To:
Alexander Mayrhofer <axelm@nic.at>
CC:
ietf-provreg@cafax.se
From:
Klaus Malorny <Klaus.Malorny@knipp.de>
Date:
Sun, 28 May 2006 14:40:59 +0200
In-Reply-To:
<443E51AE.3070805@nic.at>
Sender:
owner-ietf-provreg@cafax.se
User-Agent:
Thunderbird 1.5.0.2 (Windows/20060308)
Subject:
Re: [ietf-provreg] RFC3731: domain:roid in <info> response
Alexander Mayrhofer wrote: > Hi, > > i just noticed that the "roid" element in the response to a <domain:info> > request is a mandatory element. However, it seems that the "roid" is not > required in any other requests on domain objects, because all other > transactions use the <domain:name> to identify a certain object instance. > > So, is there a reason why the "roid" is not optional in the <info> response? > And, any chance to change that in 3731bis? As it seems to me, we'd need to > "leak" the internal id of a domain object to the client for just this single > info-response - without any further use. > > any insight appreciated. > > cheers > > Alex Mayrhofer > nic.at Hi Alex, a bit late, but recently I rarely visit the folder where my e-mail agent moves the postings to ;-) . Anyhow, one use of the ROID was missing in the other responses, namely the use of the ROID in the authinfo element, as it is defined in the EPP specs. With the puntCAT registry we (CORE) have implemented, we allow the use of ROIDs of different objects in info commands. This enables registrars to create copies of contacts of domains that they are going to transfer to them. Using the authinfo password of the domain and its ROID, a registrar can get the full data of an associated contact, even if the disclosure settings of the sponsoring registrar would suppress the information otherwise. Also, a registrar can get the full domain data if he knows the authinfo of a related contact. The only thing we exclude in the response is the authinfo of the object itself, as this would allow the registrar to walk through the other registrar's object and to gain information he isn't authorized to. Regards, Klaus ___________________________________________________________________________ | | | knipp | Knipp Medien und Kommunikation GmbH ------- Technologiepark Martin-Schmeißer-Weg 9 Dipl. Inf. Klaus Malorny 44227 Dortmund Klaus.Malorny@knipp.de Tel. +49 231 9703 0