@techreport{wisser-registrylock-04,
    number =    {draft-wisser-registrylock-04},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-wisser-registrylock/04/},
    author =    {Ulrich Wisser},
    title =     {{Registry Lock Extension for the Extensible Provisioning Protocol (EPP)}},
    pagetotal = 17,
    year =      2021,
    month =     jul,
    day =       7,
    abstract =  {This extensions defines an additional protective layer for changes to domain {[}RFC5731{]}, host {[}RFC5732{]} and contact {[}RFC5733{]} objects managed through EPP. EPP allows changes to objects only by the sponsoring client. EPP objects are usually managed by the sponsoring client on behalf of the sponsoring clients customers. All of these interactions are ususally fully automated. In case of a system breach, there is no protection in EPP to changes to any object by the intruder. This extension defines a protective layer that aims to break automated changes and work flows by requiring manual intervention. The actual form of manual intervention is out-of-scope for this document. By whom and how changes can be made is up to the registry and registrars to decide.},
}