To:
ietf-provreg@cafax.se
From:
Daniel Manley <dmanley@tucows.com>
Date:
Tue, 21 Aug 2001 09:47:20 -0400
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3) Gecko/20010801
Subject:
Re: EPP reliance on registrar sponsorship model
Again, this is probably too specific to the TLD registries and registrars, but allowing any registrar to update registry objects as long as the "auth info" is known would be a headache. Would renewals be allowed? And we'd have to go on word of honour that the non-sponsoring registrars don't keep a copy of the auth info for objects they don't own? Registrars would almost have to build two systems: one for their loyal customers and another to deal with the cusomters of other fly-by-night registrars that collect registrations dirt cheap but don't provide adequate maintainance functionality. This would be a big burden on registrars and could be confusing to registrants. Dan Hollenbeck, Scott wrote: >>-----Original Message----- >>From: Jarle Greipsland [mailto:jarle@uninett.no] >>Sent: Wednesday, August 08, 2001 7:16 AM >>To: ietf-provreg@cafax.se >>Subject: EPP reliance on registrar sponsorship model >> >> >>I think we would be better served by having the registrar sponsorship >>concept replaced by a more general authorization mechanism. >>Registries that wish to work within the registrar sponsorship model >>can then do so by (explicitly or implicitly) authorizing the "current >>registrar" to make any changes to a given object, including the right >>to reject or accept a transfer. Registries that wish to operate >>within another model, e.g. the registry will register digital >>certificates for individuals or organizations, and attach attributes >>to objects authorizing certificate holders to perform a given set of >>operations on the object (provided the request is properly signed by >>the holder) no matter what registrar forwards the request to the >>registry, can then do so. >> > >The EPP drafts were first written without object-specific authorization >information. It was added in an attempt to address one person's comments. >It was subsequently removed as a result of larger WG discussion to simplify >operations. > >I think there is a larger data consistency issue that is introduced if the >client sponsorship model is abandoned. As changes are made across clients, >all of the previously involved clients will probably like to know about >changes made through other clients so that whatever locally-copied data they >maintain remains consistent with that of the server. It's a many-to-one >relationship. With the client sponsorship model, there's a one-to-one >relationship that is _far_ easier to manage. > ><Scott/> >