> -----Original Message----- > From: Andrew Newton (andy) <a...@hxr.us> > Sent: Friday, November 22, 2024 2:14 PM > To: Hollenbeck, Scott <shollenb...@verisign.com> > Cc: regext@ietf.org > Subject: [EXTERNAL] Re: [regext] Re: WGLC: draft-ietf-regext-epp-eai (was: > WGLC: draft-ietf-regext-rdap-rir-search-09) > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content is > safe. > > On Fri, Nov 22, 2024 at 10:25 AM Hollenbeck, Scott > <shollenb...@verisign.com> wrote: > > > > > 1. Section 2 discusses the migration to a newer version of the > > > extension with a SHOULD but the text does not describe the migration > > > process nor references one. Either the SHOULD should be lowercased, > > > the migration process should be specified, or the migration process should > be referenced. > > > > [SAH] Thanks for the feedback, Andy. There's another option: remove this > section entirely. My preference would be to either lowercase the SHOULD or to > remove the section. Do you prefer one of those over the other? > > IMHO, leaving the section in the draft will attract unwanted attention. :)
[SAH] OK, I can remove it unless someone thinks it really, really needs to be there. > > > 2. The last paragraph of the security section does not specify the > > > "who" in the warning. Is this for registrars, registries, end users? > > > > [SAH] Are you referring to the "either address may be forwarded to the > other" text? If so, it applies to all of those involved parties equally. I > can make > that clear by saying "all users of these addresses should be aware". Does that > work? > > > > It is better, but I don't have a "gooder" suggestion. That said, how is this a > security consideration? It is a usability issue, but what is the security > threat? [SAH] Good point. Maybe that whole paragraph can be moved to the Introduction to preserve awareness. Scott _______________________________________________ regext mailing list -- regext@ietf.org To unsubscribe send an email to regext-le...@ietf.org
