| draft-ietf-regext-verificationcode-01.txt | draft-ietf-regext-verificationcode-02.txt | |||
|---|---|---|---|---|
| Network Working Group J. Gould | Network Working Group J. Gould | |||
| Internet-Draft VeriSign, Inc. | Internet-Draft VeriSign, Inc. | |||
| Intended status: Standards Track April 17, 2017 | Intended status: Standards Track October 16, 2017 | |||
| Expires: October 19, 2017 | Expires: April 19, 2018 | |||
| Verification Code Extension for the Extensible Provisioning Protocol | Verification Code Extension for the Extensible Provisioning Protocol | |||
| (EPP) | (EPP) | |||
| draft-ietf-regext-verificationcode-01 | draft-ietf-regext-verificationcode-02 | |||
| Abstract | Abstract | |||
| This document describes an Extensible Provisioning Protocol (EPP) | This document describes an Extensible Provisioning Protocol (EPP) | |||
| extension for including a verification code for marking the data for | extension for including a verification code for marking the data for | |||
| a transform command as being verified by a 3rd party, which is | a transform command as being verified by a 3rd party, which is | |||
| referred to as the Verification Service Provider (VSP). The | referred to as the Verification Service Provider (VSP). The | |||
| verification code is digitally signed by the VSP using XML Signature | verification code is digitally signed by the VSP using XML Signature | |||
| and is "base64" encoded. The XML Signature includes the VSP signer | and is "base64" encoded. The XML Signature includes the VSP signer | |||
| certificate, so the server can verify that the verification code | certificate, so the server can verify that the verification code | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 19, 2017. | This Internet-Draft will expire on April 19, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 44 ¶ | skipping to change at page 2, line 44 ¶ | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 33 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 33 | |||
| 7. Normative References . . . . . . . . . . . . . . . . . . . . 33 | 7. Normative References . . . . . . . . . . . . . . . . . . . . 33 | |||
| Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 34 | Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 34 | |||
| Appendix B. Change History . . . . . . . . . . . . . . . . . . . 34 | Appendix B. Change History . . . . . . . . . . . . . . . . . . . 34 | |||
| B.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 34 | B.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 34 | |||
| B.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 34 | B.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 34 | |||
| B.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 35 | B.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 35 | |||
| B.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 35 | B.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 35 | |||
| B.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 35 | B.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 35 | |||
| B.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 35 | B.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 35 | |||
| B.7. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 35 | ||||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 35 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes an extension mapping for version 1.0 of the | This document describes an extension mapping for version 1.0 of the | |||
| Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an | Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an | |||
| extension to EPP object mappings like the EPP domain name mapping | extension to EPP object mappings like the EPP domain name mapping | |||
| [RFC5731], EPP host mapping [RFC5732], and EPP contact mapping | ||||
| [RFC5731], EPP host mapping [RFC5732], and EPP contact mapping | ||||
| [RFC5733], can be used to pass a verification code to one of the EPP | [RFC5733], can be used to pass a verification code to one of the EPP | |||
| transform commands. The domain name object is used for examples in | transform commands. The domain name object is used for examples in | |||
| the document. The verification code is signed using XML Signature | the document. The verification code is signed using XML Signature | |||
| [W3C.CR-xmldsig-core2-20120124] and is "base64" encoded. The | [W3C.CR-xmldsig-core2-20120124] and is "base64" encoded. The | |||
| "base64" encoded text of the verification code MUST conform to | "base64" encoded text of the verification code MUST conform to | |||
| [RFC2045]. The verification code demonstrates that verification was | [RFC2045]. The verification code demonstrates that verification was | |||
| done by a Verification Service Provider (VSP). | done by a Verification Service Provider (VSP). | |||
| The Verification Service Provider (VSP) is a certified party to | The Verification Service Provider (VSP) is a certified party to | |||
| verify that data is in compliance with the policies of a locality. A | verify that data is in compliance with the policies of a locality. A | |||
| skipping to change at page 33, line 40 ¶ | skipping to change at page 33, line 40 ¶ | |||
