To:
"'Mike Lampson'" <lampson@iaregistry.com>, "'ietf-provregcafaxse'" <ietf-provreg@cafax.se>
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Thu, 29 May 2003 14:34:41 -0400
Sender:
owner-ietf-provreg@cafax.se
Subject:
RE: [ietf-provreg] Question about Transfer query command
> I note that between draft-ietf-provreg-epp-domain-05.txt and > draft-ietf-provreg-epp-domain-07.txt that the formal syntax > for transferType > has changed. The element authInfo now has a minOccurs="0" attribute. > > Q1: Are there any other cases other than "query" where authInfo may be > ommitted? No, it's explained in the text how it's optional with a query and required with the other transfer operations. The change took place in -06, where this text was included in the section describing changes from the previous version: "Made transfer authInfo optional in sections 3.1.3 and 4 to allow queries in a manner consistent with the <info> command." > Q2: If an authInfo value is provided with the "query" > command, should it be > ignored or should an error occur? Should the error be > conditional based on > the validity of the authInfo value? As written in section 3.1.3 of the current draft: "If this element is not provided or if the authorization information is invalid, server policy determines if the command is rejected or if response information will be returned to the client." If authInfo is provided it can't be ignored -- the server can either return an error or it can return information, just like the info command. I'd prefer that an error be returned if bad data is received, but WG discussion around the issue of authInfo and queries was somewhat more liberal. -Scott-