Skip to main content

Minutes IETF109: regext
minutes-109-regext-00

Meeting Minutes Registration Protocols Extensions (regext) WG
Date and time 2020-11-18 05:00
Title Minutes IETF109: regext
State Active
Other versions plain text
Last updated 2020-11-30

minutes-109-regext-00
Registration Protocols Extensions (REGEXT)
IETF 109 online

BKK time zone, but without the Pad Ka Prao Gai :/

~45 participants.

Co-chairs: Jim Galvin, Antoin Verschuren
Mailing list: regext@ietf.org

Wednesday, November 18, 2020 05:00-07:00 UTC, Meetecho

Chair slides:
https://datatracker.ietf.org/meeting/109/materials/slides-109-regext-chair-slides-v01-00

1. Welcome and Introductions (4 minutes)
i. Jabber scribe -> Meetecho will be used
ii. Notes scribe -> Alex Mayerhofer
iii. NOTE WELL
iv. Document management -> thanks to the document shepherd, please provide a
shepherd early on (once doc is adopted by WG) v. Special attention document
shepherds

2. Published (1 minute)
One document published:

Login Security Extension for the Extensible Provisioning Protocol (EPP)
https://datatracker.ietf.org/doc/rfc8807/

3. Status of existing work in Progress (RFC Editor, IESG, AD evaluation) (5
minutes)
  Registry Data Escrow Specification (AUTH48/RFC8909)
  https://datatracker.ietf.org/doc/draft-ietf-regext-data-escrow/

  -> Barry Leiba: published on Friday!

  Domain Name Registration Data (DNRD) Objects Mapping (DISCUSS)
  https://datatracker.ietf.org/doc/draft-ietf-regext-dnrd-objects-mapping/
-> In the process to resolve the DISCUSS

  ICANN TMCH functional specifications (Move to Independent stream, AD
  follow-up) https://datatracker.ietf.org/doc/draft-ietf-regext-tmch-func-spec/
-> Will be off the REGEXT agenda, not a milestone anymore. WG has done its word.

  Registration Data Access Protocol (RDAP) Partial Response (IESG Evaluation)
  https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-partial-response/
->

  RDAP Query Parameters for Result Sorting and Paging (IESG evaluation)
  https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-sorting-and-paging/
-> went together with partial response

Barry: Both have no DISCUSSes on, waiting for review of the shepherd writeup,
whether they are ready, will give them a final check once notified. Please
notify me about the status, what action is expected.

  7482bis and 7483bis (Waiting for IESG submission by chairs)
  https://datatracker.ietf.org/doc/draft-hollenbeck-regext-rfc7482bis/
  https://datatracker.ietf.org/doc/draft-hollenbeck-regext-rfc7483bis/
-> Waiting for Antoin, doc shepherd have done their writeup. Will be submitted
this or beginning next week.

  EPP Secure Authorization Information for Transfer (Waiting for shepherd
  writeup)
  https://datatracker.ietf.org/doc/draft-ietf-regext-secure-authinfo-transfer/

  EPP Unhandled Namespaces (Waiting for shepherd writeup)
  https://datatracker.ietf.org/doc/draft-ietf-regext-unhandled-namespaces/
-> Antoin, question: Had to extend the WGLC for 3 of the 4 last documents - is
our WGLC window too short?

Jim Gould: 3 weeks would be better. on unhandled namespaces: added
implementation consideration section, please check that update.

Antoin: Maybe we call WGLC too early, please review documents!

4. Existing work past WGLC. (5 minutes)

i. Registry Maintenance Notifications for EPP (Sattler/Carney/Kolker?)
  https://datatracker.ietf.org/doc/draft-ietf-regext-epp-registry-maintenance/
-> Jim: Small group, document went back to the WG from WGLC. We need to finish
that discussion (Jody <-> Jim G. discussion was unresolved) - WG, please review
that thread!

Jim G: Apologies for late feedback, did deep dive once WGLC was called.
Encourages others to do their deep dive as well.

Rick Wilhelm: Had separate conversations (from business side). Contractual need
for these notifications. Unclear if/when this is satisfying the business
requirements.

Jim channeling Antoin: Keep policy considerations separate from tech
considerations - need to be careful. should examine whether that’s an issue
here.

5. Existing work presentations. (20 minutes)

i. RDAP Reverse search capabilities (Mario Loffredo, 10 minutes)
https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-reverse-search/

Slides:
https://datatracker.ietf.org/meeting/109/materials/slides-109-regext-loffredo-rdap-reverse-search-00

Major point of Mario: EU directive might require direct access to data

Jim Galvin: Encourages participants to join the discussion here - lots of work
in ICANN side

Scott Hollenbeck: Not a fan of reverse search (privacy!), notes connection to
AAA functionality (OAuth document)

Alex: Working on an RDAP prototype, using plain JWTs now. We need scalable AAA
infrastructure for that.

Ulrich Wisser: Mario has done a privacy section, how do we know if that’s a
“good one”.

Antoin: HRPG opposed this document in the first place. Their work was about not
publishing that document at all, could ask them to review the privacy section.

Barry: there was an IAB document a few years ago. If issues were documented and
raised, IESG would “not bark”.

Alex Mayrhofer: no need to say “follow the law”, but there should be a MUST
consider implications for implementors.

