draft-ietf-regext-verificationcode-05.txt | draft-ietf-regext-verificationcode-06.txt | |||
---|---|---|---|---|
Network Working Group J. Gould | Network Working Group J. Gould | |||
Internet-Draft VeriSign, Inc. | Internet-Draft VeriSign, Inc. | |||
Intended status: Standards Track November 21, 2018 | Intended status: Standards Track January 10, 2019 | |||
Expires: May 25, 2019 | Expires: July 14, 2019 | |||
Verification Code Extension for the Extensible Provisioning Protocol | Verification Code Extension for the Extensible Provisioning Protocol | |||
(EPP) | (EPP) | |||
draft-ietf-regext-verificationcode-05 | draft-ietf-regext-verificationcode-06 | |||
Abstract | Abstract | |||
This document describes an Extensible Provisioning Protocol (EPP) | This document describes an Extensible Provisioning Protocol (EPP) | |||
extension for including a verification code for marking the data for | extension for including a verification code for marking the data for | |||
a transform command as being verified by a 3rd party, which is | a transform command as being verified by a 3rd party, which is | |||
referred to as the Verification Service Provider (VSP). The | referred to as the Verification Service Provider (VSP). The | |||
verification code is digitally signed by the VSP using XML Signature | verification code is digitally signed by the VSP using XML Signature | |||
and is "base64" encoded. The XML Signature includes the VSP signer | and is "base64" encoded. The XML Signature includes the VSP signer | |||
certificate, so the server can verify that the verification code | certificate, so the server can verify that the verification code | |||
skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on May 25, 2019. | This Internet-Draft will expire on July 14, 2019. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
skipping to change at page 3, line 5 ¶ | skipping to change at page 3, line 5 ¶ | |||
B.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 36 | B.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 36 | |||
B.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 36 | B.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 36 | |||
B.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 36 | B.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 36 | |||
B.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 36 | B.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 36 | |||
B.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 37 | B.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 37 | |||
B.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 37 | B.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 37 | |||
B.7. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 37 | B.7. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 37 | |||
B.8. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 37 | B.8. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 37 | |||
B.9. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 37 | B.9. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 37 | |||
B.10. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 37 | B.10. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 37 | |||
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 37 | B.11. Change from REGEXT 05 to REGEXT 06 . . . . . . . . . . . 37 | |||
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 38 | ||||
1. Introduction | 1. Introduction | |||
This document describes an extension mapping for version 1.0 of the | This document describes an extension mapping for version 1.0 of the | |||
Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an | Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an | |||
extension to EPP object mappings like the EPP domain name mapping | extension to EPP object mappings like the EPP domain name mapping | |||
[RFC5731], EPP host mapping [RFC5732], and EPP contact mapping | [RFC5731], EPP host mapping [RFC5732], and EPP contact mapping | |||
[RFC5733], can be used to pass a verification code to one of the EPP | [RFC5733], can be used to pass a verification code to one of the EPP | |||
transform commands. The domain name object is used for examples in | transform commands. The domain name object is used for examples in | |||
the document. The verification code is signed using XML Signature | the document. The verification code is signed using XML Signature | |||
skipping to change at page 3, line 32 ¶ | skipping to change at page 3, line 33 ¶ | |||
verify that data is in compliance with the policies of a locality. A | verify that data is in compliance with the policies of a locality. A | |||
locality MAY require the client to have data verified in accordance | locality MAY require the client to have data verified in accordance | |||
with local regulations or laws utilizing data sources not available | with local regulations or laws utilizing data sources not available | |||
to the server. The VSP has access to the local data sources and is | to the server. The VSP has access to the local data sources and is | |||
authorized to verify the data. Examples include verifying that the | authorized to verify the data. Examples include verifying that the | |||
domain name is not prohibited and verifying that the domain name | domain name is not prohibited and verifying that the domain name | |||
registrant is a valid individual, organization, or business in the | registrant is a valid individual, organization, or business in the | |||
locality. The data verified, and the objects and operations that | locality. The data verified, and the objects and operations that | |||
require the verification code to be passed to the server, is up to | require the verification code to be passed to the server, is up to | |||
the policies of the locality. The verification code represents a | the policies of the locality. The verification code represents a | |||
marker that the verification was completed. The VSP MUST store the | marker that the verification was completed. The signer certificate | |||
proof of verification and the generated verification code; and MAY | and the digital signature of the verification code MUST be verified | |||
store the verified data. The signer certificate and the digital | by the server. | |||
signature of the verification code MUST be verified by the server. | ||||
1.1. Conventions Used in This Document | 1.1. Conventions Used in This Document | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
XML is case sensitive. Unless stated otherwise, XML specifications | XML is case sensitive. Unless stated otherwise, XML specifications | |||
skipping to change at page 36, line 29 ¶ | skipping to change at page 36, line 29 ¶ | |||
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
Appendix A. Acknowledgements | Appendix A. Acknowledgements | |||
The authors wish to thank the following persons for their feedback | The authors wish to thank the following persons for their feedback | |||
and suggestions: | and suggestions: | |||
o Gurshabad Grover | o Gurshabad Grover | |||
o Rick Wilhelm | o Rick Wilhelm | |||
o John Levine | ||||
Appendix B. Change History | Appendix B. Change History | |||
B.1. Change from 00 to 01 | B.1. Change from 00 to 01 | |||
1. Fixed pendingComplaince and complaint to pendingCompliance and | 1. Fixed pendingComplaince and complaint to pendingCompliance and | |||
compliant in text. | compliant in text. | |||
2. Fixed verificaton to verification. | 2. Fixed verificaton to verification. | |||
B.2. Change from 01 to 02 | B.2. Change from 01 to 02 | |||
skipping to change at page 37, line 48 ¶ | skipping to change at page 37, line 48 ¶ | |||
the verification data in compliance with the applicable privacy | the verification data in compliance with the applicable privacy | |||
laws and regulations." sentence from the Security Considerations, | laws and regulations." sentence from the Security Considerations, | |||
based on feedback from Rick Wilhelm and agreement from Gurshabad | based on feedback from Rick Wilhelm and agreement from Gurshabad | |||
Grover. | Grover. | |||
2. Added the sentence "It is up to server policy what action to take | 2. Added the sentence "It is up to server policy what action to take | |||
if the verification code type is not set by the grace period." to | if the verification code type is not set by the grace period." to | |||
section 2.2 "Verification Profile", to clarify what happens when | section 2.2 "Verification Profile", to clarify what happens when | |||
the verification code grace period expires. This is based on an | the verification code grace period expires. This is based on an | |||
issue raised by Gurshabad Grover at the IETF-103 REGEXT meeting. | issue raised by Gurshabad Grover at the IETF-103 REGEXT meeting. | |||
B.11. Change from REGEXT 05 to REGEXT 06 | ||||
1. Removed the "The VSP MUST store the proof of verification and the | ||||
generated verification code; and MAY store the verified data." | ||||
sentence from the Introduction, based on feedback from John | ||||
Levine. | ||||
Author's Address | Author's Address | |||
James Gould | James Gould | |||
VeriSign, Inc. | VeriSign, Inc. | |||
12061 Bluemont Way | 12061 Bluemont Way | |||
Reston, VA 20190 | Reston, VA 20190 | |||
US | US | |||
Email: jgould@verisign.com | Email: jgould@verisign.com | |||
URI: http://www.verisign.com | URI: http://www.verisign.com | |||
End of changes. 9 change blocks. | ||||
10 lines changed or deleted | 19 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |