentication be 
made for each write command.  There's no fundamental reason that this 
can't be done, but the suggestion makes me wonder whether there are 
any registries using a policy like this today?  (In other words, do 
you allow your resellers to make changes to objects in your registry 
by providing some sort of authentication that is known to the 
registrant?)  It might be helpful to see how this works in the real 
world before we try to implement it in the protocol.

Jarle also suggests:

>A more general authorization model will also make it possible to
>restrict the referencing of registry objects.  This can be useful in
>situations where for instance an ISP is working hard to decommision an
>old name server, and don't want referenced in any new domain name
>registrations.  If the registry supports a notion of "reference
>approvals", the ISP can put an attribute on the name server object
>that rejects any new references.

It seems like we could accomplish this through the use of a status 
that disallows new associations.  I think this is a separate issue, 
but it may be a useful feature to add nonetheless.

Jordyn