Re: [ietf-provreg] EPP domain:transfer

[Patrycja Wegrzynowicz <patrycjaw@nask.pl>]

Gerhard Winkler wrote:
 > For clarification (maybe I was too short in my explanation):
 > the token, generated by the registry, is sent to the registrant, and
 > for confirmation the registrant has to send the token to the
 > gaining registrar (who has initiated the transfer also).
 > The losing registrar doesn't play any role in our transfer process
 > (except of receiving notifications of course).

Hi Gerhard,

Scott's proposal sounds very fine for your case; although I'd like to 
put my 2 cents to your problem. ;)

1. Considering Scott's approach one MINOR note to mention:
<domain:update> command must be sent by the registrar which is
not the sponsoring client. It's only the minor note as according to EPP
standard the restriction of this action to the sponsoring client is only
recommended. However, worth to keep this in mind.

2. Your transfer process seems a lot like ours (.PL registry). .PL also
requires the registrant to confirm/authorize the transfer request.
Although the implementation is a bit different from yours proposal:
- the gaining registrar sends <domain:transfer> request
- the registry sends email with 'confirmation link' to the registrant
- the registrant clicks 'confirmation link' and then the transfer is done

As you see we decided to skip forwarding token forth-and-back in the
registry/registrar/registrant circle. From the semantic point of view
IMO it's more clear since such round-trip seems redundant. I see some
possible explanations of the 'token' approach... although it's more
question to you... what are your reasons behind having token approach
instead of, for example, direct confirmation?

Best,
Patrycja