Two comments: 1. The IANA Considerations section includes requests to register a number of RDAP status values. The registrant for each of these values is "VeriSign Inc.". Given that the intended status of this document is currently "Informational" that might be OK, but since these values aren't proprietary to Verisign I'm going to suggest that it might be more appropriate for the IESG to be the registrant.
OLD: Registrant Name: VeriSign Inc. Registrant Contact Information: epp-regis...@verisign.com NEW: Registrant Name: IESG Registrant Contact Information: i...@ietf.org 2. The Security Considerations section says "The mapping described in this document do not provide any security services beyond those described by RDAP [RFC7483]". That's true, but I think some text needs to be added to note that implementation of this mapping can expose more information about registered domain names to any client who asks, and that raises privacy concerns. The issue should be noted, and the possible mitigation using client authentication with authorization and access control policies can be described. Scott _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
