To:
ietf-provreg@cafax.se
From:
Patrick <patrick@gandi.net>
Date:
Thu, 17 Jan 2002 16:43:20 +0100
Content-Disposition:
inline
In-Reply-To:
<3CD14E451751BD42BA48AAA50B07BAD60189B566@vsvapostal3.bkup6>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Mutt/1.3.24i
Subject:
Re: <info> Command and authInfo
On Tue, Jan 15, 2002 at 10:28:50AM -0500, Hollenbeck, Scott took time to write: > I'm not so sure of the benefit in putting <authInfo> into the <update>, > <delete> and <renew> commands given the discussion we had on the list some > time ago (we DID have it that way, and then folks wanted it removed from all > but <transfer>), but I understand what you're saying about the dates and the > <info> command. I agree with Bruce on this : the authinfo should have a bigger scope. Right now it is only for transfers (and thus should have been called transfer auth or something like that, not auth info), and as we already see it with some Registries using EPP, transfers are hard. The auth info does not help anything regarding transfers. It just complicates things (current Registrar not giving it, and if the new Registrar already asks contacts for approval, the authinfo is of nouse... since it will be given to contacts, thus same problems in both case of hijacking and such). IMNSHO auth info should enable someone having it to make modifications (that is update at least, maybe delete and renew) through any other ways (other Registrars, or even the Registry directly). Protocols should make that possible, and then local policies should specify if it is to be used or not, and if yes, how. Regards, Patrick.