| < draft-hollenbeck-rfc4930bis-01.txt | draft-hollenbeck-rfc4930bis-02.txt > | |||
|---|---|---|---|---|
| Network Working Group S. Hollenbeck | Network Working Group S. Hollenbeck | |||
| Internet-Draft VeriSign, Inc. | Internet-Draft VeriSign, Inc. | |||
| Obsoletes: 4930 (if approved) May 5, 2009 | Obsoletes: 4930 (if approved) June 15, 2009 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: November 6, 2009 | Expires: December 17, 2009 | |||
| Extensible Provisioning Protocol (EPP) | Extensible Provisioning Protocol (EPP) | |||
| draft-hollenbeck-rfc4930bis-01 | draft-hollenbeck-rfc4930bis-02 | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on November 6, 2009. | This Internet-Draft will expire on December 17, 2009. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2009 IETF Trust and the persons identified as the | Copyright (c) 2009 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents in effect on the date of | Provisions Relating to IETF Documents in effect on the date of | |||
| publication of this document (http://trustee.ietf.org/license-info). | publication of this document (http://trustee.ietf.org/license-info). | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 3, line 43 ¶ | skipping to change at page 3, line 43 ¶ | |||
| 2.9.3.3. EPP <renew> Command . . . . . . . . . . . . . . . 38 | 2.9.3.3. EPP <renew> Command . . . . . . . . . . . . . . . 38 | |||
| 2.9.3.4. EPP <transfer> Command . . . . . . . . . . . . . . 40 | 2.9.3.4. EPP <transfer> Command . . . . . . . . . . . . . . 40 | |||
| 2.9.3.5. EPP <update> Command . . . . . . . . . . . . . . . 42 | 2.9.3.5. EPP <update> Command . . . . . . . . . . . . . . . 42 | |||
| 3. Result Codes . . . . . . . . . . . . . . . . . . . . . . . . . 43 | 3. Result Codes . . . . . . . . . . . . . . . . . . . . . . . . . 43 | |||
| 4. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 49 | 4. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 49 | |||
| 4.1. Base Schema . . . . . . . . . . . . . . . . . . . . . . . 49 | 4.1. Base Schema . . . . . . . . . . . . . . . . . . . . . . . 49 | |||
| 4.2. Shared Structure Schema . . . . . . . . . . . . . . . . . 59 | 4.2. Shared Structure Schema . . . . . . . . . . . . . . . . . 59 | |||
| 5. Internationalization Considerations . . . . . . . . . . . . . 61 | 5. Internationalization Considerations . . . . . . . . . . . . . 61 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 61 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 61 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 62 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 62 | |||
| 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 63 | 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 64 | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 65 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 65 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . . 65 | 9.1. Normative References . . . . . . . . . . . . . . . . . . . 65 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . . 65 | 9.2. Informative References . . . . . . . . . . . . . . . . . . 65 | |||
| Appendix A. Object Mapping Template . . . . . . . . . . . . . . . 66 | Appendix A. Object Mapping Template . . . . . . . . . . . . . . . 66 | |||
| Appendix B. Media Type Registration: application/epp+xml . . . . 68 | Appendix B. Media Type Registration: application/epp+xml . . . . 68 | |||
| Appendix C. Changes from RFC 4930 . . . . . . . . . . . . . . . . 69 | Appendix C. Changes from RFC 4930 . . . . . . . . . . . . . . . . 69 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes specifications for the Extensible | This document describes specifications for the Extensible | |||
| skipping to change at page 63, line 41 ¶ | skipping to change at page 63, line 41 ¶ | |||
| provides some protection against replay attacks through command | provides some protection against replay attacks through command | |||
| idempotency and client-initiated transaction identification. | idempotency and client-initiated transaction identification. | |||
| Consecutive command replays will not change the state of an object in | Consecutive command replays will not change the state of an object in | |||
| any way. There is, however, a chance of unintended or malicious | any way. There is, however, a chance of unintended or malicious | |||
| consequence if a command is replayed after intervening commands have | consequence if a command is replayed after intervening commands have | |||
| changed the object state and client identifiers are not used to | changed the object state and client identifiers are not used to | |||
| detect replays. For example, a replayed <create> command that | detect replays. For example, a replayed <create> command that | |||
| follows a <delete> command might succeed without additional | follows a <delete> command might succeed without additional | |||
| facilities to prevent or detect the replay. | facilities to prevent or detect the replay. | |||
| As described in Section 2, EPP includes features that allow for | ||||
| offline review of transform commands before the requested action is | ||||
| actually completed. The server is required to notify the client when | ||||
| offline processing of the action has been completed. Notifications | ||||
| can be sent using an out-of-band mechanism that is not protected by | ||||
| the mechanism used to provide EPP transport security. Notifications | ||||
