To:
Hong Liu <lhongsms@yahoo.com>
CC:
"'ietf-provreg@cafax.se'" <ietf-provreg@cafax.se>
From:
Klaus Malorny <Klaus.Malorny@knipp.de>
Date:
Mon, 18 Nov 2002 17:21:44 +0100
In-Reply-To:
<20021118141931.22629.qmail@web14307.mail.yahoo.com>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.3a) Gecko/20021115
Subject:
Re: last-verified-date
Hong Liu wrote: > Rick, > > Per your suggestion, I am sending my comments to the > list. Here is the modified text I would suggest: > > "2.9 Last Verified Date > > The date the contact information was last verified as > valid by the entity who at the time of validation was > the sponsoring registrar of the contact object. This > parameter is OPTIONAL for a contact object. When used, > it is the registrar's sole responsibility to perform > the validation duty." > > There are three key points I would like to make: > > (1) The current sponsoring registrar is not > necessarily the registrar who last checked the > contact. To complete the proposal, it may be better to > include a <verID> to store the verifying registrar > identity. I will leave the WG to decide. > (2) The parameter should be optional, i.e., not all > contact objects are required to be verified. > (3) The registry should play no role, except for > storing the field when presented, in performing the > validity checking. > > Hope you and other guys have a good discussion in > Atlanta on this and other topics. > > --Hong > Hi, after thinking a bit about this, I believe that this information a) is part of the registry policy b) does not belong the minimum set of necessary contact information. Therefore I suggest that if a registry wants to support this information, it should use the extension mechanisms in EPP, i.e. by supplying an own contact object or by using the <extension> element. A general problem with the field is that it does not say anthing about the thoroughness of the verification and may mislead the recipient - it may create trust that it isn't worth. If one wants to avoid this, one have to back this with detailed registry policy that delegates the responsibilities to the registrars, or, much better, to perform the verification in the registry itself. In this case the data would not appear in the create/update requests, but only in the info request. regards, Klaus ___________________________________________________________________________ | | | knipp | Knipp Medien und Kommunikation GmbH ------- Technologiepark Martin-Schmeißer-Weg 9 Dipl. Inf. Klaus Malorny 44227 Dortmund Klaus.Malorny@knipp.de Tel. +49 231 9703 0