idnits 2.17.00 (12 Aug 2021) /tmp/idnits18563/draft-ietf-regext-epp-eai-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document date (3 April 2022) is 41 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 0 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Belyavskiy 3 Internet-Draft 4 Intended status: Standards Track J. Gould 5 Expires: 5 October 2022 VeriSign, Inc. 6 3 April 2022 8 Use of Internationalized Email Addresses in the Extensible Provisioning 9 Protocol (EPP) 10 draft-ietf-regext-epp-eai-08 12 Abstract 14 This document describes an EPP extension that permits usage of 15 Internationalized Email Addresses in the EPP protocol and specifies 16 the terms when it can be used by EPP clients and servers. The 17 Extensible Provisioning Protocol (EPP), being developed before 18 appearing the standards for Internationalized Email Addresses (EAI), 19 does not support such email addresses. 21 TO BE REMOVED on turning to RFC: The document is edited in the 22 dedicated github repo (https://github.com/beldmit/eppeai). Please 23 send your submissions via GitHub. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on 5 October 2022. 42 Copyright Notice 44 Copyright (c) 2022 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 49 license-info) in effect on the date of publication of this document. 50 Please review these documents carefully, as they describe your rights 51 and restrictions with respect to this document. Code Components 52 extracted from this document must include Revised BSD License text as 53 described in Section 4.e of the Trust Legal Provisions and are 54 provided without warranty as described in the Revised BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 1.1. Conventions Used in This Document . . . . . . . . . . . . 3 60 2. Migrating to Newer Versions of This Extension . . . . . . . . 3 61 3. Email Address Specification . . . . . . . . . . . . . . . . . 4 62 4. Functional Extension . . . . . . . . . . . . . . . . . . . . 4 63 5. Internationalized Email Addresses (EAI) Functional 64 Extension . . . . . . . . . . . . . . . . . . . . . . . . 5 65 5.1. Scope of Functional Extension . . . . . . . . . . . . . . 5 66 5.2. Signaling Client and Server Support . . . . . . . . . . . 5 67 5.3. Functional Extension Behavior . . . . . . . . . . . . . . 5 68 5.3.1. EAI Functional Extension Negotiated . . . . . . . . . 5 69 5.3.2. EAI Functional Extension Not Negotiated . . . . . . . 6 70 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 71 6.1. XML Namespace . . . . . . . . . . . . . . . . . . . . . . 7 72 6.2. EPP Extension Registry . . . . . . . . . . . . . . . . . 7 73 7. Implementation Status . . . . . . . . . . . . . . . . . . . . 8 74 7.1. Verisign EPP SDK . . . . . . . . . . . . . . . . . . . . 8 75 8. Security Considerations . . . . . . . . . . . . . . . . . . . 9 76 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 77 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 78 10.1. Normative References . . . . . . . . . . . . . . . . . . 9 79 10.2. Informative References . . . . . . . . . . . . . . . . . 10 80 Appendix A. Change History . . . . . . . . . . . . . . . . . . . 10 81 A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 11 82 A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 11 83 A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 11 84 A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 11 85 A.5. Change from 04 to the regext 01 version . . . . . . . . . 11 86 A.6. Change from the regext 01 to regext 02 version . . . . . 11 87 A.7. Change from the regext 02 to regext 03 version . . . . . 11 88 A.8. Change from the regext 03 to regext 04 version . . . . . 12 89 A.9. Change from the regext 04 to regext 05 version . . . . . 12 90 A.10. Change from the regext 05 to regext 06 version . . . . . 12 91 A.11. Change from the regext 06 to regext 07 version . . . . . 12 92 A.12. Change from the regext 07 to regext 08 version . . . . . 12 93 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 95 1. Introduction 97 [RFC6530] introduced the framework for Internationalized Email 98 Addresses. To make such addresses more widely accepted, the changes 99 to various protocols need to be introduced. 101 This document describes an Extensible Provisioning Protocol (EPP) 102 extension that permits usage of Internationalized Email Addresses in 103 the EPP protocol and specifies the terms when it can be used by EPP 104 clients and servers. A new form of EPP extension, referred to as a 105 Functional Extension, is defined and used to apply the rules for the 106 handling of email address elements in all of the [RFC5730] extensions 107 negotiated in the EPP session, which include the object and command- 108 responses extensions. The described mechanism can be applied to any 109 object or command-response extension that uses an email address. 111 The Extensible Provisioning Protocol (EPP) specified in [RFC5730] is 112 a base document for object management operations and an extensible 113 framework that maps protocol operations to objects. The specifics of 114 various objects managed via EPP is described in separate documents. 115 This document is only referring to an email address as a property of 116 a managed object, such as the element in the EPP 117 contact mapping [RFC5733] or the element in the EPP 118 organization mapping [RFC8543], and command-response extensions 119 applied to a managed object. 121 1.1. Conventions Used in This Document 123 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 124 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 125 "OPTIONAL" in this document are to be interpreted as described in BCP 126 14 [RFC2119] [RFC8174] when, and only when, they appear in all 127 capitals, as shown here. 129 2. Migrating to Newer Versions of This Extension 131 Servers that implement this extension SHOULD provide a way for 132 clients to progressively update their implementations when a new 133 version of the extension is deployed. A newer version of the 134 extension is expected to use an XML namespace with a higher version 135 number than the prior versions. 137 3. Email Address Specification 139 Support of non-ASCII email address syntax is defined in RFC 6530 140 [RFC6530]. This mapping does not prescribe minimum or maximum 141 lengths for character strings used to represent email addresses. The 142 exact syntax of such addresses is described in Section 3.3 of 143 [RFC6531]. The validation rules introduced in RFC 6531 are 144 considered to be followed. 146 The definition of email address in the EPP RFCs, including 147 Section 2.6 of [RFC5733] and Section 4.1.2, 4.2.1, and 4.2.5 of 148 [RFC8543], references [RFC5322] for the email address syntax. The 149 XML schema definition in Section 4 of [RFC5733] and Section 5 of 150 [RFC8543] defines the "email" element using the type 151 "eppcom:minTokenType", which is defined in Section 4.2 of [RFC5730] 152 as an XML schema "token" type with minimal length of one. The XML 153 schema "token" type will fully support the use of EAI addresses, so 154 the primary application of the EAI extension is to apply the use of 155 [RFC6531] instead of [RFC5322] for the email address syntax. Other 156 EPP extensions may follow the formal syntax definition using the XML 157 schema type "eppcom:minTokenType" and the [RFC5322] format 158 specification, where this extension applies to all EPP extensions 159 with the same or similar definitions. 161 The email address format is formally defined in Section 3.4.1 of 162 [RFC5322], which only consists of printable US-ASCII characters for 163 both the local-part and the domain ABNF rules. [RFC6531] extends the 164 Mailbox, Local-part and Domain ABNF rules in [RFC5321] to support 165 "UTF8-non-ascii", defined in Section 3.1 of [RFC6532], for the local- 166 part and U-label, defined in Section 2.3.2.1 of [RFC5890], for the 167 domain. By applying the syntax rules of [RFC5322], the EPP 168 extensions will change from supporting only ASCII characters to 169 supporting Internationalized characters both in the email address 170 local-part and domain-part. 172 4. Functional Extension 174 [RFC5730] defines three types of extensions at the protocol, object, 175 and command-response level, which impact the structure of the EPP 176 messages. A Functional Extension applies a functional capability to 177 an existing set of EPP extensions and properties. The scope of the 178 applicable EPP extensions and applicable extension properties are 179 defined in the Functional Extension along with the requirements for 180 the servers and clients that support it. The Functional Extension 181 needs to cover the expected behavior of the supporting client or 182 server when interacting with an unsupporting client or server. 183 Negotiating support for a Functional Extension is handled using the 184 EPP Greeting and EPP Login services. 186 5. Internationalized Email Addresses (EAI) Functional Extension 188 5.1. Scope of Functional Extension 190 The functional extension applies to all object extensions and 191 command-response extensions negotiated in the EPP session that 192 include email address properties. Examples include the 193 element in the EPP contact mapping [RFC5733] or the 194 element in the EPP organization mapping [RFC8543]. All 195 registry zones (e.g., top-level domains) authorized for the client in 196 the EPP session apply. There is no concept of a per-client, per- 197 zone, per-extension, or per-field setting that is used to indicate 198 support for EAI, but instead it's a global setting that applies to 199 the EPP session. 201 5.2. Signaling Client and Server Support 203 The client and the server can signal support for the functional 204 extension using a namespace URI in the login and greeting extension 205 services respectively. The namespace URI 206 "urn:ietf:params:xml:ns:epp:eai-1.0" is used to signal support for 207 the functional extension. The client includes the namespace URI in 208 an element of the [RFC5730] Command. 209 The server includes the namespace URI in an 210 element of the [RFC5730] Greeting. 212 5.3. Functional Extension Behavior 214 5.3.1. EAI Functional Extension Negotiated 216 If both client and server have indicated the support of the EAI 217 addresses during the session establishment, it implies possibility to 218 process the EAI address in any message having an email property 219 during the established EPP session. Below are the server and client 220 obligations when the EAI extension has been successfuly negotiated in 221 the EPP session. 223 The server MUST satisfy the following obligations when the EAI 224 extension has been negotiated: 226 * Accept EAI compatible addresses for all email properties in the 227 EPP session negotiated object extensions and command-response 228 extensions. For example the element in [RFC5733] 229 and the element in [RFC8543]. 231 * Accept EAI compatible addresses for all registry zones (e.g., top- 232 level domains) authorized for the client in the EPP session. 234 * Email address validation based on EAI validation rules defined in 235 Section 3 237 * Storage of email properties that support internationalized 238 characters. 240 * Return EAI compatible addresses for all email properties in the 241 EPP responses. 243 The client MUST satisfy the following obligations when THE EAI 244 extension has been negotiated: 246 * Provide EAI compatible addresses for all e-mail properties in the 247 EPP session negotiated object extensions and command-response 248 extensions. For example the element in [RFC5733] 249 and the element in [RFC8543]. 251 * Provide EAI compatible addresses for all registry zones (e.g., 252 top-level domains) authorized for the client in the EPP session. 254 * Accept EAI compatible addresses in the EPP responses for all email 255 properties in the EPP session negotiated object extensions and 256 command-response extensions. 258 5.3.2. EAI Functional Extension Not Negotiated 260 The lack of EAI support can cause data and functional issues, so an 261 EAI supporting client or server needs to handle cases where the 262 opposite party doesn't support EAI. Below are the server and client 263 obligations when the EAI extension is not negotiated due to the lack 264 of support by the peer. 266 The EAI supporting server MUST satisfy the following obligations when 267 the client does not support the EAI extension: 269 * When the email property is required in the EPP command, the server 270 SHOULD validate the email property sent by the client using the 271 ASCII email validation rules. 273 * When the email property is optional in the EPP command, if the 274 client supplies the email property the server SHOULD validate the 275 email property using the ASCII email validation rules. 277 * When the email property is required in the EPP response, the 278 server MUST validate whether the email property is an EAI address 279 and if so return the error code 2308 "Data management policy 280 violation". 282 * When the email property is optional in the EPP response and is 283 provided, the server MUST validate whether the email property is 284 an EAI address and if so return the error code 2308 "Data 285 management policy violation". 287 The EAI supporting client MUST satisfy the following obligations when 288 the server does not support the EAI extension: 290 * When the email property is required in the EPP command and the 291 email property is an EAI address, the client MUST provide an ASCII 292 email address. The provided email address should provide a way to 293 contact the registrant. It can be a secondary ASCII email address 294 or registrar-provided proxy email address. 296 * When the email property is optional in the EPP command and the 297 email property is an EAI address with no alternative ASCII 298 address, the client SHOULD omit the email property. If the email 299 property is provided, the client MUST provide an ASCII email 300 address. The provided email address should provide a way to 301 contact the registrant. It can be a secondary ASCII email address 302 or registrar-provided proxy email address. 304 6. IANA Considerations 306 6.1. XML Namespace 308 This document uses URNs to describe XML namespaces and XML schemas 309 conforming to a registry mechanism described in RFC 3688 [RFC3688]. 310 The following URI assignment should be made by IANA: 312 Registration request for the eai namespace: 314 URI: urn:ietf:params:xml:ns:epp:eai-1.0 315 Registrant Contact: IESG 316 XML: None. Namespace URIs do not represent an XML specification. 318 Registration request for the eai XML Schema: 320 URI: urn:ietf:params:xml:schema:epp:eai-1.0 321 Registrant Contact: IESG 322 XML: See the "Formal Syntax" section of this document. 324 6.2. EPP Extension Registry 326 The EPP extension described in this document should be registered by 327 IANA in the "Extensions for the Extensible Provisioning Protocol 328 (EPP)" registry described in RFC 7451 [RFC7451]. The details of the 329 registration are as follows: 331 Name of Extension: Use of Internationalized Email Addresses 332 in EPP protocol 333 Document status: Standards Track 334 Reference: TBA 335 Registrant Name and Email Address: IESG, 336 Top-Level Domains(TLDs): Any 337 IPR Disclosure: None 338 Status: Active 339 Notes: None 341 7. Implementation Status 343 Note to RFC Editor: Please remove this section and the reference to 344 RFC 7942 [RFC7942] before publication. 346 This section records the status of known implementations of the 347 protocol defined by this specification at the time of posting of this 348 Internet-Draft, and is based on a proposal described in RFC 7942 349 [RFC7942]. The description of implementations in this section is 350 intended to assist the IETF in its decision processes in progressing 351 drafts to RFCs. Please note that the listing of any individual 352 implementation here does not imply endorsement by the IETF. 353 Furthermore, no effort has been spent to verify the information 354 presented here that was supplied by IETF contributors. This is not 355 intended as, and must not be construed to be, a catalog of available 356 implementations or their features. Readers are advised to note that 357 other implementations may exist. 359 According to RFC 7942 [RFC7942], "this will allow reviewers and 360 working groups to assign due consideration to documents that have the 361 benefit of running code, which may serve as evidence of valuable 362 experimentation and feedback that have made the implemented protocols 363 more mature. It is up to the individual working groups to use this 364 information as they see fit". 366 7.1. Verisign EPP SDK 368 Organization: Verisign Inc. 370 Name: Verisign EPP SDK 372 Description: The Verisign EPP SDK includes both a full client 373 implementation and a full server stub implementation of draft-ietf- 374 regext-epp-eai. 376 Level of maturity: Development 378 Coverage: All aspects of the protocol are implemented. 380 Licensing: GNU Lesser General Public License 382 Contact: jgould@verisign.com 384 URL: https://www.verisign.com/en_US/channel-resources/domain- 385 registry-products/epp-sdks 387 8. Security Considerations 389 Registries SHOULD validate the domain names syntax in the provided 390 email addresses to reduce the risk of future usability errors. It is 391 RECOMMENDED to validate all code points in the domain names according 392 to IDNA2008 [RFC5892]. 394 9. Acknowledgments 396 The authors would like to thank Alexander Mayrhofer, Gustavo Lozano, 397 Jody Kolker, John Levine, Klaus Malorny, Marco Schrieck, Mario 398 Loffredo, Patrick Mevzek, Scott Hollenbeck, Taras Heichenko, and 399 Thomas Corte for their careful review and valuable comments. 401 10. References 403 10.1. Normative References 405 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 406 Requirement Levels", BCP 14, RFC 2119, 407 DOI 10.27487/RFC2119, March 1997, 408 . 410 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 411 DOI 10.27487/RFC3688, January 2004, 412 . 414 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 415 DOI 10.17487/RFC5321, October 2008, 416 . 418 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 419 DOI 10.17487/RFC5322, October 2008, 420 . 422 [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", 423 STD 69, RFC 5730, DOI 10.27487/RFC5730, August 2009, 424 . 426 [RFC5733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) 427 Contact Mapping", STD 69, RFC 5733, DOI 10.27487/RFC5733, 428 August 2009, . 430 [RFC5890] Klensin, J., "Internationalized Domain Names for 431 Applications (IDNA): Definitions and Document Framework", 432 RFC 5890, DOI 10.17487/RFC5890, August 2010, 433 . 435 [RFC6530] Klensin, J. and Y. Ko, "Overview and Framework for 436 Internationalized Email", RFC 6530, DOI 10.27487/RFC6530, 437 February 2012, . 439 [RFC6531] Yao, J. and W. Mao, "SMTP Extension for Internationalized 440 Email", RFC 6531, DOI 10.17487/RFC6531, February 2012, 441 . 443 [RFC6532] Yang, A., Steele, S., and N. Freed, "Internationalized 444 Email Headers", RFC 6532, DOI 10.17487/RFC6532, February 445 2012, . 447 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 448 Code: The Implementation Status Section", BCP 205, 449 RFC 7942, DOI 10.17487/RFC7942, July 2016, 450 . 452 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 453 2119 Key Words", BCP 14, RFC 8174, DOI 10.27487/RFC8174, 454 May 2017, . 456 10.2. Informative References 458 [RFC5892] Faltstrom, P., Ed., "The Unicode Code Points and 459 Internationalized Domain Names for Applications (IDNA)", 460 RFC 5892, DOI 10.27487/RFC5892, August 2010, 461 . 463 [RFC7451] Hollenbeck, S., "Extension Registry for the Extensible 464 Provisioning Protocol", RFC 7451, DOI 10.27487/RFC7451, 465 February 2015, . 467 [RFC8543] Zhou, L., Kong, N., Yao, J., Gould, J., and G. Zhou, 468 "Extensible Provisioning Protocol (EPP) Organization 469 Mapping", RFC 8543, DOI 10.27487/RFC8543, March 2019, 470 . 472 Appendix A. Change History 473 A.1. Change from 00 to 01 475 1. Changed from update of RFC 5733 to use the "Placeholder Text and 476 a New Email Element" EPP Extension approach. 478 A.2. Change from 01 to 02 480 1. Fixed the XML schema and the XML examples based on validating 481 them. 483 2. Added James Gould as co-author. 485 3. Updated the language to apply to any EPP object mapping and to 486 use the EPP contact mapping as an example. 488 4. Updated the structure of document to be consistent with the other 489 Command-Response Extensions. 491 5. Replaced the use of "eppEAI" in the XML namespace and the XML 492 namespace prefix with "eai". 494 6. Changed to use a pointed XML namespace with "0.2" instead of 495 "1.0". 497 A.3. Change from 02 to 03 499 1. The approach has changed to use the concept of Functional EPP 500 Extension. 502 2. The examples are removed 504 A.4. Change from 03 to 04 506 1. More detailed reference to email syntax is provided 508 2. The shortened eai namespace reference is removed 510 A.5. Change from 04 to the regext 01 version 512 1. Provided the recommended placeholder value 514 A.6. Change from the regext 01 to regext 02 version 516 1. Removed the concept of the placeholder value 518 A.7. Change from the regext 02 to regext 03 version 519 1. Changed to use a pointed XML namespace with "0.3" instead of 520 "0.2". 522 2. Some wording improvements 524 A.8. Change from the regext 03 to regext 04 version 526 1. Some nitpicking 528 A.9. Change from the regext 04 to regext 05 version 530 1. Some nitpicking 532 2. The "Implementation considerations" section is removed 534 A.10. Change from the regext 05 to regext 06 version 536 1. Some nitpicking 538 A.11. Change from the regext 06 to regext 07 version 540 1. Namespace version set to 1.0 542 A.12. Change from the regext 07 to regext 08 version 544 1. Information about implementations is provided. 546 2. Acknowledgments section is added. 548 3. Reference to RFC 7451 is moved to Informative. 550 4. IPR information is provided 552 5. Sections are reordered to align with the other regext documents 554 Authors' Addresses 556 Dmitry Belyavskiy 557 8 marta st. 558 Moscow 559 127083 560 Russian Federation 561 Phone: +7 916 262 5593 562 Email: beldmit@gmail.com 563 James Gould 564 VeriSign, Inc. 565 12061 Bluemont Way 566 Reston, VA 20190 567 United States of America 568 Email: jgould@verisign.com 569 URI: http://www.verisigninc.com