Document Shepherd Writeup
Draft-ietf-login-security-08
Technical Summary
The Extensible Provisioning Protocol (EPP) includes a client authentication
scheme that is based on a user identifier and password. The structure of the
password field is defined by an XML Schema data type that specifies minimum and
maximum password length values, but there are no other provisions for password
management other than changing the password. This document describes an EPP
extension that allows longer passwords to be created and adds additional
security features to the EPP login command and response.
Working Group Summary
The WG discussed this topic in both mailing list and at meetings; there are no
controversies or lack of coverage. The working group agreed to submit this
draft for publication on the Standards Track. There were several in-depth
discussions on password complexity and its indicator ‘[LOGIN-SECURITY]’. The
WG reached consensus on the approach.
Document Quality
There is one registry implementation captured in the Implementation Status
section.
Personnel
Shepherd: Joseph Yee <jyee@afilias.info>
AD: Barry Leiba
Shepherd Comment
The document shepherd reviewed the latest version (-08) of the document and
this document’s discussion both on the mailing list and in meetings (both
REGEXT). The shepherd has no concern on the depth or breadth of the reviews
that have been performed. There are several XML samples and one formal syntax
on the XML. The shepherd ran the syntax check against the XML in section 5.1
Formal Syntax and found no error.
IPR
There is no IPR disclosure regarding this draft.