To:
<ietf-provreg@cafax.se>
Cc:
"Alexey Melnikov" <alexey.melnikov@isode.com>
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Tue, 21 Jul 2009 07:23:52 -0400
Content-class:
urn:content-classes:message
Sender:
owner-ietf-provreg@cafax.se
Thread-Index:
AcoJ9bmylyrPBuSITrK2UODu2apcNA==
Thread-Topic:
EPP Implementation Report Help Needed
Subject:
[ietf-provreg] EPP Implementation Report Help Needed
At the IESG's request, I need to find a few volunteers that are willing to describe their EPP client implementation experience as part of an effort to update the existing implementation report for the protocol. I've been asked to confirm that clients and servers are performing additional certificate identity validation steps that are described in 4934bis [1]. Both of the clients used in the original report (Key Systems and DotRegistrar) appear to be unreachable now, so I need to find others to complete the matrix. I need to find two independently-developed client and server implementations that can confirm that they are performing the checks and that everything works OK. I'll take care of updating the report. Can anyone help? -Scott- [1] See section 9 of 4934bis, "the EPP client MUST check its understanding of the server server name/IP address against the server's identity as presented in the server Certificate message in order to prevent man-in-the-middle attacks". The need is to confirm that both clients and servers are validating each other's identity as described in the new certificate processing text. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se