FYI, folks. This draft was written to help describe why RFCs 5731 and 5732 say that an EPP client (for example, a domain name registrar) SHOULD NOT delete EPP domain objects without explicitly addressing associations with registered host objects. It explains how certain operational practices have introduced a risk of domain management hijacking, and it contains some thoughts on better practices. I won't call them "best" yet, but with community input that's the ultimate intention.
I'm sharing this with both the regext and dnsop working groups because the issue includes aspects of EPP implementation and DNS delegation management. An SSAC working group is also looking at the topic. I'll push the xml source and text files to a GitHub repository shortly; review, feedback, and pull requests are most welcome. https://github.com/verisign/draft-regext-epp-delete-bcp Thanks for your attention, Scott > -----Original Message----- > From: internet-dra...@ietf.org <internet-dra...@ietf.org> > Sent: Friday, June 23, 2023 10:57 AM > To: Hollenbeck, Scott <shollenb...@verisign.com>; Carroll, William > <wicarr...@verisign.com> > Subject: [EXTERNAL] New Version Notification for > draft-hollenbeck-regext-epp- > delete-bcp-00.txt > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content is > safe. > > A new version of I-D, draft-hollenbeck-regext-epp-delete-bcp-00.txt > has been successfully submitted by Scott Hollenbeck and posted to the IETF > repository. > > Name: draft-hollenbeck-regext-epp-delete-bcp > Revision: 00 > Title: Best Practices for Deletion of Domain and Host Objects > in the > Extensible Provisioning Protocol (EPP) > Document date: 2023-06-23 > Group: Individual Submission > Pages: 11 > URL: > https://www.ietf.org/archive/id/draft-hollenbeck-regext-epp-delete-bcp-00.txt > Status: > https://datatracker.ietf.org/doc/draft-hollenbeck-regext-epp-delete-bcp/ > Html: > https://www.ietf.org/archive/id/draft-hollenbeck-regext-epp-delete-bcp-00.html > Htmlized: [SAH] FYI, > folks.https://datatracker.ietf.org/doc/html/draft-hollenbeck-regext-epp-delete-bcp > > > Abstract: > The Extensible Provisioning Protocol (EPP) includes commands for > clients to delete domain and host objects, both of which are used to > publish information in the Domain Name System (DNS). EPP includes > guidance concerning those deletions that is intended to avoid DNS > resolution disruptions and maintain data consistency. However, > operational relationships between objects can make that guidance > difficult to implement. Some EPP clients have developed operational > practices to delete those objects that have unintended impacts on DNS > resolution and security. This document describes best practices to > delete domain and host objects that reduce the risk of DNS resolution > failure and maintain client-server data consistency. > > > > > The IETF Secretariat > _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext
