draft-ietf-regext-unhandled-namespaces-06.txt   draft-ietf-regext-unhandled-namespaces-07.txt 
Network Working Group J. Gould Network Working Group J. Gould
Internet-Draft VeriSign, Inc. Internet-Draft VeriSign, Inc.
Intended status: Standards Track M. Casanova Intended status: Standards Track M. Casanova
Expires: 10 June 2021 SWITCH Expires: 30 July 2021 SWITCH
7 December 2020 26 January 2021
Extensible Provisioning Protocol (EPP) Unhandled Namespaces Extensible Provisioning Protocol (EPP) Unhandled Namespaces
draft-ietf-regext-unhandled-namespaces-06 draft-ietf-regext-unhandled-namespaces-07
Abstract Abstract
The Extensible Provisioning Protocol (EPP), as defined in RFC 5730, The Extensible Provisioning Protocol (EPP), as defined in RFC 5730,
includes a method for the client and server to determine the objects includes a method for the client and server to determine the objects
to be managed during a session and the object extensions to be used to be managed during a session and the object extensions to be used
during a session. The services are identified using namespace URIs. during a session. The services are identified using namespace URIs,
How should the server handle service data that needs to be returned and an "unhandled namespace" is one that is associated with a service
in the response when the client does not support the required service not supported by the client. This document defines an operational
namespace URI, which is referred to as an unhandled namespace? An practice that enables the server to return information associated
unhandled namespace is a significant issue for the processing of RFC with unhandled namespace URIs that is compliant with the negotiated
5730 poll messages, since poll messages are inserted by the server services defined in RFC 5730.
prior to knowing the supported client services, and the client needs
to be capable of processing all poll messages. This document defines
an operational practice that enables the server to return information
associated with unhandled namespace URIs that is compliant with the
negotiated services defined in RFC 5730.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 10 June 2021. This Internet-Draft will expire on 30 July 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Simplified BSD License.
skipping to change at page 2, line 35 skipping to change at page 2, line 30
7. Implementation Considerations . . . . . . . . . . . . . . . . 15 7. Implementation Considerations . . . . . . . . . . . . . . . . 15
7.1. Client Implementation Considerations . . . . . . . . . . 15 7.1. Client Implementation Considerations . . . . . . . . . . 15
7.2. Server Implementation Considerations . . . . . . . . . . 16 7.2. Server Implementation Considerations . . . . . . . . . . 16
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
8.1. XML Namespace . . . . . . . . . . . . . . . . . . . . . . 16 8.1. XML Namespace . . . . . . . . . . . . . . . . . . . . . . 16
8.2. EPP Extension Registry . . . . . . . . . . . . . . . . . 16 8.2. EPP Extension Registry . . . . . . . . . . . . . . . . . 16
9. Implementation Status . . . . . . . . . . . . . . . . . . . . 17 9. Implementation Status . . . . . . . . . . . . . . . . . . . . 17
9.1. Verisign EPP SDK . . . . . . . . . . . . . . . . . . . . 17 9.1. Verisign EPP SDK . . . . . . . . . . . . . . . . . . . . 17
9.2. SWITCH Automated DNSSEC Provisioning Process . . . . . . 18 9.2. SWITCH Automated DNSSEC Provisioning Process . . . . . . 18
10. Security Considerations . . . . . . . . . . . . . . . . . . . 18 10. Security Considerations . . . . . . . . . . . . . . . . . . . 18
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 19
12.1. Normative References . . . . . . . . . . . . . . . . . . 19 12.1. Normative References . . . . . . . . . . . . . . . . . . 19
12.2. Informative References . . . . . . . . . . . . . . . . . 20 12.2. Informative References . . . . . . . . . . . . . . . . . 20
Appendix A. Change History . . . . . . . . . . . . . . . . . . . 20 Appendix A. Change History . . . . . . . . . . . . . . . . . . . 20
A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 20 A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 20
A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 20 A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 20
A.3. Change from 02 to REGEXT 00 . . . . . . . . . . . . . . . 20 A.3. Change from 02 to REGEXT 00 . . . . . . . . . . . . . . . 20
A.4. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 20 A.4. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 20
A.5. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 20 A.5. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 21
A.6. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 21 A.6. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 21
A.7. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 21 A.7. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 21
A.8. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 21 A.8. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 21
A.9. Change from REGEXT 05 to REGEXT 06 . . . . . . . . . . . 21 A.9. Change from REGEXT 05 to REGEXT 06 . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 A.10. Change from REGEXT 06 to REGEXT 07 . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction 1. Introduction
The Extensible Provisioning Protocol (EPP), as defined in [RFC5730], The Extensible Provisioning Protocol (EPP), as defined in [RFC5730],
includes a method for the client and server to determine the objects includes a method for the client and server to determine the objects
to be managed during a session and the object extensions to be used to be managed during a session and the object extensions to be used
during a session. The services are identified using namespace URIs. during a session. The services are identified using namespace URIs.
How should the server handle service data that needs to be returned How should the server handle service data that needs to be returned
in the response when the client does not support the required service in the response when the client does not support the required service
namespace URI, which is referred to as an unhandled namespace? An namespace URI, which is referred to as an unhandled namespace? An
skipping to change at page 3, line 29 skipping to change at page 3, line 29
has information that it cannot return to the client due to the has information that it cannot return to the client due to the
client's supported services. The server should be able to return client's supported services. The server should be able to return
unhandled namespace information that the client can process later. unhandled namespace information that the client can process later.
This document defines an operational practice that enables the server This document defines an operational practice that enables the server
to return information associated with unhandled namespace URIs that to return information associated with unhandled namespace URIs that
is compliant with the negotiated services defined in [RFC5730]. is compliant with the negotiated services defined in [RFC5730].
1.1. Conventions Used in This Document 1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in RFC 2119 [RFC2119]. "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
XML is case sensitive. Unless stated otherwise, XML specifications XML is case sensitive. Unless stated otherwise, XML specifications
and examples provided in this document MUST be interpreted in the and examples provided in this document MUST be interpreted in the
character case presented in order to develop a conforming character case presented in order to develop a conforming
implementation. implementation.
In examples, "S:" represents lines returned by a protocol server. In examples, "S:" represents lines returned by a protocol server.
Indentation and white space in examples are provided only to Indentation and white space in examples are provided only to
illustrate element relationships and are not a REQUIRED feature of illustrate element relationships and are not a required feature of
this protocol. this protocol.
The examples reference XML namespace prefixes that are used for the The examples reference XML namespace prefixes that are used for the
associated XML namespaces. Implementations MUST NOT depend on the associated XML namespaces. Implementations MUST NOT depend on the
example XML namespaces and instead employ a proper namespace-aware example XML namespaces and instead employ a proper namespace-aware
XML parser and serializer to interpret and output the XML documents. XML parser and serializer to interpret and output the XML documents.
The example namespace prefixes used and their associated XML The example namespace prefixes used and their associated XML
namespaces include: namespaces include:
"changePoll": urn:ietf:params:xml:ns:changePoll-1.0 "changePoll": urn:ietf:params:xml:ns:changePoll-1.0
skipping to change at page 5, line 9 skipping to change at page 5, line 20
will instead be moved to an <extValue> element, along with a reason will instead be moved to an <extValue> element, along with a reason
why the unhandled namespace data could not be included in the why the unhandled namespace data could not be included in the
appropriate location of the response. The <extValue> element XML appropriate location of the response. The <extValue> element XML
will not be processed by the XML processor. The <extValue> element will not be processed by the XML processor. The <extValue> element
contains the following child elements: contains the following child elements:
<value>: Contains a child-element with the unhandled namespace XML. <value>: Contains a child-element with the unhandled namespace XML.
The XML namespace and namespace prefix of the child element MUST The XML namespace and namespace prefix of the child element MUST
be defined, which MAY be defined in the <value> element or in the be defined, which MAY be defined in the <value> element or in the
the child element. XML processing of the <value> element is the child element. XML processing of the <value> element is
disabled in [RFC5730], so the information can safely be returned disabled by the XML schema in [RFC5730], so the information can
in the <value> element. safely be returned in the <value> element.
<reason>: A formatted human-readable message that indicates the <reason>: A formatted human-readable message that indicates the
reason the unhandled namespace data was not returned in the reason the unhandled namespace data was not returned in the
appropriate location of the response. The formatted reason appropriate location of the response. The formatted reason
SHOULD follow the Augmented Backus-Naur Form (ABNF) grammar SHOULD follow the Augmented Backus-Naur Form (ABNF) grammar
[RFC5234] format: NAMESPACE-URI "not in login services", where [RFC5234] format: NAMESPACE-URI "not in login services", where
NAMESPACE-URI is the unhandled XML namespace like NAMESPACE-URI is the unhandled XML namespace like
"urn:ietf:params:xml:ns:domain-1.0" for [RFC5731]. "urn:ietf:params:xml:ns:domain-1.0" for [RFC5731].
This document supports handling of unsupported namespaces for This document supports handling of unsupported namespaces for
[RFC3735] object-level extensions and command-response extensions. [RFC3735] object-level extensions and command-response extensions.
skipping to change at page 17, line 12 skipping to change at page 17, line 12
registered by the IANA in the EPP Extension Registry described in registered by the IANA in the EPP Extension Registry described in
[RFC7451]. The details of the registration are as follows: [RFC7451]. The details of the registration are as follows:
Name of Extension: "Extensible Provisioning Protocol (EPP) Unhandled Name of Extension: "Extensible Provisioning Protocol (EPP) Unhandled
Namespaces" Namespaces"
Document status: Standards Track Document status: Standards Track
Reference: (insert reference to RFC version of this document) Reference: (insert reference to RFC version of this document)
Registrant Name and Email Address: IESG, <iesg@ietf.org> Registrant Name and Email Address: IETF, <iesg@ietf.org>
TLDs: Any TLDs: Any
IPR Disclosure: None IPR Disclosure: None
Status: Active Status: Active
Notes: None Notes: None
9. Implementation Status 9. Implementation Status
skipping to change at page 18, line 42 skipping to change at page 18, line 42
Coverage: All aspects of the protocol are implemented. Coverage: All aspects of the protocol are implemented.
Licensing: Proprietary Licensing: Proprietary
Contact: martin.casanova@switch.ch Contact: martin.casanova@switch.ch
URL: https://www.nic.ch/cds URL: https://www.nic.ch/cds
10. Security Considerations 10. Security Considerations
The document do not provide any security services beyond those This document does not provide any security services beyond those
described by EPP [RFC5730] and protocol layers used by EPP. The described by EPP [RFC5730] and protocol layers used by EPP. The
security considerations described in these other specifications apply security considerations described in these other specifications apply
to this specification as well. to this specification as well. Since the unhandled namespace context
is XML that is not processed in the first pass by the XML parser, the
client SHOULD consider validating the XML when the content is
processed to protect against the inclusion of malicious content.
11. Acknowledgements 11. Acknowledgements
The authors wish to thank the following persons for their feedback The authors wish to thank the following persons for their feedback
and suggestions: Thomas Corte, Scott Hollenbeck, Patrick Mevzek, and and suggestions: Thomas Corte, Scott Hollenbeck, Patrick Mevzek, and
Marcel Parodi. Marcel Parodi.
12. References 12. References
12.1. Normative References 12.1. Normative References
skipping to change at page 19, line 48 skipping to change at page 20, line 5
Security Extensions Mapping for the Extensible Security Extensions Mapping for the Extensible
Provisioning Protocol (EPP)", RFC 5910, Provisioning Protocol (EPP)", RFC 5910,
DOI 10.17487/RFC5910, May 2010, DOI 10.17487/RFC5910, May 2010,
<https://www.rfc-editor.org/info/rfc5910>. <https://www.rfc-editor.org/info/rfc5910>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205, Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016, RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>. <https://www.rfc-editor.org/info/rfc7942>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8590] Gould, J. and K. Feher, "Change Poll Extension for the [RFC8590] Gould, J. and K. Feher, "Change Poll Extension for the
Extensible Provisioning Protocol (EPP)", RFC 8590, Extensible Provisioning Protocol (EPP)", RFC 8590,
DOI 10.17487/RFC8590, May 2019, DOI 10.17487/RFC8590, May 2019,
<https://www.rfc-editor.org/info/rfc8590>. <https://www.rfc-editor.org/info/rfc8590>.
12.2. Informative References 12.2. Informative References
[RFC3735] Hollenbeck, S., "Guidelines for Extending the Extensible [RFC3735] Hollenbeck, S., "Guidelines for Extending the Extensible
Provisioning Protocol (EPP)", RFC 3735, Provisioning Protocol (EPP)", RFC 3735,
DOI 10.17487/RFC3735, March 2004, DOI 10.17487/RFC3735, March 2004,
skipping to change at page 21, line 43 skipping to change at page 22, line 5
responses containing unhanded namespace information in the client responses containing unhanded namespace information in the client
to proactively add support for the unhandled namespaces. to proactively add support for the unhandled namespaces.
3. Moved RFC 3735 and RFC 7451 to informative references to address 3. Moved RFC 3735 and RFC 7451 to informative references to address
down reference errors in idnits. down reference errors in idnits.
A.9. Change from REGEXT 05 to REGEXT 06 A.9. Change from REGEXT 05 to REGEXT 06
1. Nit updates made based on the feedback provided by the Document 1. Nit updates made based on the feedback provided by the Document
Shepherd, David Smith. Shepherd, David Smith.
A.10. Change from REGEXT 06 to REGEXT 07
Updates based on the Barry Leiba (AD) feedback:
1. Simplified the abstract based on the proposal provided by the AD.
2. In section 1.1, updated to use the new BCP 14 boilerplate and add
a normative reference to RFC 8174.
3. In section 1.1, changed "REQUIRED feature of this protocol" to
"required feature of this protocol".
4. In section 3, added "by the XML schema" in "disabled by the XML
schema in [RFC5730]" to clarify the statement.
5. In section 8.2, changed the Registrant Name from "IESG" to
"IETF".
6. In section 10, changed "The document do not provide" to "This
document does not provide".
7. In section 10, added the sentence "Since the unhandled namespace
context is XML that is not processed in the first pass by the XML
parser, the client SHOULD consider validating the XML when the
content is processed to protect against the inclusion of
malicious content.".
Authors' Addresses Authors' Addresses
James Gould James Gould
VeriSign, Inc. VeriSign, Inc.
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
United States of America United States of America
Email: jgould@verisign.com Email: jgould@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
 End of changes. 16 change blocks. 
27 lines changed or deleted 53 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/