IETF provreg mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: ietf-provreg@cafax.se
From: axelm@nic.at
Date: Mon, 18 Jan 2010 16:05:07 +0100
Sender: owner-ietf-provreg@cafax.se
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
Subject: [ietf-provreg] Default contact element disclosure problem - RFC bug?

All,

We're planning to change our contact disclosure default from "disclose
everything" to "don't disclose anything" because of data privacy
considerations. EPP already provides the "contact:disclose" element to
override the server default.

Because of the structure of the "contact:disclose" element, it is
required on the client side to be aware of the default setting, so that
the proper "overriding" elements can be put into the "contact:disclose"
element. If the client is not aware of the default setting on the
server, it couldn't identify whether "disclosed" or "undisclosed"
elements are to be put into the "disclose" element.

However, it seems that there is no way to announce the default
disclosure policy to the client, even though it is mentioned in the RFC:

RFC5733 says:

   A server operator announces a default disclosure policy when
   establishing a session with a client.  When an object is created or
   updated, the client can specify contact attributes that require
   exceptional disclosure handling using an OPTIONAL <contact:disclose>
   element.  Once set, disclosure preferences can be reviewed using a

(most important piece of that snippet is the first sentence)

However, looking at the schema definition of the greeting, as well as
the examples, there's no way to actually perform that "announcement"
during session establishment.

The closest match is probably the "dcp" element - however, there's no
element within that element that relates to announcing the
"contact:disclose" policy. The "dcp" element as far as i understood does
also relate to the global data collection policy, while the disclose
policy of the contact would be specific to a certain object type, since
there could be other defaults for different object types..

So, is this a bug in the RFCs, or are we missing something? Any advice
on how clients should detect the disclose policy of the server?

Thanks,

Alex Mayrhofer
Team lead R&D nic.at

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
List run by majordomo software.  For (Un-)subscription and similar details
send "help" to ietf-provreg-request@cafax.se

Follow-Ups:
- RE: [ietf-provreg] Default contact element disclosure problem - RFC bug?
  - From: "Hollenbeck, Scott" <shollenbeck@verisign.com>

Prev by Date: Re: [ietf-provreg] a question for the list
Next by Date: Re: [ietf-provreg] a question for the list
Prev by thread: Re: [ietf-provreg] a question for the list
Next by thread: RE: [ietf-provreg] Default contact element disclosure problem - RFC bug?
Index(es):
- Date
- Thread

Home | Date list | Subject list