| Use of XML canonicalization SHOULD be used when generating the signed | Use of XML canonicalization SHOULD be used when generating the signed | |||
| code. SHA256/RSA-SHA256 SHOULD be used for digesting and signing. | code. SHA256/RSA-SHA256 SHOULD be used for digesting and signing. | |||
| The size of the RSA key SHOULD be at least 2048 bits. | The size of the RSA key SHOULD be at least 2048 bits. | |||
| 7. Normative References | 7. Normative References | |||
| [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail | [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail | |||
| Extensions (MIME) Part One: Format of Internet Message | Extensions (MIME) Part One: Format of Internet Message | |||
| Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, | Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, | |||
| <http://www.rfc-editor.org/info/rfc2045>. | <https://www.rfc-editor.org/info/rfc2045>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc2119>. | editor.org/info/rfc2119>. | |||
| [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, | |||
| DOI 10.17487/RFC3688, January 2004, | DOI 10.17487/RFC3688, January 2004, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc3688>. | editor.org/info/rfc3688>. | |||
| [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax | [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax | |||
| Specifications: ABNF", STD 68, RFC 5234, | Specifications: ABNF", STD 68, RFC 5234, | |||
| DOI 10.17487/RFC5234, January 2008, | DOI 10.17487/RFC5234, January 2008, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc5234>. | editor.org/info/rfc5234>. | |||
| [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", | [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", | |||
| STD 69, RFC 5730, DOI 10.17487/RFC5730, August 2009, | STD 69, RFC 5730, DOI 10.17487/RFC5730, August 2009, | |||
| <http://www.rfc-editor.org/info/rfc5730>. | <https://www.rfc-editor.org/info/rfc5730>. | |||
| [RFC5731] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | [RFC5731] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | |||
| Domain Name Mapping", STD 69, RFC 5731, | Domain Name Mapping", STD 69, RFC 5731, | |||
| DOI 10.17487/RFC5731, August 2009, | DOI 10.17487/RFC5731, August 2009, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc5731>. | editor.org/info/rfc5731>. | |||
| [RFC5732] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | [RFC5732] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | |||
| Host Mapping", STD 69, RFC 5732, DOI 10.17487/RFC5732, | Host Mapping", STD 69, RFC 5732, DOI 10.17487/RFC5732, | |||
| August 2009, <http://www.rfc-editor.org/info/rfc5732>. | August 2009, <https://www.rfc-editor.org/info/rfc5732>. | |||
| [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) | |||
| Contact Mapping", STD 69, RFC 5733, DOI 10.17487/RFC5733, | Contact Mapping", STD 69, RFC 5733, DOI 10.17487/RFC5733, | |||
| August 2009, <http://www.rfc-editor.org/info/rfc5733>. | August 2009, <https://www.rfc-editor.org/info/rfc5733>. | |||
| [RFC7451] Hollenbeck, S., "Extension Registry for the Extensible | [RFC7451] Hollenbeck, S., "Extension Registry for the Extensible | |||
| Provisioning Protocol", RFC 7451, DOI 10.17487/RFC7451, | Provisioning Protocol", RFC 7451, DOI 10.17487/RFC7451, | |||
| February 2015, <http://www.rfc-editor.org/info/rfc7451>. | February 2015, <https://www.rfc-editor.org/info/rfc7451>. | |||
| [W3C.CR-xmldsig-core2-20120124] | [W3C.CR-xmldsig-core2-20120124] | |||
| Cantor, S., Roessler, T., Eastlake, D., Yiu, K., Reagle, | Cantor, S., Roessler, T., Eastlake, D., Yiu, K., Reagle, | |||
| J., Solo, D., Datta, P., and F. Hirsch, "XML Signature | J., Solo, D., Datta, P., and F. Hirsch, "XML Signature | |||
| Syntax and Processing Version 2.0", World Wide Web | Syntax and Processing Version 2.0", World Wide Web | |||
| Consortium CR CR-xmldsig-core2-20120124, January 2012, | Consortium CR CR-xmldsig-core2-20120124, January 2012, | |||
| <http://www.w3.org/TR/2012/CR-xmldsig-core2-20120124>. | <http://www.w3.org/TR/2012/CR-xmldsig-core2-20120124>. | |||
| Appendix A. Acknowledgements | Appendix A. Acknowledgements | |||
| skipping to change at page 35, line 23 ¶ | skipping to change at page 35, line 23 ¶ | |||
| B.5. Change from 04 to REGEXT 00 | B.5. Change from 04 to REGEXT 00 | |||
| 1. Changed to regext working group draft by changing draft-gould- | 1. Changed to regext working group draft by changing draft-gould- | |||
| eppext-verificationcode to draft-ietf-regext-verificationcode. | eppext-verificationcode to draft-ietf-regext-verificationcode. | |||
| B.6. Change from REGEXT 00 to REGEXT 01 | B.6. Change from REGEXT 00 to REGEXT 01 | |||
| 1. Ping update. | 1. Ping update. | |||
| B.7. Change from REGEXT 01 to REGEXT 02 | ||||
| 1. Ping update. | ||||
| Author's Address | Author's Address | |||
| James Gould | James Gould | |||
| VeriSign, Inc. | VeriSign, Inc. | |||
| 12061 Bluemont Way | 12061 Bluemont Way | |||
| Reston, VA 20190 | Reston, VA 20190 | |||
| US | US | |||
| Email: jgould@verisign.com | Email: jgould@verisign.com | |||
| URI: http://www.verisign.com | URI: http://www.verisign.com | |||
| End of changes. 16 change blocks. | ||||
| 18 lines changed or deleted | 23 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||