Tiru,
In re-looking at it, it was intended to reference the set of normative EPP RFC’s used in the draft, which originally included RFC 5730, 5731, 3915, 5910, and 8590. We moved all of the EPP RFCs 3915, 5910, and 8590 from normative references to informational references because they’re only used in the examples, which leaves the RFC 5730 and 5731 normative references. I believe that the RFC 5731 normative reference can also be made an informational reference, since it’s only used in the examples. If that was to be done, it would only leave RFC 5730, which is the target of the statement in the Security Considerations section. This is a long way of proposing moving RFC 5731 to be informational and remove the second sentence “The security considerations described in these other specifications apply to this specification as well. “ from the Security Considerations section, since the first sentence covers RFC 5730 and no other EPP RFCs apply. Thanks, -- JG [cid:image001.png@01D7090F.9AA1BF90] James Gould Fellow Engineer jgo...@verisign.com<applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgo...@verisign.com> 703-948-3271 12061 Bluemont Way Reston, VA 20190 Verisign.com<http://verisigninc.com/> From: "Konda, Tirumaleswar Reddy" <tirumaleswarreddy_ko...@mcafee.com> Date: Sunday, February 21, 2021 at 6:48 AM To: "sec...@ietf.org" <sec...@ietf.org>, "regext@ietf.org" <regext@ietf.org>, "draft-ietf-regext-unhandled-namespaces....@ietf.org" <draft-ietf-regext-unhandled-namespaces....@ietf.org> Subject: [EXTERNAL] Secdir last call review of draft-ietf-regext-unhandled-namespaces Resent-From: <alias-boun...@ietf.org> Resent-To: James Gould <jgo...@verisign.com>, <martin.casan...@switch.ch>, <i...@antoin.nl>, <gal...@elistx.com>, <superu...@gmail.com>, <barryle...@gmail.com>, <francesca.palomb...@ericsson.com>, <barryle...@computer.org>, David Smith <dsm...@verisign.com>, David Smith <dsm...@verisign.com> Resent-Date: Sunday, February 21, 2021 at 6:48 AM Reviewer: Tirumaleswar Reddy Review result: Has nits This document does not define any new EPP protocol elements, it specifies an operational practice using the existing EPP protocol. It does not discuss any security aspects other than relying on the security considerations in EPP protocol [RFC5730]. The security considerations described in these other specifications apply to this specification as well. Comment> What other specifications are you referring to ? -Tiru
_______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
