Re: [ietf-provreg] draft-gould-rfc4310bis-00.txt Submitted forReview

[James Gould <jgould@verisign.com>]

Title: Re: [ietf-provreg] draft-gould-rfc4310bis-00.txt Submitted forReview

Andrew,

Thanks, that is my feeling as well.  I want to bring this up as an option, but I believe that it’s better to make updates explicit.  The gaining Registrar can easily do an info to get the existing DS (or key data) and then remove all of the DS (or key data) in a subsequent update explicitly via secDNS:rem.  Any other thoughts to this?  

-- 


JG 

-------------------------------------------------------
James F. Gould
Principal Software Engineer
VeriSign Naming Services
jgould@verisign.com
Direct: 703.948.3271
Mobile: 703.628.7063

 
21345 Ridgetop Circle
LS2-2-1
Dulles, VA 20166

Notice to Recipient:  This e-mail contains confidential, proprietary and/or Registry  Sensitive information intended solely for the recipient and, thus may not be  retransmitted, reproduced or disclosed without the prior written consent of  VeriSign Naming and Directory Services.  If you have received  this e-mail message in error, please notify the sender immediately by  telephone or reply e-mail and destroy the original message without making a  copy.  Thank you.

---

From: Andrew Sullivan <ajs@shinkuro.com>
Date: Fri, 11 Dec 2009 17:07:09 -0500
To: EPP Provreg <ietf-provreg@cafax.se>
Subject: Re: [ietf-provreg] draft-gould-rfc4310bis-00.txt Submitted forReview

On Fri, Dec 11, 2009 at 03:51:42PM -0500, James Gould wrote:

> corner case that is not covered in the current schema is replacing all DS or
> Key Data with nothing, meaning remove all.  I prefer that the client
> explicitly specify what should be added or removed via the secDNS:add and
> secDNS:rem, but the secDNS:chg could be updated to allow an empty
> secDNS:chg.

That sounds to me like a foot-gun loaded for bear.  I think what will
happen is that someone will have some nasty bug that fails to get the
new data into place (think "empty webform gets submitted by
fat-fingered iphone user" or even worse, "webform bug doesn't get POST
data properly from client") and submits a syntactically-legal empty
"new state" dataset.  Poof!  Instant DS deletion.

Now, normally I'd argue that the above is policy, not protocol, except
that I dislike very much the habit of overloading "no data" to also
mean "replace data with NULL" (we recovering database geeks just see
this sort of thing everywhere).  So I'd say if you want to remove
something, you have to remove it, not change it to "empty".

A

--
Andrew Sullivan
ajs@shinkuro.com
Shinkuro, Inc.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
List run by majordomo software.  For (Un-)subscription and similar details
send "help" to ietf-provreg-request@cafax.se