| sent without EPP's transport security services should be protected | ||||
| using another mechanism that provides an appropriate level of | ||||
| protection for the notification. | ||||
| 8. Acknowledgements | 8. Acknowledgements | |||
| This document was originally written as an individual submission | This document was originally written as an individual submission | |||
| Internet-Draft. The PROVREG working group later adopted it as a | Internet-Draft. The PROVREG working group later adopted it as a | |||
| working group document and provided many invaluable comments and | working group document and provided many invaluable comments and | |||
| suggested improvements. The author wishes to acknowledge the efforts | suggested improvements. The author wishes to acknowledge the efforts | |||
| of WG chairs Edward Lewis and Jaap Akkerhuis for their process and | of WG chairs Edward Lewis and Jaap Akkerhuis for their process and | |||
| editorial contributions. | editorial contributions. | |||
| Specific suggestions that have been incorporated into this document | Specific suggestions that have been incorporated into this document | |||
| skipping to change at page 65, line 28 ¶ | skipping to change at page 65, line 28 ¶ | |||
| [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO | [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO | |||
| 10646", STD 63, RFC 3629, November 2003. | 10646", STD 63, RFC 3629, November 2003. | |||
| [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | |||
| January 2004. | January 2004. | |||
| [RFC4646] Phillips, A. and M. Davis, "Tags for Identifying | [RFC4646] Phillips, A. and M. Davis, "Tags for Identifying | |||
| Languages", BCP 47, RFC 4646, September 2006. | Languages", BCP 47, RFC 4646, September 2006. | |||
| [W3C.REC-xml-20040204] | [W3C.REC-xml-20040204] | |||
| Bray, T., Maler, E., Yergeau, F., Paoli, J., and C. | Yergeau, F., Maler, E., Bray, T., Paoli, J., and C. | |||
| Sperberg-McQueen, "Extensible Markup Language (XML) 1.0 | Sperberg-McQueen, "Extensible Markup Language (XML) 1.0 | |||
| (Third Edition)", World Wide Web Consortium | (Third Edition)", World Wide Web Consortium | |||
| FirstEdition REC-xml-20040204, February 2004, | FirstEdition REC-xml-20040204, February 2004, | |||
| <http://www.w3.org/TR/2004/REC-xml-20040204>. | <http://www.w3.org/TR/2004/REC-xml-20040204>. | |||
| [W3C.REC-xmlschema-1-20041028] | [W3C.REC-xmlschema-1-20041028] | |||
| Thompson, H., Maloney, M., Mendelsohn, N., and D. Beech, | Thompson, H., Beech, D., Mendelsohn, N., and M. Maloney, | |||
| "XML Schema Part 1: Structures Second Edition", World Wide | "XML Schema Part 1: Structures Second Edition", World Wide | |||
| Web Consortium Recommendation REC-xmlschema-1-20041028, | Web Consortium Recommendation REC-xmlschema-1-20041028, | |||
| October 2004, | October 2004, | |||
| <http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>. | <http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>. | |||
| [W3C.REC-xmlschema-2-20041028] | [W3C.REC-xmlschema-2-20041028] | |||
| Malhotra, A. and P. Biron, "XML Schema Part 2: Datatypes | Malhotra, A. and P. Biron, "XML Schema Part 2: Datatypes | |||
| Second Edition", World Wide Web Consortium | Second Edition", World Wide Web Consortium | |||
| Recommendation REC-xmlschema-2-20041028, October 2004, | Recommendation REC-xmlschema-2-20041028, October 2004, | |||
| <http://www.w3.org/TR/2004/REC-xmlschema-2-20041028>. | <http://www.w3.org/TR/2004/REC-xmlschema-2-20041028>. | |||
| skipping to change at page 69, line 46 ¶ | skipping to change at page 69, line 46 ¶ | |||
| 6. Replaced references to RFC 3730 with references to RFC 4930. | 6. Replaced references to RFC 3730 with references to RFC 4930. | |||
| 7. Added "A protocol client that is authorized to manage an | 7. Added "A protocol client that is authorized to manage an | |||
| existing object is described as a "sponsoring" client throughout | existing object is described as a "sponsoring" client throughout | |||
| this document" in Section 1.1. | this document" in Section 1.1. | |||
| 8. Changed "This action MUST be open to all authorized clients" to | 8. Changed "This action MUST be open to all authorized clients" to | |||
| "This command MUST be available to all clients" in the | "This command MUST be available to all clients" in the | |||
| descriptions of the <login> and <logout> commands. | descriptions of the <login> and <logout> commands. | |||
| 9. Changed "Specific result codes are listed in the table below" to | 9. Changed "Specific result codes are listed in the table below" to | |||
| "The complete list of valid result codes is enumerated below and | "The complete list of valid result codes is enumerated below and | |||
| in the normative schema" in Section 3. | in the normative schema" in Section 3. | |||
| 10. Added reference to Appendix B in the IANA Considerations | 10. Added new paragraph to Section 7 to give guidance on the need to | |||
| protect offline transaction notices. | ||||
| 11. Added reference to Appendix B in the IANA Considerations | ||||
| section. | section. | |||
| Author's Address | Author's Address | |||
| Scott Hollenbeck | Scott Hollenbeck | |||
| VeriSign, Inc. | VeriSign, Inc. | |||
| 21345 Ridgetop Circle | 21345 Ridgetop Circle | |||
| Dulles, VA 20166-6503 | Dulles, VA 20166-6503 | |||
| US | US | |||
| End of changes. 9 change blocks. | ||||
| 8 lines changed or deleted | 20 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||