On Sat, Jan 06, 2018 at 08:01:02PM +0100, Patrick Mevzek <p...@dotandco.com> wrote a message of 77 lines which said:
> * I have mixed feelings about section 10. > Specifically you state: > A trust relationship MUST exist between the EPP client and > server, and provisioning of DNAME delegation MUST only be done after > the identities of both parties have been confirmed using a strong > authentication mechanism. > > Does that mean that provisions in RFC5734 (specifically section 8) are not > enough to provide that? I don't have a strong opinion here. Should the draft be adopted, I would be happy to defer to the WG decision. In the mean time, I see no harm in repeating this. Many RFC have security considerations sections which are as surprising as "remember that water is wet and fire is hot". _______________________________________________ regext mailing list regext@ietf.org https://www.ietf.org/mailman/listinfo/regext