To:
"'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>
From:
"Liu, Hong" <Hong.Liu@neustar.biz>
Date:
Tue, 8 Oct 2002 22:29:40 -0400
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: Definition of "External" Host
Scott, The sentence you quoted seems OK if the terms "management authority" and "repository" are precisely defined. It is not a problem if the repository is the whole TLD and the management authority is the TLD registry operator. However, it is getting complicated when delegation of name spaces occurs under the same TLD in 3rd level and up. Maybe an example will help explain my point. Suppose we have a TLD .tld with two 3rd level delegations del1.tld and del2.tld. So there are three disjoint name spaces under .tld: del1.tld, del2.tld and anything else under .tld. These three name spaces have different registration policies. They may also share some common registration policies. If I understand correctly, .tld, .del1.tld, and .del2.tld are considered as three separate "repositories". If not, please ignore the rest of the message. Now suppose registry operator A is responsible for .tld and .del1.tld, and registry operator B is responsible for .del2.tld. So A is the management authority for .tld and del1.tld, while B is the management authority for del2.tld. Let's say three domains have been created in the three repositories, respectively: abc.tld, def.del1.tld, ghi.del2.tld. Suppose def.del1.tld wants to use hosts ns.abc.tld and ns.ghi.del2.tld as its nameservers. The questions are: (1) Is ns.abc.tld an external host of def.del1.tld? The answer seems to be "yes" since .tld and .del1.tld are two different repositories. However, the management authority of ns.abc.tld is identical to that of del1.tld, i.e., registry operator A. In other words, A is not external to def.del1.tld. (2) Is ns.ghi.del2.tld an external host of def.del1.tld? The answer is "yes", and the definition is fine. So it seems what needs to be clarified is the case where two separate repositories under the same TLD are administered by the same management authority. The key lies in the delineation of repository, not the management authority. In the above example, if we stick to the name space definition, then the answers would be "yes" to both questions. The real sticky issue is whether a host is external or not may not be clear at the time it is created. In the above example, when ns.abc.tld is created, it is not clear whether it will be used as a nameserver for abc.tld or def.del1.tld since registry operator A operates both .tld and del1.tld. It will only be clear when it is associated with either abc.tld (delegated) or def.del1.tld (external). Additional questions are: (3) Can ns.abc.tld be created without abc.tld being created first? The answer seems to be "no" in the case. That is, the "subordinate host rule" should take precedence over the "external host rule" for host object creation. (4) Can ns.abc.tld have multiple copies, one per registrar? For the "subordinate host rule", the answer should be "no". But for the "external host rule", the answer should be "yes". The dilemma is that ns.abc.tld cannot become an external host unless it is associated with def.del1.tld. However, it cannot be an external host for def.del1.tld unless it is created as an external host object for the sponsoring registrar of def.del1.tld. On the other hand, a subordinate host object ns.abc.tld already exists for domain abc.tld. So creating another copy would fail! With connection-oriented transport bindings such as TCP, (3) and (4) can be resolved by assigning different connections between the registry and the registrar for .tld and del1.tld. The server will be able to tell from the connection whether the host object created is intended for .tld or del1.tld. While this is not very efficient, it can be made to work. With connection-less transport, such as HTTP or SMTP, we are not as lucky. Maybe we should include a <respository> parameter in the <login> message for the client to indicate to the server which name space(s) the session is set up for. I apologize for the long message. Basically I am talking myself through these issues. I hope that I am not making this issue more confusing than necessary, -:) Regards, --Hong -----Original Message----- From: Hollenbeck, Scott [mailto:shollenbeck@verisign.com] Sent: Tuesday, October 08, 2002 7:59 PM To: 'Liu, Hong'; 'ietf-provreg@cafax.se' Subject: RE: Definition of "External" Host > I have a question for clarification regarding the definition > of "external" > host in the 2nd paragraph of Section 1.1 in > draft-ietf-provreg-epp-host-05.txt. Does it mean that a host object is > external to the current TLD only if the host name belongs to > another TLD? > There are other cases that a host can also be external under > the same TLD > but belongs to different 3rd level delegations. Thanks! I think the definition in section 1.1 is pretty clear: if there is no superordinate domain name (a domain name higher up in the hierarchy) registered in the repository, the host is considered an external host. What matters is where the management authority for the host's registered domain lies: "Such hosts are described as "external" hosts in this specification since the management authority for these hosts is external to the repository in which the host is being used for delegation purposes." -Scott-