To:
"'Rick H Wesson'" <wessorh@ar.com>
Cc:
ietf-provreg@cafax.se
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Fri, 18 Jan 2002 07:14:35 -0500
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: <info> Command and authInfo
> -----Original Message----- > From: Rick H Wesson [mailto:wessorh@ar.com] > Sent: Thursday, January 17, 2002 8:26 PM > To: Hollenbeck, Scott > Cc: ietf-provreg@cafax.se > Subject: RE: <info> Command and authInfo > > > > Scott, > > yes, I read those -- I was asking for the text in the draft, > to compare. > > From what I understand the <info> command currently returns a > subset of > the object depending or not if you are the sponsoring registrar. > > Is this not waht passed last call? No, that's NOT what passed last call. The only field that is currently explicitly identified as one that shouldn't be shown to anyone other than the sponsoring client is the <authInfo> field. Otherwise, the schema defines the mandatory and optional fields, and those that are optional are that way only because they may or may not exist. The suggested compromise was to explicitly make more fields optional so that they can be displayed (or not) based on a server's unauthorized client policy. That is: - if you're the sponsoring client, you get it all. - if you're not the sponsoring client, but you have the auth info, you get it all. - if you're not the sponsoring client and you don't have the auth info, you get a subset defined by server policy. This is derived from comments provided by Bruce and Jens-Uwe, so if I got it wrong I hope one or both of them will correct me. -Scott-