To:
Jarle Greipsland <jarle@uninett.no>, ietf-provreg@cafax.se
From:
"Jordyn A. Buchanan" <jordyn@register.com>
Date:
Wed, 8 Aug 2001 14:03:15 +0100
In-Reply-To:
<20010808.131625.36851094.jarle@uninett.no>
Sender:
owner-ietf-provreg@cafax.se
Subject:
Re: EPP reliance on registrar sponsorship model
Hi Jarle: Glad to have your comments. Your concerns reflect others that several folks from the ccTLD community have raised, and I feel like we need to do a better job addressing them because so many ccTLD folks have similar reactions to the existing drafts. (For that matter, we've got similar problems with non-DNS registries such as the RIRs.) It's true that the existing documents rely on a registrar sponsorship model. I've heard the following explanations of why reseller/broker approaches are different from the registrar model: 1) Resellers have the right to register objects, but once the domain is registered, they're done. After the initial registration, all modifications and other operations must be performed by the registry. In this case, I think the solution is to only enable the registration of new objects. Commands other than <create> can be disabled. The EPP drafts don't explicilty allow for this at present, but that wouldn't be very hard to fix (and I certainly wouldn't have any problem with it). 2) Resellers are just like registrars, but the contractual relationship is different (in other words, the registrant is contracting with the registry, not with the registrar, but the registrar can still maintain the objects on behalf of the registrant). If this is the case, I think the existing protocol works fine. The difference in this case is not a technical one. No one has described (that I can remember) a model other than these that is in use today. It's likely that they exist, but I think we need to have a better understanding of what they are in order to accommodate them. Jarle makes the specific suggestion of allow authorization of each command by providing a password, digital signature, etc. This is potentially a helpful suggestion, and not that long ago, Scott's drafts included a requirement that some sort of authentication be made for each write command. There's no fundamental reason that this can't be done, but the suggestion makes me wonder whether there are any registries using a policy like this today? (In other words, do you allow your resellers to make changes to objects in your registry by providing some sort of authentication that is known to the registrant?) It might be helpful to see how this works in the real world before we try to implement it in the protocol. Jarle also suggests: >A more general authorization model will also make it possible to >restrict the referencing of registry objects. This can be useful in >situations where for instance an ISP is working hard to decommision an >old name server, and don't want referenced in any new domain name >registrations. If the registry supports a notion of "reference >approvals", the ISP can put an attribute on the name server object >that rejects any new references. It seems like we could accomplish this through the use of a status that disallows new associations. I think this is a separate issue, but it may be a useful feature to add nonetheless. Jordyn