Hi Gavin,
Thank you so much for this contribution.
It opens a new avenue for reflection in the current debate.
Best,
Mario
Il 23/02/2026 14:56, Gavin Brown ha scritto:
On Thu, 19 Feb 2026, at 19:17, Andy Newton wrote:
On 2/19/26 11:32 AM, Gould, James wrote:
3. The goal of draft-ietf-regext-epp-https is to provide a more
Cloud-friendly EPP transport, which means that Domain Name Registries (DNRs)
can be deployed in the public cloud without having to create custom EPP over
TCP (EoT) gateways. Use of the CONNECT HTTP method does not meet this goal.
I am befuddled by the "cloud-friendly" marketing as well. There are
currently several RSPs who operate EPP using cloud providers, and many
cloud providers have network load balancers that do TLS termination.
From what I can tell, this draft doesn't work well with cloud-based
web-application firewalls as each EPP operation uses the same path (or
did I miss something), requiring custom parsing of the EPP XML bodies
to do any app-layer routing.
Can you point to the specific technical challenge this is referencing?
Using native HTTP platforms is often quite a bit cheaper than running TCP
gateways.
Running an EPP gateway on a public cloud provider typically means using
building custom infrastructure on top of virtual machines or containers, which
are billed at higher rates than pure HTTP-based services.
I recently switched RDAP.ORG from doing its own TLS termination (via a TCP
gateway provided by my cloud provider) to using their HTTP load balancer, and
my monthly bill dropped by more than an order of magnitude.
G.
--
Dott. Mario Loffredo
Senior Technologist
Technological Unit “Digital Innovation”
Institute of Informatics and Telematics (IIT)
National Research Council (CNR)
Address: Via G. Moruzzi 1, I-56124 PISA, Italy
Phone: +39.0503153497
Web: http://www.iit.cnr.it/mario.loffredo
_______________________________________________
regext mailing list -- [email protected]
To unsubscribe send an email to [email protected]
