ietf
[Top] [All Lists]

Re: Last Call: Registry Registrar Protocol (RRP) Version 1.1.0 to Informational

2000-01-04 16:10:02

IESG:

I hate to add a "me too" but I must. I believe that the RAB minutes would
be very useful if they were published. Having participated with many
Registrars and participated in changes and suggestions to the RRP protocol
through the ICANN Testbed process I welcome Ed's comments.

I am glad that NSI has published the I-D for their protocol, now does it
need to go beyond that and become an RFC, IMHO, no.

The IETF does not need to publish broken implementations of one companies 
view of the shared gTLD registration process. Having an AD that sat on the
RAB  promote the I-D and offer no reasoning as to why it
*should be* published as an Informational RFC reminds me of the bad taste
left by the IAHC and all the processes related.

I would request that the IESG let this draft expire and create a WG to
tackle the problem. I would be interested in hearing just why the IESG
thinks this document should be published. The document exists as an I-D,
the cat is out of the bag, why should it be an RFC? Its broken and of bad
design we don't need that kind of thing published any further than it has
been.

regards,

-rick




On Tue, 4 Jan 2000, Ed Gerck wrote:



Patrik Fältström wrote:

So, you are talking about (like we did in the RAB) the quality of the
protocol, while I now as AD and member of the IESG is asking whether this
document is correctly describing what is in use.

I ask you Ed, and all others, to please differentiate between those two
issues, and come with comments on the correctness of the document. Comments
on the protocol can be sent directly to NSI.

IMO you  are following a very slippery slope here.  You seem
now to be moving into "explanation mode" in order to say that 
the  protocol's effectiveness is not important, just its perfunctory 
functions.

In other words, you as AD and member of the IESG are saying
that protocols are to be published as RFCs even if knowingly
technically wrong, inefficient, outdated and insecure -- provided
they are "in use".

Well, I may be a little less pragmatic than you and I question exactly
the correctness of the document, as well as its effectiveness.

And, since our names are still in NSI's page for the Registry Advisory
Board (RAB) and we were involved with it, I also think that the IETF
should know that the SRP being proposed by NSI as an RFC and
being followed through IETF under yours (a former member of the
RAB) apparent approval is not what the RAB discussed and
formally requested to change as documented in the RAB minutes locked
under NDA. The RAB in Ammendment 11 has thus become a mock review 
process locked under NDA, even though the RAB was officially called by 
the USG to "review, participate, and advise in testing of the technology
aspects of the Shared  Registration System, and to suggest improvements
to Network Solutions to better meet the mandates of Amendment 11."

The least I suggest is to make the RAB Metting Minutes, together with
its Action Plan, public -- before furthering this RFC in the IETF. Why
should other people need to reinvent the same comments again?  The hope
that some will not be reinvented is IMO ill-founded as security
experience shows all the time -- obscurity is not a basis for
security.

Now, of course, if NSI wants to keep the protocol private then I
have no further comments.

Cheers,

Ed Gerck




<Prev in Thread] Current Thread [Next in Thread>