To:
Michael Graff <Michael_Graff@isc.org>
Cc:
"Hollenbeck, Scott" <shollenbeck@verisign.com>, ietf-provreg@cafax.se
From:
Michael Graff <Michael_Graff@isc.org>
Date:
10 Dec 2002 23:53:30 +0000
In-Reply-To:
<s9s7kf0otbn.fsf@farside.isc.org>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2
Subject:
Re: EPP statuses and other questions
Add to this list:
(7) Although ROIDs are used to specify what object the password is
associated with in a <authinfo roid="foo-BAR">, there is no way to ADD
an external foo-BAR to the list of contacts for a domain!
I restate that ROIDs and the whole concept of inter-registry linkage
is a very poorly thought out issue, and should be scrapped from EPP
documents ASAP. It adds complications for initial implementations,
and from my point of view adds no benefits to any implementation until
the concept is better thought out.
I know there are pressures to get the EPP draft to the next stage, but
this one issue is a serious sticking point that IMHO will cause us to
be unable to properly handle a workable inter-registry linkage in the
future.
--Michael
Michael Graff <Michael_Graff@isc.org> writes:
> And after reading much more, I feel the mistake is that there are two
> handles for objects now, and that is becomming a pain in trying to
> implement EPP.
>
> (0) ROIDs are not well thought out, nor well integrated into the 07
> draft at least.
>
> (1) A handle (like FOO1-ISC) is not self-describing. Is that a contact
> handle, a domain handle, or what?
>
> (2) Part of the handle namespace is client-chosen, part is registry-chosen.
> On contacts, the local (and thus the global) identifiers are chosen
> by the registrant, where domain and other ROIDs are chosen by the
> registry. This means the registry cannot fix (1) easily.
>
> Example: Suppose a contact, "FLAME1" is created, and assigned
> ROID of FLAME1-ISC. Now, later, that contact is deleted.
> Suppose a domain is created, "FLAME.ORG", and it is
> assigned the ROID of "FLAME1-ISC". Now, that is no longer a
> valid contact ROID. All external references will be totally
> confused. WORSE, since domains and contacts can have passwords,
> would:
>
> <authinfo roid="FLAME1-ISC">password</authinfo>
>
> allow me to modify other domains? After all, FLAME1-ISC may be
> listed as an external technical contact for FOO.COM, and I can
> get the password right for the domain-versio of FLAME1-ISC.
>
> (3) The various <create> commands need to return the ROID an object was
> assigned. As things are now, I need to look up the contact using
> <info> before I can use it in an <authinfo roid="whatever"> tag.
>
> (4) Using two names, one which is (in the contact case) derrived from the
> other, seems pretty silly. If you're going to do that, use only the
> global (or use the URN concept to refer to external data,
> mentioned in the mail archives and in my last post.)
>
> (5) The -FOO suffix doesn't really fit with the new world order of
> URIs, URNs, and is different than how XML, the EPP protocol of
> choice (yuck) would do it.
>
> (6) EPP is extensible. Once other issues, such as how to notify
> referrers of data, or even a good use for this sort of thing is
> found, a draft can be written to extend EPP to handle
> registry-side ROIDs. Until then, I at least feel they complicate
> an already complicated protocol, and should be removed for now.
> Additionally, making it OPTIONAL gives the registry more
> flexability into if it WANTS external references or not.
>
> --Michael