%% You should probably cite rfc8807 instead of this I-D. @techreport{ietf-regext-login-security-10, number = {draft-ietf-regext-login-security-10}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-regext-login-security/10/}, author = {James Gould and Matthew Pozun}, title = {{Login Security Extension for the Extensible Provisioning Protocol (EPP)}}, pagetotal = 21, year = 2020, month = feb, day = 26, abstract = {The Extensible Provisioning Protocol (EPP) includes a client authentication scheme that is based on a user identifier and password. The structure of the password field is defined by an XML Schema data type that specifies minimum and maximum password length values, but there are no other provisions for password management other than changing the password. This document describes an EPP extension that allows longer passwords to be created and adds additional security features to the EPP login command and response.}, }