Ulrich Wisser: We should point our where exactly the privacy problems are!
Follow the law is not enough.

ii. Simple Registration Reporting (Joseph Yee, James Galvin, 10 minutes)
  https://datatracker.ietf.org/doc/draft-yee-regext-simple-registration-reporting/
Slides:
https://datatracker.ietf.org/meeting/109/materials/slides-109-regext-yee-galvin-simple-registry-registrar-reporting-00

Jim Gould: Likes to see less reports in the draft, draft should focus on the
format. Actual reports will make it complicated to get consensus on.

Jim: Splitting that into two documents seems fine to me, calls out to WG if
there are any objections. Framework could be Standards Track?

Alex: empty columns: CSV format problem, let’s use no string. We can do more
explicit values in eg. JSON. Splitting is good, if registry policy is “spec
required” then even other venues can create report and register definitions
(eg. ICANN).

Jim Gould: Splitting makes a lot of sense. Creating drafts for specific reports
might not be required anymore then.

Jim Galvin: Registry policy is “specification required”

Barry: right way to go.

Joseph: Might require “Experts” for the reports, like we have for EPP
extensions at the moment.

Zidago: there’s a use case in AfriNIC region, is there a contact at AfriNIC in
charge for this?

Antoin: Please join discussion on the mailing list. Jim will put a link to
mailing list into the chat.

Joseph describes the list of fields

Jim gould: Data Escrow draft could be a good point for data points

Jim Galvin: Decided to choose only fields that ar e in existing reports.

Joseph: picked a cautious approach, eg authinfo could be security-relevant if
defined as field.

6. New work and requests for adoption (50 minutes)

i. UnRenew extension for EPP (Jody Kolker, 20 minutes)
(no slides)

Way to “undo” an explicit renew, without deleting the domain. Currently, refund
is only possible by deleting domain.

It makes sense on auto-renew (customer has 45 days grace period). For an
explicit renew (can be sent anytime) the only way is deletion (which makes them
lose the remaining “current” lifecycle period)

Proposal: “unrenew” extension to the “renew” command, and that would only be
possible in the renew grace period. Would not apply to auto-renewals.

Sees it as a “queue”, eg. 5 renewals for 1y would require 5 unrenewals to “roll
up”.

unrenew should never unroll renewal periods that have already started.

Jim: Is unrenew an EPP issue, or a business logic issue?

Jody: we see thousands of those per month.

Gavin Brown: there is prior art, nominet has an unrenew command (that precedes
EPP). Experience is quite similar at centralnic. Published a draft called
“reverse” extension about 5 years ago - main use case was reverse a renewal,
but was more general in design, via clTRID. 2015 draft might be a good basis.
Link went into chat.

Jody: Will take a look, we have a draft draft

Jim: Pointer to unrenew nominet

Alex: can a multi-year renew be “split” into smaller un-renews? would make it
very complicated

Jody: Discussed this, can only “unroll” the full renew command in reverse order.

Rick: Will have to go through a lot of ICANN policy work to get traction.

ii. Using JSContact in RDAP JSON Responses (Gavin Brown, 10 minutes)
https://datatracker.ietf.org/doc/draft-loffredo-regext-rdap-jcard-deprecation/

(TODO: add slides)

Gavin Brown: Was discussed in the regiops workshop.

JCard is machine interpretation instead of human readable. Even current
implementations contain lots of errors in vcardArray.

JScontact would be a simpler alternative. (draft-stepanek-jscard)

Draft provides a “transition” option

Alex: Supports this work to go forward.

iii.Use of Internationalized Email Addresses in EPP protocol (Dmitry Belyavsky,
10) https://datatracker.ietf.org/doc/draft-belyavskiy-epp-eai/

Slides:
https://datatracker.ietf.org/meeting/109/materials/slides-109-regext-belyavskiy-epp-eai-email-address-internationalization-profile-02

Alex: Thinks this is not needed. Server can return 2306 is EAI is not supported

Jim G: No signalling possible, that’s the key of this extension. Also, separate
element allows client to signal explicitly they do EAI.

Scott: Channeling Alex a bit, but many implementations have eg. left side email
validations. We need some signaling mechanism on validating the local part, at
least. Not a fan of updating the core EPP specs.

Jim Galvin: Thinks that local part should be whatever the user thinks it should
be.

Jiankang Yao: many emails in eg. india asia already EAI, so there might be a
need.

Jim Gould: Issue with server storage - if server can store UTF8

iv. RDAP Redirect with Content (Tom Harrison, 10 minutes)
https://datatracker.ietf.org/doc/draft-harrison-regext-rdap-redirect-with-content/

Slides:
https://datatracker.ietf.org/meeting/109/materials/slides-109-regext-harrison-rdap-redirect-with-content-00

Jim Galvin: Question is whether or not WG wants to adopt this work.

Tim: If nobody has issue with that being an extension, we can simply register
it. Has anybody any

Alex: No concerns, please go forward with the registration!

7. Review of available milestone slots (5 minutes)
RDAP Reverse Search is behind (Nov 2019 milestone)
Simple registration reporting has no milestone (suggests Mar 2021)

Had the model of “7 work items” on list

Alex: Take names of X people to do work on during adoption process:

Antoin: Have tried that, but there were not enough people in many cases.

8. AOB