From kitirat@address.com Sat Aug 1 13:48:08 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 532623A6916 for ; Sat, 1 Aug 2009 13:48:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.89 X-Spam-Level: X-Spam-Status: No, score=-0.89 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, TVD_RCVD_IP=1.931, TVD_SPACE_RATIO=2.219, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_SC_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhw0-gpetsBZ for ; Sat, 1 Aug 2009 13:48:06 -0700 (PDT) Received: from 200-100-112-248.dial-up.telesp.net.br (200-100-112-248.dial-up.telesp.net.br [200.100.112.248]) by core3.amsl.com (Postfix) with SMTP id F159E3A6870 for ; Sat, 1 Aug 2009 13:47:54 -0700 (PDT) To: Subject: Delivery Status Notification (Failure) From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090801204759.F159E3A6870@core3.amsl.com> Date: Sat, 1 Aug 2009 13:47:54 -0700 (PDT)

From majordomo@ahnen-detektiv.de Wed Aug 5 00:13:31 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 25F6528C4D3 for ; Wed, 5 Aug 2009 00:13:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -38.915 X-Spam-Level: X-Spam-Status: No, score=-38.915 tagged_above=-999 required=5 tests=[BAYES_60=1, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, RELAY_IS_222=2.179, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aTUqQ0FfQ1oN for ; Wed, 5 Aug 2009 00:13:25 -0700 (PDT) Received: from ahlbd.com (unknown [222.252.82.254]) by core3.amsl.com (Postfix) with SMTP id 78BC628C408 for ; Wed, 5 Aug 2009 00:13:23 -0700 (PDT) To: Subject: Re: Order status From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090805071324.78BC628C408@core3.amsl.com> Date: Wed, 5 Aug 2009 00:13:23 -0700 (PDT)

From keithandanita@alum.rpi.edu Wed Aug 5 08:15:26 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8B2B828C5B6 for ; Wed, 5 Aug 2009 08:15:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -35.455 X-Spam-Level: X-Spam-Status: No, score=-35.455 tagged_above=-999 required=5 tests=[BAYES_60=1, FH_RELAY_NODNS=1.451, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_3=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_UNI=0.591, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5QEeQWXW3KcV for ; Wed, 5 Aug 2009 08:15:19 -0700 (PDT) Received: from alnp.uscourts.gov (unknown [189.107.124.70]) by core3.amsl.com (Postfix) with SMTP id 87B6228C3E1 for ; Wed, 5 Aug 2009 08:14:26 -0700 (PDT) To: From: Subject: Delivery Status Notification (Failure) MIME-Version: 1.0 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <20090805151427.87B6228C3E1@core3.amsl.com> Date: Wed, 5 Aug 2009 08:14:26 -0700 (PDT)

Click here to view as a web page.

Unsubscribe | Change e-mail address | Privacy Policy | About Us

Copyright Â© 2009 RSTUVWXYZ01234567890WXYZ01234567890 Inc. All rights reserved.

From navarrete@advbiol.com Fri Aug 7 06:35:24 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C424B28C1DB for ; Fri, 7 Aug 2009 06:35:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -34.364 X-Spam-Level: X-Spam-Status: No, score=-34.364 tagged_above=-999 required=5 tests=[BAYES_80=2, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_NONE=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, TVD_SPACE_RATIO=2.219, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ycP22Bw7xIpB for ; Fri, 7 Aug 2009 06:35:18 -0700 (PDT) Received: from aig.com (unknown [190.172.233.137]) by core3.amsl.com (Postfix) with SMTP id 7AAC928C1E1 for ; Fri, 7 Aug 2009 06:34:33 -0700 (PDT) To: Subject: Return mail From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090807133434.7AAC928C1E1@core3.amsl.com> Date: Fri, 7 Aug 2009 06:34:33 -0700 (PDT)

From luxuriated45@bzq-79-181-31-73.red.bezeqint.net Sat Aug 8 16:21:57 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 34B503A697F; Sat, 8 Aug 2009 16:21:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.042 X-Spam-Level: X-Spam-Status: No, score=-5.042 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DIET_1=0.083, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bk7NVdLWz3IN; Sat, 8 Aug 2009 16:21:56 -0700 (PDT) Received: from bzq-79-181-31-73.red.bezeqint.net (bzq-79-181-31-73.red.bezeqint.net [79.181.31.73]) by core3.amsl.com (Postfix) with ESMTP id ADC463A6A4E; Sat, 8 Aug 2009 16:21:55 -0700 (PDT) Received: from 79.181.31.73 by webmail2.cornut.fr; Sun, 9 Aug 2009 02:21:59 +0300 From: "Ethyl Cotter" To: Subject: 100% Free Weight-Loss Promo Offer! Date: Sun, 9 Aug 2009 02:21:59 +0300 Message-ID: <01ca1898$2c708e30$491fb54f@luxuriated45> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3338.1 Importance: Normal get in to a healthy lifestyle with Acai Berry I was just let in on a little secret, you wont believe, click this http://maxbewildered.com/ From mond@airbomber.com Tue Aug 11 09:25:57 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 141783A701F for ; Tue, 11 Aug 2009 09:25:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -34.421 X-Spam-Level: X-Spam-Status: No, score=-34.421 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5GrWh2fhncv2 for ; Tue, 11 Aug 2009 09:25:55 -0700 (PDT) Received: from alexander-tvl.com (unknown [75.131.195.103]) by core3.amsl.com (Postfix) with SMTP id 730C93A67CC for ; Tue, 11 Aug 2009 09:25:53 -0700 (PDT) To: Subject: Find one of the largest and most diverse ranges of preparations available on-line! From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090811162554.730C93A67CC@core3.amsl.com> Date: Tue, 11 Aug 2009 09:25:53 -0700 (PDT)
father, Joseph G. Slater. However subconsciously, he inspired me to

Get more info on our health care products and services here!

Ordinarily these days, though, Soros was more likely to be off in
I briefly sketched in my background and said that I wanted very
grateful for the lengthy interviews they conducted with me. In contrast From mfsuarezl@amichi.com.ar Sat Aug 15 17:54:24 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7463D3A6BF7 for ; Sat, 15 Aug 2009 17:54:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -28.888 X-Spam-Level: X-Spam-Status: No, score=-28.888 tagged_above=-999 required=5 tests=[BAYES_95=3, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fd3t0s+uYALB for ; Sat, 15 Aug 2009 17:54:23 -0700 (PDT) Received: from alphatechconcepts.com (unknown [123.26.195.201]) by core3.amsl.com (Postfix) with SMTP id 531133A6905 for ; Sat, 15 Aug 2009 17:53:51 -0700 (PDT) To: Subject: Your order From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090816005352.531133A6905@core3.amsl.com> Date: Sat, 15 Aug 2009 17:53:51 -0700 (PDT)

From whirredce63@77-97-199-162.cable.ubr26.sgyl.blueyonder.co.uk Sun Aug 16 17:54:53 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A8D83A6957 for ; Sun, 16 Aug 2009 17:54:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -68.596 X-Spam-Level: X-Spam-Status: No, score=-68.596 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BLUEYON=1.4, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AT5KvVKnI0kK for ; Sun, 16 Aug 2009 17:54:52 -0700 (PDT) Received: from 77-97-199-162.cable.ubr26.sgyl.blueyonder.co.uk (77-97-199-162.cable.ubr26.sgyl.blueyonder.co.uk [77.97.199.162]) by core3.amsl.com (Postfix) with ESMTP id B0E903A6822 for ; Sun, 16 Aug 2009 17:54:51 -0700 (PDT) Received: from 77.97.199.162 by mercury.win.be; Mon, 17 Aug 2009 03:54:57 +0300 From: "Rigoberto Domino" To: Subject: More paid, less work Date: Mon, 17 Aug 2009 03:54:57 +0300 Message-ID: <01ca1eee$7c75b8e0$a2c7614d@whirredce63> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal We provide a program that will allow someone with sufficient work experience to obtain a fully Verifiable Degree. Bachelors, Masters or even a Doctorate. 1 305 460 5721 Give us a call now. Leave your msg, with your full name and number and we will get back to you shortly. From owner-ietf-provreg@cafax.se Tue Aug 18 04:29:57 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9570C28C131 for ; Tue, 18 Aug 2009 04:29:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.966 X-Spam-Level: X-Spam-Status: No, score=-1.966 tagged_above=-999 required=5 tests=[AWL=0.283, BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yuioAyczSUlP for ; Tue, 18 Aug 2009 04:29:55 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 0A7AD3A6D67 for ; Tue, 18 Aug 2009 04:29:16 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IBGoBJ007524 for ; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IBGo51011656 for ietf-provreg-outgoing; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from osprey.verisign.com (osprey.verisign.com [216.168.239.75]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IBGn8h011831 for ; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id n7IB3Q9h005239 for ; Tue, 18 Aug 2009 07:03:26 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Aug 2009 12:16:48 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 07:16:48 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: EPP Server Implementer Help Needed Thread-Index: Acof9WCQ6p4pq/w8S7i3z62KD+oq+Q== From: "Hollenbeck, Scott" To: X-OriginalArrivalTime: 18 Aug 2009 11:16:48.0563 (UTC) FILETIME=[60D6F830:01CA1FF5] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IBGo8h016055 Sender: owner-ietf-provreg@cafax.se Precedence: bulk I still need info from one server implementer that is willing to be included in an implementation report and confirm that they have implemented the TLS client identification features described in section 9 of 4934bis. Specifically: 1. TLS implementations are REQUIRED to support the mandatory cipher suite specified in the implemented version: 2. Mutual client and server authentication using the TLS Handshake Protocol is REQUIRED. 3. Signatures on the complete certification path for both client machine and server machine MUST be validated as part of the TLS handshake. 4. Information included in the client and server certificates, such as validity periods and machine names, MUST also be validated. 5. EPP service MUST NOT be granted until successful completion of a TLS handshake and certificate validation Most of these come for free with a good TLS toolkit. Are there any server implementers willing to confirm that they've implemented these features? I've already confirmed that VeriSign has implemented these features. -Scott- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Tue Aug 18 09:13:50 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A40A28C2C8 for ; Tue, 18 Aug 2009 09:13:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jIsdC7NgoS0w for ; Tue, 18 Aug 2009 09:13:49 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 1BADC28C218 for ; Tue, 18 Aug 2009 09:13:48 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IFx6Rx006163 for ; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IFx6VN012314 for ietf-provreg-outgoing; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from smtp.cenit.gob.ve (smtp.cenit.gob.ve [150.188.4.71]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IFx5ai014491 for ; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) Received: from [150.186.201.2] (unknown [150.186.201.2]) by smtp.cenit.gob.ve (Postfix) with ESMTP id 1F2073ED4; Tue, 18 Aug 2009 11:34:37 -0430 (VET) Cc: Message-Id: <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> From: Francisco Obispo To: "Hollenbeck, Scott" In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Mime-Version: 1.0 (Apple Message framework v935.3) Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 11:29:03 -0430 References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> X-Mailer: Apple Mail (2.935.3) Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IFx6ai012980 Sender: owner-ietf-provreg@cafax.se Precedence: bulk Hi Scott, Although this comment might seem odd, I was wondering, why the TLS feature is required. When I was in charge of .VE we decided not to include any encryption/ auth features besides regular user/pass simple auth. Later on, we decided to use SSL/TLS tunneling with a sepparate software package, that will provide the encryption services. At first we used ssh, but stunnel turned out to be a better solution. if we were to require stronger encryption, we could start by introducing other software packages, but taking the complications outside of the EPP implementation... I don´t know if using third party software will comply with this requirement, because if it does, then it might be a good idea to switch to that instead. Regards Francisco On Aug 18, 2009, at 6:46 AM, Hollenbeck, Scott wrote: > I still need info from one server implementer that is willing to be > included in an implementation report and confirm that they have > implemented the TLS client identification features described in > section > 9 of 4934bis. Specifically: > > 1. TLS implementations are REQUIRED to support the mandatory cipher > suite specified in the implemented version: > > 2. Mutual client and server authentication using the TLS Handshake > Protocol is REQUIRED. > > 3. Signatures on the complete certification path for both client > machine > and server machine MUST be validated as part of the TLS handshake. > > 4. Information included in the client and server certificates, such as > validity periods and machine names, MUST also be validated. > > 5. EPP service MUST NOT be granted until successful completion of a > TLS > handshake and certificate validation > > Most of these come for free with a good TLS toolkit. Are there any > server implementers willing to confirm that they've implemented these > features? I've already confirmed that VeriSign has implemented these > features. > > -Scott- > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =-=-=- > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Tue Aug 18 10:05:10 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4795B3A6B9F for ; Tue, 18 Aug 2009 10:05:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.023 X-Spam-Level: X-Spam-Status: No, score=-2.023 tagged_above=-999 required=5 tests=[AWL=0.226, BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I5IEUUTkx-Kk for ; Tue, 18 Aug 2009 10:05:09 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 2442A3A6B31 for ; Tue, 18 Aug 2009 10:05:08 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IGjk1f009472 for ; Tue, 18 Aug 2009 18:45:46 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IGjk4W014498 for ietf-provreg-outgoing; Tue, 18 Aug 2009 18:45:46 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IGjjWf023512 for ; Tue, 18 Aug 2009 18:45:45 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7IGjhZx032710; Tue, 18 Aug 2009 12:45:43 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Aug 2009 17:45:44 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Subject: RE: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 12:45:43 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C72826@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] EPP Server Implementer Help Needed Thread-Index: AcogHNF4dzT1s3DMSNafSpUgoU0pMwABihGA References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> From: "Hollenbeck, Scott" To: "Francisco Obispo" Cc: X-OriginalArrivalTime: 18 Aug 2009 16:45:44.0213 (UTC) FILETIME=[54342C50:01CA2023] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IGjjWf016491 Sender: owner-ietf-provreg@cafax.se Precedence: bulk TLS was selected because it was thought to provide the best fit for the requirements identified in RFC 3375. -Scott- > -----Original Message----- > From: Francisco Obispo [mailto:fobispo@nic.ve] > Sent: Tuesday, August 18, 2009 11:59 AM > To: Hollenbeck, Scott > Cc: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed > > Hi Scott, > > Although this comment might seem odd, I was wondering, why > the TLS feature is required. > > When I was in charge of .VE we decided not to include any > encryption/ auth features besides regular user/pass simple auth. > > Later on, we decided to use SSL/TLS tunneling with a > sepparate software package, that will provide the encryption > services. At first we used ssh, but stunnel turned out to be > a better solution. > if we were to require stronger encryption, we could start by > introducing other software packages, but taking the > complications outside of the EPP implementation... > > I don´t know if using third party software will comply with > this requirement, because if it does, then it might be a good > idea to switch to that instead. > > Regards > > Francisco > > > > On Aug 18, 2009, at 6:46 AM, Hollenbeck, Scott wrote: > > > I still need info from one server implementer that is willing to be > > included in an implementation report and confirm that they have > > implemented the TLS client identification features described in > > section > > 9 of 4934bis. Specifically: > > > > 1. TLS implementations are REQUIRED to support the mandatory cipher > > suite specified in the implemented version: > > > > 2. Mutual client and server authentication using the TLS Handshake > > Protocol is REQUIRED. > > > > 3. Signatures on the complete certification path for both client > > machine and server machine MUST be validated as part of the TLS > > handshake. > > > > 4. Information included in the client and server > certificates, such as > > validity periods and machine names, MUST also be validated. > > > > 5. EPP service MUST NOT be granted until successful completion of a > > TLS handshake and certificate validation > > > > Most of these come for free with a good TLS toolkit. Are there any > > server implementers willing to confirm that they've > implemented these > > features? I've already confirmed that VeriSign has > implemented these > > features. > > > > -Scott- > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > =-=-=- > > List run by majordomo software. For (Un-)subscription and similar > > details send "help" to ietf-provreg-request@cafax.se > > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From luiselove08@yahoo.com Wed Aug 19 00:34:24 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 37B8028C0EE for ; Wed, 19 Aug 2009 00:34:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.502 X-Spam-Level: X-Spam-Status: No, score=0.502 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, RAZOR2_CHECK=0.5] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZS5YDGHbfh4B for ; Wed, 19 Aug 2009 00:34:23 -0700 (PDT) Received: from n17.bullet.mail.mud.yahoo.com (n17.bullet.mail.mud.yahoo.com [68.142.206.144]) by core3.amsl.com (Postfix) with SMTP id A65FF3A683D for ; Wed, 19 Aug 2009 00:33:53 -0700 (PDT) Received: from [68.142.200.225] by n17.bullet.mail.mud.yahoo.com with NNFMP; 19 Aug 2009 07:33:57 -0000 Received: from [68.142.201.246] by t6.bullet.mud.yahoo.com with NNFMP; 19 Aug 2009 07:33:57 -0000 Received: from [127.0.0.1] by omp407.mail.mud.yahoo.com with NNFMP; 19 Aug 2009 07:33:57 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 158258.92853.bm@omp407.mail.mud.yahoo.com Received: (qmail 8529 invoked by uid 60001); 19 Aug 2009 07:33:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1250667236; bh=K5o4tdV6d6YgEhs1WpSViwzXQzpuRREXpA6hdENorGU=; h=Message-ID:X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=h4XtI6gpG6P6CXBQRGcq3Y00OCFWkyudnkRxMt9teryIUMRCkJqF5daAqFcFUeqFZwVzYnYybPZo7vaVfywKLrZu2TQgWyMhjxPzM8sJmVPTR7NlNOjodmaR2JeCW/kOY2GSMN1VINEX8fqPebyB4OaiPOSSdl6SLdO6eEtoDY4= DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-RocketYMMF:X-Mailer:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type; b=IDjl8LxlDwKDFhtaf2Dph/zsY1Ey2PAwBGbD2AymZCv+81chc7WGiFKn8i46Dy2k8f8KlgPRpgtYyvlQfhfbzZLAhbCkB/CG+Cu6SSpqGTMHYo7FP20Akgd9t3p+S6ZOWC3jcJMMEeJGi0j+nSvHRF6LpG8mfVnPJAZoo07OLzE=; Message-ID: <265290.6983.qm@web44708.mail.sp1.yahoo.com> X-YMail-OSG: OZhuMVQVM1k2pXLT14P56TMoCIPFDH.m.tScYiwZ85povb8NIwVhHgUrwsYBb7FruLITEKYsEvp5G7Nar4XaDSgXalvCqn1spALOx8wX6u29SMwWhuBUZP9Fm2SyfJebwL96AgBI.kZczb_aqJAwBiG4gObJal.NVOrEGIcUQmYTSd1bq90tGaCLag4hFJXs5.EczvcRbjXLCwmj.lgnVrzFqG_A2VW3Rz2EZuDY8vfHw.6K7iYj9ngTGoxVRmD7JPuYf0SyVr_lUYl1DJurhvEo1F4ZPxV5n1OiKdBe_bIMKm8OfYwQyYDg.cgUJj5QLPSq4p8- Received: from [41.207.201.184] by web44708.mail.sp1.yahoo.com via HTTP; Wed, 19 Aug 2009 00:33:55 PDT X-RocketYMMF: bastitaanibalpereira X-Mailer: YahooMailClassic/6.1.2 YahooMailWebService/0.7.338.2 Date: Wed, 19 Aug 2009 00:33:55 -0700 (PDT) From: luise brown Reply-To: luiselove04@yahoo.com Subject: Hey Cute, To: undisclosed recipients: ; MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-1317638278-1250667235=:6983" --0-1317638278-1250667235=:6983 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Hey Cute, =A0 It is nice and joyful to found you on the Internet search.My name is Luise;= Well I am a Canadian female. I want to be your friend, and let share whate= ver we have in friendship. Return email to my id: luiselove08@yahoo.com Yours truly. Luise Brown. CANADA --0-1317638278-1250667235=:6983 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable

Hey Cute,

It is nice and joyful = to found you on the Internet search.My name is Luise; Well I am a Canadian = female. I want to be your friend, and let share whatever we have in friends= hip. Return email to my id: luiselove08@yahoo.com
Yours truly.
Luise = Brown.
CANADA

--0-1317638278-1250667235=:6983-- From owner-ietf-provreg@cafax.se Wed Aug 19 08:14:55 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 47C143A6D23 for ; Wed, 19 Aug 2009 08:14:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id knZi7CVso3Px for ; Wed, 19 Aug 2009 08:14:54 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id E4E3628C406 for ; Wed, 19 Aug 2009 08:14:17 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JEx8FP006262 for ; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JEx8al027617 for ietf-provreg-outgoing; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from clone.registro.br (clone.registro.br [200.160.2.4]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JEx7H3011273 for ; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) Received: by clone.registro.br (Postfix, from userid 1000) id D2FED9584E; Wed, 19 Aug 2009 11:59:05 -0300 (BRT) Date: Wed, 19 Aug 2009 11:59:05 -0300 From: Frederico A C Neves To: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Message-ID: <20090819145905.GN23252@registro.br> References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Sender: owner-ietf-provreg@cafax.se Precedence: bulk Scott, On Tue, Aug 18, 2009 at 07:16:48AM -0400, Hollenbeck, Scott wrote: > I still need info from one server implementer that is willing to be > included in an implementation report and confirm that they have > implemented the TLS client identification features described in section > 9 of 4934bis. Specifically: > > 1. TLS implementations are REQUIRED to support the mandatory cipher > suite specified in the implemented version: > > 2. Mutual client and server authentication using the TLS Handshake > Protocol is REQUIRED. > > 3. Signatures on the complete certification path for both client machine > and server machine MUST be validated as part of the TLS handshake. > > 4. Information included in the client and server certificates, such as > validity periods and machine names, MUST also be validated. > > 5. EPP service MUST NOT be granted until successful completion of a TLS > handshake and certificate validation > > Most of these come for free with a good TLS toolkit. Are there any > server implementers willing to confirm that they've implemented these > features? I've already confirmed that VeriSign has implemented these > features. I could confirm that our server does implement all these features. On the client side I could confirm several production clients. Some using our own client, private implementations and at least two client using Verising NameStore and Key-Systems. Our own client software does almost all checks except the validation of the server name and the CN on the server certificate. Next release will include this small patch. > -Scott- Fred -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Wed Aug 19 08:37:27 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0F0243A68CC for ; Wed, 19 Aug 2009 08:37:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.061 X-Spam-Level: X-Spam-Status: No, score=-2.061 tagged_above=-999 required=5 tests=[AWL=0.188, BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o9Jvv4-GUqY7 for ; Wed, 19 Aug 2009 08:37:26 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id DF6FF3A677D for ; Wed, 19 Aug 2009 08:37:25 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JFScjW021269 for ; Wed, 19 Aug 2009 17:28:38 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JFSclO025446 for ietf-provreg-outgoing; Wed, 19 Aug 2009 17:28:38 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JFSbqT025979 for ; Wed, 19 Aug 2009 17:28:37 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7JFSYp7011891; Wed, 19 Aug 2009 11:28:34 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 19 Aug 2009 16:28:36 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [ietf-provreg] EPP Server Implementer Help Needed Date: Wed, 19 Aug 2009 11:28:36 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <20090819145905.GN23252@registro.br> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] EPP Server Implementer Help Needed Thread-Index: Acog4UbFGHxt3d/bSJSYyxFWsin2GQAAFT3Q References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <20090819145905.GN23252@registro.br> From: "Hollenbeck, Scott" To: "Frederico A C Neves" , X-OriginalArrivalTime: 19 Aug 2009 15:28:36.0035 (UTC) FILETIME=[B8020130:01CA20E1] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7JFSbqT009093 Sender: owner-ietf-provreg@cafax.se Precedence: bulk Great - thanks! Can you tell me how you would want to see your server implementation identified in the implementation report? -Scott- > -----Original Message----- > From: owner-ietf-provreg@cafax.se > [mailto:owner-ietf-provreg@cafax.se] On Behalf Of Frederico A C Neves > Sent: Wednesday, August 19, 2009 10:59 AM > To: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed > > Scott, > > On Tue, Aug 18, 2009 at 07:16:48AM -0400, Hollenbeck, Scott wrote: > > I still need info from one server implementer that is willing to be > > included in an implementation report and confirm that they have > > implemented the TLS client identification features described in > > section > > 9 of 4934bis. Specifically: > > > > 1. TLS implementations are REQUIRED to support the mandatory cipher > > suite specified in the implemented version: > > > > 2. Mutual client and server authentication using the TLS Handshake > > Protocol is REQUIRED. > > > > 3. Signatures on the complete certification path for both client > > machine and server machine MUST be validated as part of the > TLS handshake. > > > > 4. Information included in the client and server > certificates, such as > > validity periods and machine names, MUST also be validated. > > > > 5. EPP service MUST NOT be granted until successful completion of a > > TLS handshake and certificate validation > > > > Most of these come for free with a good TLS toolkit. Are there any > > server implementers willing to confirm that they've > implemented these > > features? I've already confirmed that VeriSign has > implemented these > > features. > > I could confirm that our server does implement all these features. > > On the client side I could confirm several production > clients. Some using our own client, private implementations > and at least two client using Verising NameStore and Key-Systems. > > Our own client software does almost all checks except the > validation of the server name and the CN on the server > certificate. Next release will include this small patch. > > > -Scott- > > Fred > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -=-=-=-=-=-=- > List run by majordomo software. For (Un-)subscription and > similar details send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Wed Aug 19 09:30:06 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AB3AC3A677D for ; Wed, 19 Aug 2009 09:30:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.505 X-Spam-Level: X-Spam-Status: No, score=-1.505 tagged_above=-999 required=5 tests=[AWL=-0.745, BAYES_05=-1.11, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N2yyGiFkMq1N for ; Wed, 19 Aug 2009 09:30:05 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 32C373A6B75 for ; Wed, 19 Aug 2009 09:29:56 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JGMChc014565 for ; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JGMC3E013062 for ietf-provreg-outgoing; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from clone.registro.br (clone.registro.br [200.160.2.4]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JGMBHl005862 for ; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) Received: by clone.registro.br (Postfix, from userid 1000) id 2625B95873; Wed, 19 Aug 2009 13:22:10 -0300 (BRT) Date: Wed, 19 Aug 2009 13:22:10 -0300 From: Frederico A C Neves To: "Hollenbeck, Scott" Cc: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Message-ID: <20090819162210.GO23252@registro.br> References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <20090819145905.GN23252@registro.br> <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> Sender: owner-ietf-provreg@cafax.se Precedence: bulk On Wed, Aug 19, 2009 at 11:28:36AM -0400, Hollenbeck, Scott wrote: > Great - thanks! Can you tell me how you would want to see your server > implementation identified in the implementation report? Registro.br > -Scott- Fred -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Thu Aug 20 05:43:15 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 223193A680A for ; Thu, 20 Aug 2009 05:43:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.287 X-Spam-Level: X-Spam-Status: No, score=-2.287 tagged_above=-999 required=5 tests=[AWL=-0.038, BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Xhl0BJgqWf2 for ; Thu, 20 Aug 2009 05:43:13 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 3A2CE3A6E80 for ; Thu, 20 Aug 2009 05:43:05 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KCWjf5023204 for ; Thu, 20 Aug 2009 14:32:45 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KCWjlj023630 for ietf-provreg-outgoing; Thu, 20 Aug 2009 14:32:45 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KCWisJ002822 for ; Thu, 20 Aug 2009 14:32:44 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7KCWcjB018095 for ; Thu, 20 Aug 2009 08:32:39 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 Aug 2009 13:32:42 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 08:32:41 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Thread-Index: AcohCAe8oQdBj2flTFipMWRjhQNMaAAie7fA From: "Hollenbeck, Scott" To: X-OriginalArrivalTime: 20 Aug 2009 12:32:42.0277 (UTC) FILETIME=[4FE41550:01CA2192] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7KCWjsJ005151 Sender: owner-ietf-provreg@cafax.se Precedence: bulk 4934bis has been approved by the IESG. That's the last of the document updates for Full Standard. An updated implementation report can be found here: http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt Thanks to everyone who helped move this forward. -Scott- -----Original Message----- From: ietf-announce-bounces@ietf.org [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG Sent: Wednesday, August 19, 2009 4:01 PM To: IETF-Announce Cc: Internet Architecture Board; RFC Editor Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard The IESG has approved the following document: - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' as a Full Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Alexey Melnikov. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt Technical Summary This set of documents advances EPP to Standard. References have been updated and non-normative text updates have been made. Some clarifications on TLS server sertificate verification were done. Working Group Summary This is the product of an individual submitter, though the working group mailing list of PROVREG (now closed) was used to review the updates to the documents. Document Quality Issues raised by AD review were addressed. There are multiple implementations of the protocol, as described in the implementation report. Personnel Edward Lewis is the document shepherd for this series (draft-hollenbeck-rfc493*bis) of documents. Alexey Melnikov is the responsible Area Director. RFC Editor note: In Section 9, insert a new paragraph after the paragraph starting with "If the server identity check fails". (The new paragraph would be 3rd to the last): During the TLS negotiation, the EPP server MUST verify that the client certificate matches the reference identity previously negotiated out of band, as specified in section 8. The server should match the entire subject name or the subjectAltName as described in RFC 5280. The server MAY enforce other restrictions on the subjectAltName, for example if it knows that a particular client is always connecting from a particular hostname/IP address. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Thu Aug 20 07:27:51 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9043A3A6EF0 for ; Thu, 20 Aug 2009 07:27:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bkMKKF2T-okS for ; Thu, 20 Aug 2009 07:27:50 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 23E223A6C79 for ; Thu, 20 Aug 2009 07:27:49 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KEE6Ye001203 for ; Thu, 20 Aug 2009 16:14:06 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KEE6tm018459 for ietf-provreg-outgoing; Thu, 20 Aug 2009 16:14:06 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from mail.dotandco.com (triglav.dotandco.com [194.242.114.22]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KEE5Nx011703 for ; Thu, 20 Aug 2009 16:14:05 +0200 (MEST) Received: from triglav.dotandco.com (localhost.localdomain [127.0.0.1]) by mail.dotandco.com (8.13.8/8.13.8/Debian-3) with ESMTP id n7KEE5Th015383; Thu, 20 Aug 2009 16:14:05 +0200 Received: from localhost (localhost [[UNIX: localhost]]) by triglav.dotandco.com (8.13.8/8.13.8/Submit) id n7KEE4dW015382; Thu, 20 Aug 2009 16:14:04 +0200 X-Authentication-Warning: triglav.dotandco.com: patrick set sender to provreg@contact.dotandco.com using -f Date: Thu, 20 Aug 2009 16:14:04 +0200 From: Patrick Mevzek To: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Message-ID: <20090820141404.GB5966@home.patoche.org> References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> Organization: Dot And Co User-Agent: Mutt/1.5.18 (2008-05-17) X-Greylist: Sender is SPF-compliant, not delayed by milter-greylist-3.0 (mail.dotandco.com [127.0.0.1]); Thu, 20 Aug 2009 16:14:05 +0200 (CEST) Sender: owner-ietf-provreg@cafax.se Precedence: bulk Hello Scott, Hollenbeck, Scott 2009-08-20 15:10 > 4934bis has been approved by the IESG. That's the last of the document > updates for Full Standard. An updated implementation report can be > found here: > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > Thanks to everyone who helped move this forward. Thanks for your work. If it is still possible (and if not that is no big deal), can you make the following changes: - use the From: email address used here for me in the document and for EPP TLDs: - update .FR as it is used in production now (since March) (I do not know for .SI, I think they are in production too, same for .NO) - add: .NL (being developed) - add: .IT - add: .CO.CZ (status unknown) -- Patrick Mevzek Dot and Co -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Thu Aug 20 08:17:54 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 739C23A6F0B for ; Thu, 20 Aug 2009 08:17:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.467 X-Spam-Level: X-Spam-Status: No, score=-2.467 tagged_above=-999 required=5 tests=[AWL=-0.218, BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2QSYzsfV0CDh for ; Thu, 20 Aug 2009 08:17:53 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 26A103A6EEE for ; Thu, 20 Aug 2009 08:17:52 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KF1sQH001871 for ; Thu, 20 Aug 2009 17:01:54 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KF1s2f001066 for ietf-provreg-outgoing; Thu, 20 Aug 2009 17:01:54 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from osprey.verisign.com (osprey.verisign.com [216.168.239.75]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KF1rOw029470 for ; Thu, 20 Aug 2009 17:01:53 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id n7KEmOZP008334; Thu, 20 Aug 2009 10:48:25 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 Aug 2009 16:01:51 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [ietf-provreg] FW: Protocol Action: 'Extensible ProvisioningProtocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 11:01:46 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C729BB@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <20090820141404.GB5966@home.patoche.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] FW: Protocol Action: 'Extensible ProvisioningProtocol (EPP) Transportover TCP' to Full Standard Thread-Index: AcohpSwm35cL+Y+CQcmHsnxZMvyD4gAAejig References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> <20090820141404.GB5966@home.patoche.org> From: "Hollenbeck, Scott" To: "Patrick Mevzek" , X-OriginalArrivalTime: 20 Aug 2009 15:01:51.0517 (UTC) FILETIME=[260DBCD0:01CA21A7] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7KF1rOw013061 Sender: owner-ietf-provreg@cafax.se Precedence: bulk I just sent an updated report to the Secretariat for posting. -Scott- > -----Original Message----- > From: owner-ietf-provreg@cafax.se > [mailto:owner-ietf-provreg@cafax.se] On Behalf Of Patrick Mevzek > Sent: Thursday, August 20, 2009 10:14 AM > To: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible > ProvisioningProtocol (EPP) Transportover TCP' to Full Standard > > Hello Scott, > > Hollenbeck, Scott 2009-08-20 15:10 > > 4934bis has been approved by the IESG. That's the last of the > > document updates for Full Standard. An updated > implementation report > > can be found here: > > > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > > > Thanks to everyone who helped move this forward. > > Thanks for your work. > > If it is still possible (and if not that is no big deal), can > you make the following changes: > - use the From: email address used here for me in the document > > and for EPP TLDs: > - update .FR as it is used in production now (since March) (I > do not know for .SI, I think they are in production too, same for .NO) > - add: .NL (being developed) > - add: .IT > - add: .CO.CZ (status unknown) > > > > -- > Patrick Mevzek > Dot and Co > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -=-=-=-=-=-=- > List run by majordomo software. For (Un-)subscription and > similar details send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From centersfmm228@82-44-238-82.cable.ubr29.sgyl.blueyonder.co.uk Thu Aug 20 08:57:42 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7606928C123; Thu, 20 Aug 2009 08:57:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -61.942 X-Spam-Level: X-Spam-Status: No, score=-61.942 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_FAKE_RCVD_LINE_B=5.777, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_HCC=4.295, HELO_DYNAMIC_IPADDR2=4.395, HELO_EQ_BLUEYON=1.4, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_DYNAMIC=0.1, TVD_RCVD_IP=1.931, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4WLBexJnVebG; Thu, 20 Aug 2009 08:57:41 -0700 (PDT) Received: from 82-44-238-82.cable.ubr29.sgyl.blueyonder.co.uk (82-44-238-82.cable.ubr29.sgyl.blueyonder.co.uk [82.44.238.82]) by core3.amsl.com (Postfix) with ESMTP id BF4AA28C108; Thu, 20 Aug 2009 08:57:40 -0700 (PDT) Received: from 82.44.238.82 by mx1.biz.mail.yahoo.com; Thu, 20 Aug 2009 15:57:46 +0000 From: "Alejandro Fairman" To: Subject: Now you can earn more Date: Thu, 20 Aug 2009 15:57:46 +0000 Message-ID: <01ca21ae$f5de1980$52ee2c52@centersfmm228> MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807 Importance: Normal Now you are getting a 100% verifiable degree in just 4-5 weeks, with the help of your work experience. You can get Bachelors, Masters or Doctorate degree in a few weeks time. Call us right now 1-305-460-5721 Leave your msg, with your full name and number and we will get back to you shortly. From owner-ietf-provreg@cafax.se Thu Aug 20 09:46:15 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C7AC03A6A4B for ; Thu, 20 Aug 2009 09:46:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n1G+11MAENTO for ; Thu, 20 Aug 2009 09:46:15 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id A44F23A672E for ; Thu, 20 Aug 2009 09:46:14 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KGVamf008266 for ; Thu, 20 Aug 2009 18:31:36 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KGVawJ005099 for ietf-provreg-outgoing; Thu, 20 Aug 2009 18:31:36 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from smtp.cenit.gob.ve (smtp.cenit.gob.ve [150.188.4.71]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KGVYXq010151 for ; Thu, 20 Aug 2009 18:31:35 +0200 (MEST) Received: from [150.186.201.2] (unknown [150.186.201.2]) by smtp.cenit.gob.ve (Postfix) with ESMTP id 0C5A83ED5; Thu, 20 Aug 2009 12:07:20 -0430 (VET) Cc: Message-Id: <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> From: Francisco Obispo To: "Hollenbeck, Scott" In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 12:01:32 -0430 References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> X-Mailer: Apple Mail (2.935.3) Sender: owner-ietf-provreg@cafax.se Precedence: bulk Congratulations,!!.. Good job!. Francisco On Aug 20, 2009, at 8:02 AM, Hollenbeck, Scott wrote: > 4934bis has been approved by the IESG. That's the last of the > document > updates for Full Standard. An updated implementation report can be > found here: > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > Thanks to everyone who helped move this forward. > > -Scott- > > -----Original Message----- > From: ietf-announce-bounces@ietf.org > [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG > Sent: Wednesday, August 19, 2009 4:01 PM > To: IETF-Announce > Cc: Internet Architecture Board; RFC Editor > Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) > Transportover TCP' to Full Standard > > The IESG has approved the following document: > > - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' > as a Full Standard > > This document has been reviewed in the IETF but is not the product > of an > IETF Working Group. > > The IESG contact person is Alexey Melnikov. > > A URL of this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt > > Technical Summary > This set of documents advances EPP to Standard. References > have been updated and non-normative text updates have been made. > Some clarifications on TLS server sertificate verification were done. > > Working Group Summary > This is the product of an individual submitter, though the working > group mailing list of PROVREG (now closed) was used to review the > updates to the documents. > > Document Quality > Issues raised by AD review were addressed. > There are multiple implementations of the protocol, as described in > the implementation report. > > Personnel > Edward Lewis is the document shepherd for this series > (draft-hollenbeck-rfc493*bis) of documents. > Alexey Melnikov is the responsible Area Director. > > RFC Editor note: > > In Section 9, insert a new paragraph after the paragraph starting with > "If the server identity check fails". (The new paragraph would be > 3rd to > the last): > > During the TLS negotiation, the EPP server MUST verify that the client > certificate matches the reference identity previously negotiated out > of > band, as specified in section 8. The server should match the entire > subject name or the subjectAltName as described in RFC 5280. The > server > MAY enforce other restrictions on the subjectAltName, for example if > it > knows that a particular client is always connecting from a particular > hostname/IP address. > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-announce > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =-=-=- > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From owner-ietf-provreg@cafax.se Thu Aug 20 10:19:42 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D3953A6F96 for ; Thu, 20 Aug 2009 10:19:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yg75mu56IIxz for ; Thu, 20 Aug 2009 10:19:41 -0700 (PDT) Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by core3.amsl.com (Postfix) with ESMTP id 6944F3A7013 for ; Thu, 20 Aug 2009 10:19:15 -0700 (PDT) Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KH9Yan026508 for ; Thu, 20 Aug 2009 19:09:34 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KH9YEm013293 for ietf-provreg-outgoing; Thu, 20 Aug 2009 19:09:34 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from abenaki.wabanaki.net (abenaki.wabanaki.net [65.99.1.130]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KH9WWb005348 for ; Thu, 20 Aug 2009 19:09:33 +0200 (MEST) Received: from limpet.local (cpe-67-241-43-7.twcny.res.rr.com [67.241.43.7]) by abenaki.wabanaki.net (8.14.3/8.14.3) with ESMTP id n7KH62KL092061; Thu, 20 Aug 2009 13:06:03 -0400 (EDT) (envelope-from brunner@nic-naa.net) Message-ID: <4A8D8345.3080105@nic-naa.net> Date: Thu, 20 Aug 2009 13:09:25 -0400 From: Eric Brunner-Williams User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Francisco Obispo CC: "Hollenbeck, Scott" , ietf-provreg@cafax.se Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> In-Reply-To: <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-provreg@cafax.se Precedence: bulk +1 Francisco Obispo wrote: > Congratulations,!!.. > > Good job!. > > Francisco > > > On Aug 20, 2009, at 8:02 AM, Hollenbeck, Scott wrote: > >> 4934bis has been approved by the IESG. That's the last of the document >> updates for Full Standard. An updated implementation report can be >> found here: >> >> http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt >> >> Thanks to everyone who helped move this forward. >> >> -Scott- >> >> -----Original Message----- >> From: ietf-announce-bounces@ietf.org >> [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG >> Sent: Wednesday, August 19, 2009 4:01 PM >> To: IETF-Announce >> Cc: Internet Architecture Board; RFC Editor >> Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) >> Transportover TCP' to Full Standard >> >> The IESG has approved the following document: >> >> - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' >> as a Full Standard >> >> This document has been reviewed in the IETF but is not the product of an >> IETF Working Group. >> >> The IESG contact person is Alexey Melnikov. >> >> A URL of this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt >> >> Technical Summary >> This set of documents advances EPP to Standard. References >> have been updated and non-normative text updates have been made. >> Some clarifications on TLS server sertificate verification were done. >> >> Working Group Summary >> This is the product of an individual submitter, though the working >> group mailing list of PROVREG (now closed) was used to review the >> updates to the documents. >> >> Document Quality >> Issues raised by AD review were addressed. >> There are multiple implementations of the protocol, as described in >> the implementation report. >> >> Personnel >> Edward Lewis is the document shepherd for this series >> (draft-hollenbeck-rfc493*bis) of documents. >> Alexey Melnikov is the responsible Area Director. >> >> RFC Editor note: >> >> In Section 9, insert a new paragraph after the paragraph starting with >> "If the server identity check fails". (The new paragraph would be 3rd to >> the last): >> >> During the TLS negotiation, the EPP server MUST verify that the client >> certificate matches the reference identity previously negotiated out of >> band, as specified in section 8. The server should match the entire >> subject name or the subjectAltName as described in RFC 5280. The server >> MAY enforce other restrictions on the subjectAltName, for example if it >> knows that a particular client is always connecting from a particular >> hostname/IP address. >> >> _______________________________________________ >> IETF-Announce mailing list >> IETF-Announce@ietf.org >> https://www.ietf.org/mailman/listinfo/ietf-announce >> >> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> >> List run by majordomo software. For (Un-)subscription and similar >> details >> send "help" to ietf-provreg-request@cafax.se >> >> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se From theodorabt5@i59F76BDE.versanet.de Tue Aug 25 22:53:43 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6D5883A6A9D for ; Tue, 25 Aug 2009 22:53:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.269 X-Spam-Level: X-Spam-Status: No, score=-1.269 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DIET_1=0.083, FH_FAKE_RCVD_LINE_B=5.777, HELO_EQ_DE=0.35, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SBL=20, URIBL_WS_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ypCYw-mjZnd3 for ; Tue, 25 Aug 2009 22:53:42 -0700 (PDT) Received: from i59F76BDE.versanet.de (i59F76BDE.versanet.de [89.247.107.222]) by core3.amsl.com (Postfix) with ESMTP id B90373A6B3C for ; Tue, 25 Aug 2009 22:53:41 -0700 (PDT) Received: from 89.247.107.222 by mail.relyco.com; Wed, 26 Aug 2009 06:53:48 +0100 Date: Wed, 26 Aug 2009 06:53:48 +0100 From: "Edgar M. Wroten" X-Mailer: The Bat! (v3.51) Educational Reply-To: theodorabt5@i59F76BDE.versanet.de X-Priority: 3 (Normal) Message-ID: <796349022.67128386922244@i59F76BDE.versanet.de> To: provreg-archive@ietf.org Subject: you dont have to pay MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit Give it all you've got, lose weight and prevent cancer. http://SMITHABOVE.COM Its free gift from us From michael@algonorganics.co.uk Sat Aug 29 14:56:43 2009 Return-Path: X-Original-To: ietfarch-provreg-archive@core3.amsl.com Delivered-To: ietfarch-provreg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7108D3A6B11 for ; Sat, 29 Aug 2009 14:56:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -19.007 X-Spam-Level: X-Spam-Status: No, score=-19.007 tagged_above=-999 required=5 tests=[BAYES_99=3.5, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, HTML_IMAGE_ONLY_04=2.041, HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_1=0.001, MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_XBL=3.033, RDNS_NONE=0.1, SARE_HTML_A_BODY=0.742, SARE_HTML_IMG_ONLY=1.666, URIBL_AB_SURBL=10, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_OB_SURBL=10, URIBL_RHS_DOB=1.083, URIBL_SC_SURBL=10, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MboawjKuCtk7 for ; Sat, 29 Aug 2009 14:56:37 -0700 (PDT) Received: from 33986.com (unknown [121.246.2.218]) by core3.amsl.com (Postfix) with SMTP id 894E23A6C62 for ; Sat, 29 Aug 2009 14:56:36 -0700 (PDT) To: Subject: Re: Order status From: MIME-Version: 1.0 Importance: High Content-Type: text/html Message-Id: <20090829215636.894E23A6C62@core3.amsl.com> Date: Sat, 29 Aug 2009 14:56:36 -0700 (PDT)

Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KH9Yan026508 for ; Thu, 20 Aug 2009 19:09:34 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KH9YEm013293 for ietf-provreg-outgoing; Thu, 20 Aug 2009 19:09:34 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from abenaki.wabanaki.net (abenaki.wabanaki.net [65.99.1.130]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KH9WWb005348 for ; Thu, 20 Aug 2009 19:09:33 +0200 (MEST) Received: from limpet.local (cpe-67-241-43-7.twcny.res.rr.com [67.241.43.7]) by abenaki.wabanaki.net (8.14.3/8.14.3) with ESMTP id n7KH62KL092061; Thu, 20 Aug 2009 13:06:03 -0400 (EDT) (envelope-from brunner@nic-naa.net) Message-ID: <4A8D8345.3080105@nic-naa.net> Date: Thu, 20 Aug 2009 13:09:25 -0400 From: Eric Brunner-Williams User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605) MIME-Version: 1.0 To: Francisco Obispo CC: "Hollenbeck, Scott" , ietf-provreg@cafax.se Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> In-Reply-To: <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-provreg@cafax.se Precedence: bulk +1 Francisco Obispo wrote: > Congratulations,!!.. > > Good job!. > > Francisco > > > On Aug 20, 2009, at 8:02 AM, Hollenbeck, Scott wrote: > >> 4934bis has been approved by the IESG. That's the last of the document >> updates for Full Standard. An updated implementation report can be >> found here: >> >> http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt >> >> Thanks to everyone who helped move this forward. >> >> -Scott- >> >> -----Original Message----- >> From: ietf-announce-bounces@ietf.org >> [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG >> Sent: Wednesday, August 19, 2009 4:01 PM >> To: IETF-Announce >> Cc: Internet Architecture Board; RFC Editor >> Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) >> Transportover TCP' to Full Standard >> >> The IESG has approved the following document: >> >> - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' >> as a Full Standard >> >> This document has been reviewed in the IETF but is not the product of an >> IETF Working Group. >> >> The IESG contact person is Alexey Melnikov. >> >> A URL of this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt >> >> Technical Summary >> This set of documents advances EPP to Standard. References >> have been updated and non-normative text updates have been made. >> Some clarifications on TLS server sertificate verification were done. >> >> Working Group Summary >> This is the product of an individual submitter, though the working >> group mailing list of PROVREG (now closed) was used to review the >> updates to the documents. >> >> Document Quality >> Issues raised by AD review were addressed. >> There are multiple implementations of the protocol, as described in >> the implementation report. >> >> Personnel >> Edward Lewis is the document shepherd for this series >> (draft-hollenbeck-rfc493*bis) of documents. >> Alexey Melnikov is the responsible Area Director. >> >> RFC Editor note: >> >> In Section 9, insert a new paragraph after the paragraph starting with >> "If the server identity check fails". (The new paragraph would be 3rd to >> the last): >> >> During the TLS negotiation, the EPP server MUST verify that the client >> certificate matches the reference identity previously negotiated out of >> band, as specified in section 8. The server should match the entire >> subject name or the subjectAltName as described in RFC 5280. The server >> MAY enforce other restrictions on the subjectAltName, for example if it >> knows that a particular client is always connecting from a particular >> hostname/IP address. >> >> _______________________________________________ >> IETF-Announce mailing list >> IETF-Announce@ietf.org >> https://www.ietf.org/mailman/listinfo/ietf-announce >> >> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- >> >> List run by majordomo software. For (Un-)subscription and similar >> details >> send "help" to ietf-provreg-request@cafax.se >> >> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KGVamf008266 for ; Thu, 20 Aug 2009 18:31:36 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KGVawJ005099 for ietf-provreg-outgoing; Thu, 20 Aug 2009 18:31:36 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from smtp.cenit.gob.ve (smtp.cenit.gob.ve [150.188.4.71]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KGVYXq010151 for ; Thu, 20 Aug 2009 18:31:35 +0200 (MEST) Received: from [150.186.201.2] (unknown [150.186.201.2]) by smtp.cenit.gob.ve (Postfix) with ESMTP id 0C5A83ED5; Thu, 20 Aug 2009 12:07:20 -0430 (VET) Cc: Message-Id: <1E71A63A-FB53-494D-9DC5-89FAC0742ED5@nic.ve> From: Francisco Obispo To: "Hollenbeck, Scott" In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 12:01:32 -0430 References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> X-Mailer: Apple Mail (2.935.3) Sender: owner-ietf-provreg@cafax.se Precedence: bulk Congratulations,!!.. Good job!. Francisco On Aug 20, 2009, at 8:02 AM, Hollenbeck, Scott wrote: > 4934bis has been approved by the IESG. That's the last of the > document > updates for Full Standard. An updated implementation report can be > found here: > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > Thanks to everyone who helped move this forward. > > -Scott- > > -----Original Message----- > From: ietf-announce-bounces@ietf.org > [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG > Sent: Wednesday, August 19, 2009 4:01 PM > To: IETF-Announce > Cc: Internet Architecture Board; RFC Editor > Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) > Transportover TCP' to Full Standard > > The IESG has approved the following document: > > - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' > as a Full Standard > > This document has been reviewed in the IETF but is not the product > of an > IETF Working Group. > > The IESG contact person is Alexey Melnikov. > > A URL of this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt > > Technical Summary > This set of documents advances EPP to Standard. References > have been updated and non-normative text updates have been made. > Some clarifications on TLS server sertificate verification were done. > > Working Group Summary > This is the product of an individual submitter, though the working > group mailing list of PROVREG (now closed) was used to review the > updates to the documents. > > Document Quality > Issues raised by AD review were addressed. > There are multiple implementations of the protocol, as described in > the implementation report. > > Personnel > Edward Lewis is the document shepherd for this series > (draft-hollenbeck-rfc493*bis) of documents. > Alexey Melnikov is the responsible Area Director. > > RFC Editor note: > > In Section 9, insert a new paragraph after the paragraph starting with > "If the server identity check fails". (The new paragraph would be > 3rd to > the last): > > During the TLS negotiation, the EPP server MUST verify that the client > certificate matches the reference identity previously negotiated out > of > band, as specified in section 8. The server should match the entire > subject name or the subjectAltName as described in RFC 5280. The > server > MAY enforce other restrictions on the subjectAltName, for example if > it > knows that a particular client is always connecting from a particular > hostname/IP address. > > _______________________________________________ > IETF-Announce mailing list > IETF-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/ietf-announce > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =-=-=- > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KF1sQH001871 for ; Thu, 20 Aug 2009 17:01:54 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KF1s2f001066 for ietf-provreg-outgoing; Thu, 20 Aug 2009 17:01:54 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from osprey.verisign.com (osprey.verisign.com [216.168.239.75]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KF1rOw029470 for ; Thu, 20 Aug 2009 17:01:53 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id n7KEmOZP008334; Thu, 20 Aug 2009 10:48:25 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 Aug 2009 16:01:51 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [ietf-provreg] FW: Protocol Action: 'Extensible ProvisioningProtocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 11:01:46 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C729BB@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <20090820141404.GB5966@home.patoche.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] FW: Protocol Action: 'Extensible ProvisioningProtocol (EPP) Transportover TCP' to Full Standard Thread-Index: AcohpSwm35cL+Y+CQcmHsnxZMvyD4gAAejig References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> <20090820141404.GB5966@home.patoche.org> From: "Hollenbeck, Scott" To: "Patrick Mevzek" , X-OriginalArrivalTime: 20 Aug 2009 15:01:51.0517 (UTC) FILETIME=[260DBCD0:01CA21A7] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7KF1rOw013061 Sender: owner-ietf-provreg@cafax.se Precedence: bulk I just sent an updated report to the Secretariat for posting. -Scott- > -----Original Message----- > From: owner-ietf-provreg@cafax.se > [mailto:owner-ietf-provreg@cafax.se] On Behalf Of Patrick Mevzek > Sent: Thursday, August 20, 2009 10:14 AM > To: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible > ProvisioningProtocol (EPP) Transportover TCP' to Full Standard > > Hello Scott, > > Hollenbeck, Scott 2009-08-20 15:10 > > 4934bis has been approved by the IESG. That's the last of the > > document updates for Full Standard. An updated > implementation report > > can be found here: > > > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > > > Thanks to everyone who helped move this forward. > > Thanks for your work. > > If it is still possible (and if not that is no big deal), can > you make the following changes: > - use the From: email address used here for me in the document > > and for EPP TLDs: > - update .FR as it is used in production now (since March) (I > do not know for .SI, I think they are in production too, same for .NO) > - add: .NL (being developed) > - add: .IT > - add: .CO.CZ (status unknown) > > > > -- > Patrick Mevzek > Dot and Co > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -=-=-=-=-=-=- > List run by majordomo software. For (Un-)subscription and > similar details send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KEE6Ye001203 for ; Thu, 20 Aug 2009 16:14:06 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KEE6tm018459 for ietf-provreg-outgoing; Thu, 20 Aug 2009 16:14:06 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from mail.dotandco.com (triglav.dotandco.com [194.242.114.22]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KEE5Nx011703 for ; Thu, 20 Aug 2009 16:14:05 +0200 (MEST) Received: from triglav.dotandco.com (localhost.localdomain [127.0.0.1]) by mail.dotandco.com (8.13.8/8.13.8/Debian-3) with ESMTP id n7KEE5Th015383; Thu, 20 Aug 2009 16:14:05 +0200 Received: from localhost (localhost [[UNIX: localhost]]) by triglav.dotandco.com (8.13.8/8.13.8/Submit) id n7KEE4dW015382; Thu, 20 Aug 2009 16:14:04 +0200 X-Authentication-Warning: triglav.dotandco.com: patrick set sender to provreg@contact.dotandco.com using -f Date: Thu, 20 Aug 2009 16:14:04 +0200 From: Patrick Mevzek To: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Message-ID: <20090820141404.GB5966@home.patoche.org> References: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> Organization: Dot And Co User-Agent: Mutt/1.5.18 (2008-05-17) X-Greylist: Sender is SPF-compliant, not delayed by milter-greylist-3.0 (mail.dotandco.com [127.0.0.1]); Thu, 20 Aug 2009 16:14:05 +0200 (CEST) Sender: owner-ietf-provreg@cafax.se Precedence: bulk Hello Scott, Hollenbeck, Scott 2009-08-20 15:10 > 4934bis has been approved by the IESG. That's the last of the document > updates for Full Standard. An updated implementation report can be > found here: > > http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt > > Thanks to everyone who helped move this forward. Thanks for your work. If it is still possible (and if not that is no big deal), can you make the following changes: - use the From: email address used here for me in the document and for EPP TLDs: - update .FR as it is used in production now (since March) (I do not know for .SI, I think they are in production too, same for .NO) - add: .NL (being developed) - add: .IT - add: .CO.CZ (status unknown) -- Patrick Mevzek Dot and Co -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KCWjf5023204 for ; Thu, 20 Aug 2009 14:32:45 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7KCWjlj023630 for ietf-provreg-outgoing; Thu, 20 Aug 2009 14:32:45 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7KCWisJ002822 for ; Thu, 20 Aug 2009 14:32:44 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7KCWcjB018095 for ; Thu, 20 Aug 2009 08:32:39 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 Aug 2009 13:32:42 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [ietf-provreg] FW: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Date: Thu, 20 Aug 2009 08:32:41 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C7299F@dul1wnexmb01.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard Thread-Index: AcohCAe8oQdBj2flTFipMWRjhQNMaAAie7fA From: "Hollenbeck, Scott" To: X-OriginalArrivalTime: 20 Aug 2009 12:32:42.0277 (UTC) FILETIME=[4FE41550:01CA2192] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7KCWjsJ005151 Sender: owner-ietf-provreg@cafax.se Precedence: bulk 4934bis has been approved by the IESG. That's the last of the document updates for Full Standard. An updated implementation report can be found here: http://www.ietf.org/iesg/implementation/report-rfc4930-4934.txt Thanks to everyone who helped move this forward. -Scott- -----Original Message----- From: ietf-announce-bounces@ietf.org [mailto:ietf-announce-bounces@ietf.org] On Behalf Of The IESG Sent: Wednesday, August 19, 2009 4:01 PM To: IETF-Announce Cc: Internet Architecture Board; RFC Editor Subject: Protocol Action: 'Extensible Provisioning Protocol (EPP) Transportover TCP' to Full Standard The IESG has approved the following document: - 'Extensible Provisioning Protocol (EPP) Transport over TCP ' as a Full Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Alexey Melnikov. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-hollenbeck-rfc4934bis-01.txt Technical Summary This set of documents advances EPP to Standard. References have been updated and non-normative text updates have been made. Some clarifications on TLS server sertificate verification were done. Working Group Summary This is the product of an individual submitter, though the working group mailing list of PROVREG (now closed) was used to review the updates to the documents. Document Quality Issues raised by AD review were addressed. There are multiple implementations of the protocol, as described in the implementation report. Personnel Edward Lewis is the document shepherd for this series (draft-hollenbeck-rfc493*bis) of documents. Alexey Melnikov is the responsible Area Director. RFC Editor note: In Section 9, insert a new paragraph after the paragraph starting with "If the server identity check fails". (The new paragraph would be 3rd to the last): During the TLS negotiation, the EPP server MUST verify that the client certificate matches the reference identity previously negotiated out of band, as specified in section 8. The server should match the entire subject name or the subjectAltName as described in RFC 5280. The server MAY enforce other restrictions on the subjectAltName, for example if it knows that a particular client is always connecting from a particular hostname/IP address. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JGMChc014565 for ; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JGMC3E013062 for ietf-provreg-outgoing; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from clone.registro.br (clone.registro.br [200.160.2.4]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JGMBHl005862 for ; Wed, 19 Aug 2009 18:22:12 +0200 (MEST) Received: by clone.registro.br (Postfix, from userid 1000) id 2625B95873; Wed, 19 Aug 2009 13:22:10 -0300 (BRT) Date: Wed, 19 Aug 2009 13:22:10 -0300 From: Frederico A C Neves To: "Hollenbeck, Scott" Cc: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Message-ID: <20090819162210.GO23252@registro.br> References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <20090819145905.GN23252@registro.br> <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> Sender: owner-ietf-provreg@cafax.se Precedence: bulk On Wed, Aug 19, 2009 at 11:28:36AM -0400, Hollenbeck, Scott wrote: > Great - thanks! Can you tell me how you would want to see your server > implementation identified in the implementation report? Registro.br > -Scott- Fred -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JFScjW021269 for ; Wed, 19 Aug 2009 17:28:38 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JFSclO025446 for ietf-provreg-outgoing; Wed, 19 Aug 2009 17:28:38 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JFSbqT025979 for ; Wed, 19 Aug 2009 17:28:37 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7JFSYp7011891; Wed, 19 Aug 2009 11:28:34 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 19 Aug 2009 16:28:36 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: RE: [ietf-provreg] EPP Server Implementer Help Needed Date: Wed, 19 Aug 2009 11:28:36 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C728D7@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <20090819145905.GN23252@registro.br> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] EPP Server Implementer Help Needed Thread-Index: Acog4UbFGHxt3d/bSJSYyxFWsin2GQAAFT3Q References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <20090819145905.GN23252@registro.br> From: "Hollenbeck, Scott" To: "Frederico A C Neves" , X-OriginalArrivalTime: 19 Aug 2009 15:28:36.0035 (UTC) FILETIME=[B8020130:01CA20E1] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7JFSbqT009093 Sender: owner-ietf-provreg@cafax.se Precedence: bulk Great - thanks! Can you tell me how you would want to see your server implementation identified in the implementation report? -Scott- > -----Original Message----- > From: owner-ietf-provreg@cafax.se > [mailto:owner-ietf-provreg@cafax.se] On Behalf Of Frederico A C Neves > Sent: Wednesday, August 19, 2009 10:59 AM > To: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed > > Scott, > > On Tue, Aug 18, 2009 at 07:16:48AM -0400, Hollenbeck, Scott wrote: > > I still need info from one server implementer that is willing to be > > included in an implementation report and confirm that they have > > implemented the TLS client identification features described in > > section > > 9 of 4934bis. Specifically: > > > > 1. TLS implementations are REQUIRED to support the mandatory cipher > > suite specified in the implemented version: > > > > 2. Mutual client and server authentication using the TLS Handshake > > Protocol is REQUIRED. > > > > 3. Signatures on the complete certification path for both client > > machine and server machine MUST be validated as part of the > TLS handshake. > > > > 4. Information included in the client and server > certificates, such as > > validity periods and machine names, MUST also be validated. > > > > 5. EPP service MUST NOT be granted until successful completion of a > > TLS handshake and certificate validation > > > > Most of these come for free with a good TLS toolkit. Are there any > > server implementers willing to confirm that they've > implemented these > > features? I've already confirmed that VeriSign has > implemented these > > features. > > I could confirm that our server does implement all these features. > > On the client side I could confirm several production > clients. Some using our own client, private implementations > and at least two client using Verising NameStore and Key-Systems. > > Our own client software does almost all checks except the > validation of the server name and the CN on the server > certificate. Next release will include this small patch. > > > -Scott- > > Fred > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -=-=-=-=-=-=- > List run by majordomo software. For (Un-)subscription and > similar details send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JEx8FP006262 for ; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7JEx8al027617 for ietf-provreg-outgoing; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from clone.registro.br (clone.registro.br [200.160.2.4]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7JEx7H3011273 for ; Wed, 19 Aug 2009 16:59:08 +0200 (MEST) Received: by clone.registro.br (Postfix, from userid 1000) id D2FED9584E; Wed, 19 Aug 2009 11:59:05 -0300 (BRT) Date: Wed, 19 Aug 2009 11:59:05 -0300 From: Frederico A C Neves To: ietf-provreg@cafax.se Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Message-ID: <20090819145905.GN23252@registro.br> References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Sender: owner-ietf-provreg@cafax.se Precedence: bulk Scott, On Tue, Aug 18, 2009 at 07:16:48AM -0400, Hollenbeck, Scott wrote: > I still need info from one server implementer that is willing to be > included in an implementation report and confirm that they have > implemented the TLS client identification features described in section > 9 of 4934bis. Specifically: > > 1. TLS implementations are REQUIRED to support the mandatory cipher > suite specified in the implemented version: > > 2. Mutual client and server authentication using the TLS Handshake > Protocol is REQUIRED. > > 3. Signatures on the complete certification path for both client machine > and server machine MUST be validated as part of the TLS handshake. > > 4. Information included in the client and server certificates, such as > validity periods and machine names, MUST also be validated. > > 5. EPP service MUST NOT be granted until successful completion of a TLS > handshake and certificate validation > > Most of these come for free with a good TLS toolkit. Are there any > server implementers willing to confirm that they've implemented these > features? I've already confirmed that VeriSign has implemented these > features. I could confirm that our server does implement all these features. On the client side I could confirm several production clients. Some using our own client, private implementations and at least two client using Verising NameStore and Key-Systems. Our own client software does almost all checks except the validation of the server name and the CN on the server certificate. Next release will include this small patch. > -Scott- Fred -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IGjk1f009472 for ; Tue, 18 Aug 2009 18:45:46 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IGjk4W014498 for ietf-provreg-outgoing; Tue, 18 Aug 2009 18:45:46 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from peregrine.verisign.com (peregrine.verisign.com [216.168.239.74]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IGjjWf023512 for ; Tue, 18 Aug 2009 18:45:45 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id n7IGjhZx032710; Tue, 18 Aug 2009 12:45:43 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Aug 2009 17:45:44 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Subject: RE: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 12:45:43 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C72826@dul1wnexmb01.vcorp.ad.vrsn.com> In-Reply-To: <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [ietf-provreg] EPP Server Implementer Help Needed Thread-Index: AcogHNF4dzT1s3DMSNafSpUgoU0pMwABihGA References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> From: "Hollenbeck, Scott" To: "Francisco Obispo" Cc: X-OriginalArrivalTime: 18 Aug 2009 16:45:44.0213 (UTC) FILETIME=[54342C50:01CA2023] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IGjjWf016491 Sender: owner-ietf-provreg@cafax.se Precedence: bulk TLS was selected because it was thought to provide the best fit for the requirements identified in RFC 3375. -Scott- > -----Original Message----- > From: Francisco Obispo [mailto:fobispo@nic.ve] > Sent: Tuesday, August 18, 2009 11:59 AM > To: Hollenbeck, Scott > Cc: ietf-provreg@cafax.se > Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed > > Hi Scott, > > Although this comment might seem odd, I was wondering, why > the TLS feature is required. > > When I was in charge of .VE we decided not to include any > encryption/ auth features besides regular user/pass simple auth. > > Later on, we decided to use SSL/TLS tunneling with a > sepparate software package, that will provide the encryption > services. At first we used ssh, but stunnel turned out to be > a better solution. > if we were to require stronger encryption, we could start by > introducing other software packages, but taking the > complications outside of the EPP implementation... > > I don´t know if using third party software will comply with > this requirement, because if it does, then it might be a good > idea to switch to that instead. > > Regards > > Francisco > > > > On Aug 18, 2009, at 6:46 AM, Hollenbeck, Scott wrote: > > > I still need info from one server implementer that is willing to be > > included in an implementation report and confirm that they have > > implemented the TLS client identification features described in > > section > > 9 of 4934bis. Specifically: > > > > 1. TLS implementations are REQUIRED to support the mandatory cipher > > suite specified in the implemented version: > > > > 2. Mutual client and server authentication using the TLS Handshake > > Protocol is REQUIRED. > > > > 3. Signatures on the complete certification path for both client > > machine and server machine MUST be validated as part of the TLS > > handshake. > > > > 4. Information included in the client and server > certificates, such as > > validity periods and machine names, MUST also be validated. > > > > 5. EPP service MUST NOT be granted until successful completion of a > > TLS handshake and certificate validation > > > > Most of these come for free with a good TLS toolkit. Are there any > > server implementers willing to confirm that they've > implemented these > > features? I've already confirmed that VeriSign has > implemented these > > features. > > > > -Scott- > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > =-=-=- > > List run by majordomo software. For (Un-)subscription and similar > > details send "help" to ietf-provreg-request@cafax.se > > > > > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IFx6Rx006163 for ; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IFx6VN012314 for ietf-provreg-outgoing; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from smtp.cenit.gob.ve (smtp.cenit.gob.ve [150.188.4.71]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IFx5ai014491 for ; Tue, 18 Aug 2009 17:59:06 +0200 (MEST) Received: from [150.186.201.2] (unknown [150.186.201.2]) by smtp.cenit.gob.ve (Postfix) with ESMTP id 1F2073ED4; Tue, 18 Aug 2009 11:34:37 -0430 (VET) Cc: Message-Id: <642A4A1B-8A8E-4A47-846E-D7D221A39222@nic.ve> From: Francisco Obispo To: "Hollenbeck, Scott" In-Reply-To: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Mime-Version: 1.0 (Apple Message framework v935.3) Subject: Re: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 11:29:03 -0430 References: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> X-Mailer: Apple Mail (2.935.3) Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IFx6ai012980 Sender: owner-ietf-provreg@cafax.se Precedence: bulk Hi Scott, Although this comment might seem odd, I was wondering, why the TLS feature is required. When I was in charge of .VE we decided not to include any encryption/ auth features besides regular user/pass simple auth. Later on, we decided to use SSL/TLS tunneling with a sepparate software package, that will provide the encryption services. At first we used ssh, but stunnel turned out to be a better solution. if we were to require stronger encryption, we could start by introducing other software packages, but taking the complications outside of the EPP implementation... I don´t know if using third party software will comply with this requirement, because if it does, then it might be a good idea to switch to that instead. Regards Francisco On Aug 18, 2009, at 6:46 AM, Hollenbeck, Scott wrote: > I still need info from one server implementer that is willing to be > included in an implementation report and confirm that they have > implemented the TLS client identification features described in > section > 9 of 4934bis. Specifically: > > 1. TLS implementations are REQUIRED to support the mandatory cipher > suite specified in the implemented version: > > 2. Mutual client and server authentication using the TLS Handshake > Protocol is REQUIRED. > > 3. Signatures on the complete certification path for both client > machine > and server machine MUST be validated as part of the TLS handshake. > > 4. Information included in the client and server certificates, such as > validity periods and machine names, MUST also be validated. > > 5. EPP service MUST NOT be granted until successful completion of a > TLS > handshake and certificate validation > > Most of these come for free with a good TLS toolkit. Are there any > server implementers willing to confirm that they've implemented these > features? I've already confirmed that VeriSign has implemented these > features. > > -Scott- > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =-=-=- > List run by majordomo software. For (Un-)subscription and similar > details > send "help" to ietf-provreg-request@cafax.se > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se Return-Path: Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IBGoBJ007524 for ; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) Received: (from majordom@localhost) by nic.cafax.se (8.13.7/8.12.11/Submit) id n7IBGo51011656 for ietf-provreg-outgoing; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-ietf-provreg@cafax.se using -f Received: from osprey.verisign.com (osprey.verisign.com [216.168.239.75]) by nic.cafax.se (8.13.7/8.12.11) with ESMTP id n7IBGn8h011831 for ; Tue, 18 Aug 2009 13:16:50 +0200 (MEST) Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id n7IB3Q9h005239 for ; Tue, 18 Aug 2009 07:03:26 -0400 Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Aug 2009 12:16:48 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Subject: [ietf-provreg] EPP Server Implementer Help Needed Date: Tue, 18 Aug 2009 07:16:48 -0400 Message-ID: <046F43A8D79C794FA4733814869CDF0702C727DD@dul1wnexmb01.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: EPP Server Implementer Help Needed Thread-Index: Acof9WCQ6p4pq/w8S7i3z62KD+oq+Q== From: "Hollenbeck, Scott" To: X-OriginalArrivalTime: 18 Aug 2009 11:16:48.0563 (UTC) FILETIME=[60D6F830:01CA1FF5] Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by nic.cafax.se id n7IBGo8h016055 Sender: owner-ietf-provreg@cafax.se Precedence: bulk I still need info from one server implementer that is willing to be included in an implementation report and confirm that they have implemented the TLS client identification features described in section 9 of 4934bis. Specifically: 1. TLS implementations are REQUIRED to support the mandatory cipher suite specified in the implemented version: 2. Mutual client and server authentication using the TLS Handshake Protocol is REQUIRED. 3. Signatures on the complete certification path for both client machine and server machine MUST be validated as part of the TLS handshake. 4. Information included in the client and server certificates, such as validity periods and machine names, MUST also be validated. 5. EPP service MUST NOT be granted until successful completion of a TLS handshake and certificate validation Most of these come for free with a good TLS toolkit. Are there any server implementers willing to confirm that they've implemented these features? I've already confirmed that VeriSign has implemented these features. -Scott- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- List run by majordomo software. For (Un-)subscription and similar details send "help" to ietf-provreg-request@cafax.se