To:
ietf-provreg@cafax.se
From:
Patrick <patrick@gandi.net>
Date:
Thu, 17 Jan 2002 23:30:02 +0100
Content-Disposition:
inline
In-Reply-To:
<3CD14E451751BD42BA48AAA50B07BAD60189B581@vsvapostal3.bkup6>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Mutt/1.3.24i
Subject:
Re: <info> Command and authInfo
On Thu, Jan 17, 2002 at 05:15:13PM -0500, Hollenbeck, Scott took time to write: > > Or the command was badely designed. > > (it seems to me that if a Registry using EPP right now says that the > > current state is not ok to do transfers... then it is not a social > > problem of someone not willing to do something...) > > I've already read the NeuLevel document, too, and I have to agree with Ross' > assessment. What was written wasn't an indictment of the protocol at all, > but a description of a need for social education for a feature that hasn't > been available before -- and that's probably a much more difficult task than > this WG's task. Only time will tell if transfers in EPP based/using auth info Registries are faster/easier/better/whatever than in RRP based/not using auth info Registries. I think it will not, but this was not my main point. I do not disagree that *now* education is the problem, just because EPP is not known, and not used so much. I still think however, than when this step will be achieved people will realize that to do transfers they will need to do things extra that they do not need to do now. (asking the current Registrar to have access to the auth info to give it to the new Registrar, which probably will not be able to rely only on that, and will need to ask contacts or owner for approval, just like now). There are even cases of valid transfers that can be done now, that will not be possible with this new scheme. Think of a domain name ``hijacked'' by whatever company being all contacts. If the *owner* wish to do the transfer, right now a fax is a valid method of approval, and the transfer can succed, whatever old contacts will do. Now if auth info is required to do the transfer, and if this information is only sent to contacts of the domain name, ... The _idea_ of having the *owner* have control over things like that is great. The idea that using an auth info resolves that is just not correct in my eyes. But again, we shifted, my main point was having auth info used not only for transfer but for other tasks. Or at least having the _protocol_ not forbidding things, that a policy may wish to better control. I just wanted to push Bruce last email, that's all ;-) Building a protocol too restricted to current behaviors/gTLD registries will lessen its use by others. I guess it just depends if we want to replace RRP, or if we want to replace *all* aims used right now by all Registries. Patrick.