To:
Andrew Sullivan <andrew@ca.afilias.info>, <ietf-provreg@cafax.se>
From:
James Gould <jgould@verisign.com>
Date:
Wed, 31 Oct 2007 14:04:54 -0400
In-Reply-To:
<20071031173412.GE27559@afilias.info>
Sender:
owner-ietf-provreg@cafax.se
Thread-Index:
Acgb6InmyGpkNYfbEdyH7gAX8s02Pg==
Thread-Topic:
[ietf-provreg] Re: EPP over HTTP or simple TCP?
User-Agent:
Microsoft-Entourage/11.3.3.061214
Subject:
Re: [ietf-provreg] Re: EPP over HTTP or simple TCP?
We implement the policy rules after the schema validation has passed. We don't validate outgoing messages in the server, but our test clients that are used to certify the server do validate the server responses. -- JG ------------------------------------------------------- James F. Gould Principal Software Engineer VeriSign Naming Services jgould@verisign.com Direct: 703.948.3271 Mobile: 703.628.7063 21345 Ridgetop Circle LS2-2-1 Dulles, VA 20166 Notice to Recipient: This e-mail contains confidential, proprietary and/or Registry Sensitive information intended solely for the recipient and, thus may not be retransmitted, reproduced or disclosed without the prior written consent of VeriSign Naming and Directory Services. If you have received this e-mail message in error, please notify the sender immediately by telephone or reply e-mail and destroy the original message without making a copy. Thank you. > From: Andrew Sullivan <andrew@ca.afilias.info> > Reply-To: Andrew Sullivan <andrew@ca.afilias.info> > Date: Wed, 31 Oct 2007 13:34:12 -0400 > To: <ietf-provreg@cafax.se> > Subject: Re: [ietf-provreg] Re: EPP over HTTP or simple TCP? > > On Wed, Oct 31, 2007 at 05:58:00PM +0100, Maarten Bosteels wrote: >> >> We are validating incoming (and outgoing !) EPP messages using Apache >> xmlbeans >> and the time it takes is absolutely negligible. > > We do some validation, IIRC, but I seem to recall that there are some > parts of the spec that the developers decided would be better caught > later in the chain. This might have been an optimisation in an effort > to avoid doing the same work twice -- there are policy rules that aren't > actually part of the XML validation, that you'd still end up having to > check for other reasons, and I think those cases are caught by the > policy rules _even if_ they're not valid according to EPP. (It's also > possible our developers have since fixed this issue -- I'm not > involved directly in that stuff any more. I know we did this once, > though, because we explicitly stated we weren't going to fix it.) > > A > > -- > Andrew Sullivan 204-4141 Yonge Street > Afilias Canada Toronto, Ontario Canada > <andrew@ca.afilias.info> M2P 2A8 > jabber: ajsaf@jabber.org +1 416 646 3304 x4110