To:
"Hollenbeck, Scott" <shollenbeck@verisign.com>, <ietf-provreg@cafax.se>
Cc:
"Alexey Melnikov" <alexey.melnikov@isode.com>
From:
"Hollenbeck, Scott" <shollenbeck@verisign.com>
Date:
Tue, 28 Jul 2009 08:21:48 -0400
Content-class:
urn:content-classes:message
In-Reply-To:
<046F43A8D79C794FA4733814869CDF0702B8E165@dul1wnexmb01.vcorp.ad.vrsn.com>
Sender:
owner-ietf-provreg@cafax.se
Thread-Index:
AcoJ9bmylyrPBuSITrK2UODu2apcNAFhtz8g
Thread-Topic:
[ietf-provreg] EPP Implementation Report Help Needed
Subject:
RE: [ietf-provreg] EPP Implementation Report Help Needed
> -----Original Message----- > From: owner-ietf-provreg@cafax.se > [mailto:owner-ietf-provreg@cafax.se] On Behalf Of Hollenbeck, Scott > Sent: Tuesday, July 21, 2009 7:24 AM > To: ietf-provreg@cafax.se > Cc: Alexey Melnikov > Subject: [ietf-provreg] EPP Implementation Report Help Needed > > At the IESG's request, I need to find a few volunteers that > are willing to describe their EPP client implementation > experience as part of an effort to update the existing > implementation report for the protocol. > I've been asked to confirm that clients and servers are > performing additional certificate identity validation steps > that are described in 4934bis [1]. Both of the clients used > in the original report (Key Systems and DotRegistrar) appear > to be unreachable now, so I need to find others to complete > the matrix. > > I need to find two independently-developed client and server > implementations that can confirm that they are performing the > checks and that everything works OK. I'll take care of > updating the report. > > Can anyone help? > > -Scott- > > [1] See section 9 of 4934bis, "the EPP client MUST check its > understanding of the server server name/IP address against > the server's identity as presented in the server Certificate > message in order to prevent man-in-the-middle attacks". The > need is to confirm that both clients and servers are > validating each other's identity as described in the new > certificate processing text. Asking again as I haven't seen any replies. I *really* need some help from two client-side implementers. Ed Lewis is looking into the NeuStar server implementation. I've sent a note to Ram Mohan of Afilias and I'm waiting for a response from him as well. If there's anyone from either Key Systems or DotRegistrar that's still reading this list, would you please get back to me? Info from any other clients would also be useful, so please - if you're a client-side implementer, I could really use your help! -Scott- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se