> -----Original Message----- > From: regext <regext-boun...@ietf.org> On Behalf Of Thomas Corte > (TANGO support) > Sent: Thursday, March 31, 2022 1:17 PM > To: regext@ietf.org > Subject: [EXTERNAL] Re: [regext] Comments to the feedback about epp- > over-http > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content > is safe. > > Hello Mario, > > On 3/31/22 17:36, Mario Loffredo wrote: > > > Starting an HTTP session when receiving an EPP command other than the > > Login command is in .it experience (but I can speak on behalf of .pl > > too) very inefficient because you can't immediately lock the HTTP > > session to the Registrar. > > Ok, but plain TCP implementations have the same problem. Unless the > registry requires that no two registrars have the same IP address whitelisted, > the server always has to wait for the <login> until it knows which registrar > has > connected. That is, unless client certificates are also in play, as suggested > by > Patrick, but that's not a requirement in EPP, even if many registries are now > requiring them.
[SAH] Client certificates ARE required for TCP transport with TLS. See here: https://datatracker.ietf.org/doc/html/rfc5734#section-9 They're not specifically a requirement for EPP, but they are for that particular transport protocol (which just happens to be the only standard transport protocol). Scott _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
