Hello Mario,
On 3/29/22 17:07, Mario Loffredo wrote:
That's exactly my main concern about such an idea that was the same
supporting last proposal about EPP-over-HTTP submitted to this WG.
Making EPP completely stateful appeared,and still apeears, to me
inefficient and in contrast with the trend in the design of REST services.
EPP *is* stateful by definition (see "Protocol Description" in RFC 5730),
and that has implications beyond the fact that credentials are only
presented to the server in the <login>. The <login> also contains
"handshake" information that tells the server which object and extension
URIs the client understands, and that information governs the content of
server responses during the session (e.g., which version of fee extension
data is returned in the response to a billable operation).
Consequently, EPP would need to be completely revamped in order to
facilitate stateless operation. All extensions relying on the <login>
handshake would need to be rewritten. The use of cookies (a
well-established method to maintain server state over HTTP) seems like
the lesser evil here.
Best regards,
Thomas
--
TANGO REGISTRY SERVICES® is a product of:
Knipp Medien und Kommunikation GmbH
Technologiepark Phone: +49 231 9703-222
Martin-Schmeisser-Weg 9 Fax: +49 231 9703-200
D-44227 Dortmund E-Mail: supp...@tango-rs.com
Germany
_______________________________________________
regext mailing list
regext@ietf.org
https://www.ietf.org/mailman/listinfo/regext
