To:
"'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Fri, 26 Oct 2001 10:16:27 -0400
Sender:
owner-ietf-provreg@cafax.se
Subject:
More EPP-BEEP Comments
I have a few more comments/questions after a more thorough reading of Eric, Ayesha, and Ning's document: http://www.ietf.org/internet-drafts/draft-ietf-provreg-epp-beep-00.txt 1. "Conventions Used In This Document" appears twice, once on page 1 and again on page 2. One of these instances should be removed (I'd suggest removing the second instance). 2. Section 2 says that: "A EPP session is established when a BEEP channel is established. The EPP greeting message will be sent on the BEEP channel when the BEEP channel is established." Which channel does this statement refer to? Is it channel 0 (used for channel management), or a new channel that has to be created per section 2.3.1.2 of RFC 3080? The text isn't clear on this significant detail. Similarly, ending the EPP session as described in the following paragraph doesn't clearly identify which channel or channels must be released when ending an EPP session. Could a forward reference to section 2.1.4 or some explicit text be added to note that a new channel is created? 3. We've talked about URI schemes for profile identification, and Marshall Rose has a draft that describes a proposal to identify IETF-defined profiles. Assuming that the URI listed in section 2.1 is going to change based on earlier list discussions, a reference to Marshall's draft should be added to section 2.1. 4. Section 2.1.2 describes connection establishment, but again there's no mention of the BEEP channel on which EPP exchanges should take place. Again, it would be helpful to either say explicitly that a new channel is created, or provide a forward reference to section 2.1.4. 5. We've already talked about changing the Content-Type value described in section 2.1.2. 6. Section 2.1.6 says that "Each EPP command/response payload is preceded by the EPP tag <epp version="1.0">..." This isn't true; the version info is carried in the URI as illustrated in the given example. 7. Section 2.1.7 says that "EPP session termination is performed as part of data exchange on the channel with the EPP <logout> command, which also terminates the respective BEEP channel.". Which BEEP channel? The one created for the EPP profile, channel 0, or both? 8. Given the different security profiles available for BEEP, would it be possible to add some text to the "Security Considerations" section to reference a specific set of security profiles? Yes, TLS and SASL are described, but could the profiles be explicitly identified (and referenced)? That's it, nothing earth-shattering. -Scott-