IETF provreg mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Gould, James" <JGould@verisign.com>
Cc: "Hollenbeck, Scott" <shollenbeck@verisign.com>, <ietf-provreg@cafax.se>
From: Patrik Fältström <paf@cisco.com>
Date: Wed, 10 Dec 2008 00:17:48 +0100
Authentication-Results: ams-dkim-2; header.From=paf@cisco.com; dkim=pass (sig from cisco.com/amsdkim2001 verified; );
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=4447; t=1228864670; x=1229728670;c=relaxed/simple; s=amsdkim2001;h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version;d=cisco.com; i=paf@cisco.com;z=From:=20=3D?ISO-8859-1?Q?Patrik_F=3DE4ltstr=3DF6m?=3D=20<paf@cisco.com>|Subject:=20Re=3A=20[ietf-provreg]=20DNSSEC=20EPP=20Extension=20(RFC=204310)=20Usability=20Question|Sender:=20;bh=A/wjdf1OzQ1EBEKBsTKY2GH7LD9o1CXtFBkWPM8q/Pc=;b=SsQj1U+u/y4zIy0JjE9qux1sNLHOjHKQUF55yV5T2Oy7//J+JuEpbSkccvnKdHr+G/mdzfwWIO7ZkgvXmrq5frH3Hm72MasKh5bu9EUSxBAuMxHlvOnyjXLMQX8czxL9;
In-Reply-To: <27799D3A07C9EC43910872D89285844202952AEB@dul1wnexmb01.vcorp.ad.vrsn.com>
Sender: owner-ietf-provreg@cafax.se
Subject: Re: [ietf-provreg] DNSSEC EPP Extension (RFC 4310) Usability Question

On 9 dec 2008, at 18.56, Gould, James wrote:
> Scott,
>
> I believe that would be up to the server policy to define the mix of  
> updates that are valid. The protocol could support a mix unless  
> there is some specific reason why it shouldn't. A similar use case  
> could apply to the domain mapping where an update includes an add  
> and remove of the same status or name server.
>
In Sweden I have either done just add and remove. Never mixed. That  
seems to me be a possible source for confusion.

    Patrik
>
>
> Jim
> James F. Gould
>
> Pricipal Software Engineer
> VeriSign Inc.
>
>
> From: Hollenbeck, Scott
> To: Gould, James; ietf-provreg@cafax.se
> Sent: Tue Dec 09 12:49:04 2008
> Subject: RE: [ietf-provreg] DNSSEC EPP Extension (RFC 4310)  
> Usability Question
>
> Jim, I think I might have just remembered a use case that makes the  
> <sequence> a problem.  Imagine if it were possible to create a  
> command that looks like this:
>
> <secDNS:update
>    xmlns:secDNS="urn:ietf:params:xml:ns:secDNS-1.0"
>    xsi:schemaLocation="urn:ietf:params:xml:ns:secDNS-1.0  
> secDNS-1.0.xsd">
>    <secDNS:rem>
>      <secDNS:keyTag>12345</secDNS:keyTag>
>    </secDNS:rem>
>    <secDNS:chg>
>      <secDNS:dsData>
>        <secDNS:keyTag>12345</secDNS:keyTag>
>        <secDNS:alg>3</secDNS:alg>
>        <secDNS:digestType>1</secDNS:digestType>
>        <secDNS:digest>49FD46E6C4B45C55D4AC</secDNS:digest>
>      </secDNS:dsData>
>    </secDNS:chg>
> </secDNS:update>
>
> Is the server supposed to remove or change the data associated with  
> keyTag 12345?  With the existing schema there's no ambiguity.
> -Scott-
>
>
>
> From: owner-ietf-provreg@cafax.se [mailto:owner-ietf- 
> provreg@cafax.se] On Behalf Of James Gould
> Sent: Tuesday, December 09, 2008 12:04 PM
> To: ietf-provreg@cafax.se
> Subject: [ietf-provreg] DNSSEC EPP Extension (RFC 4310) Usability  
> Question
>
> In reviewing the DNSSEC EPP Extension (RFC 4310) I noticed one  
> usability issue that I would like to get feedback from the existing  
> implementations of the extension.
>
> The specification allows adding (<secDNS:add>), removing  
> (<secDNS:rem>), and changing (<secDNS:chg>) DS data, but according  
> to the XML schema they can’t be done at the same time.  Below is  
> from the RFC 4210 XML schema for the <secDNS:update>:
>
>     <complexType name="updateType">
>       <choice>
>         <element name="add" type="secDNS:dsType"/>
>          <element name="chg" type="secDNS:dsType"/>
>          <element name="rem" type="secDNS:remType"/>
>       </choice>
>       <attribute name="urgent" type="boolean" default="false"/>
>      </complexType>
>
> To allow for a mix of add, chg, and rem, should the XML schema model  
> in the Domain Mapping (RFC 4931) updateType XML schema definition be  
> used?  I updated the DNSSEC XML schema below to match the definition  
> of the Domain Mapping, to support the mix of add, chg, and rem:
>
>       <complexType name="updateType">
>       <sequence>
>         <element name="add" type="secDNS:dsType" minOccurs=”0” />
>          <element name="chg" type="secDNS:dsType" minOccurs=”0” />
>          <element name="rem" type="secDNS:remType" minOccurs=”0” />
>       </sequence>
>       <attribute name="urgent" type="boolean" default="false"/>
>      </complexType>
>
> Has any of the current implementations come across this issue?
>
> -- 
>
>
> JG
>
> -------------------------------------------------------
> James F. Gould
> Principal Software Engineer
> VeriSign Naming Services
> jgould@verisign.com
> Direct: 703.948.3271
> Mobile: 703.628.7063
>
>
> 21345 Ridgetop Circle
> LS2-2-1
> Dulles, VA 20166
>
> Notice to Recipient:  This e-mail contains confidential, proprietary  
> and/or Registry  Sensitive information intended solely for the  
> recipient and, thus may not be  retransmitted, reproduced or  
> disclosed without the prior written consent of  VeriSign Naming and  
> Directory Services.  If you have received  this e-mail message in  
> error, please notify the sender immediately by  telephone or reply e- 
> mail and destroy the original message without making a  copy.  Thank  
> you.

References:
- Re: [ietf-provreg] DNSSEC EPP Extension (RFC 4310) Usability Question
  - From: "Gould, James" <JGould@verisign.com>

Prev by Date: Re: [ietf-provreg] DNSSEC EPP Extension (RFC 4310) Usability Question
Next by Date: Re: [ietf-provreg] Draft about client side implementation experiences
Prev by thread: Re: [ietf-provreg] DNSSEC EPP Extension (RFC 4310) Usability Question
Next by thread: [ietf-provreg] Draft about client side implementation experiences
Index(es):
- Date
- Thread

Home | Date list | Subject list