[Ietf-not43] -02 c's and q's...
Andrew Newton
anewton@verisignlabs.com
Wed, 06 Nov 2002 14:50:03 -0500
Ross Wm. Rader wrote:
> I understand now. What about something like this;
>
> "The service MUST NOT require any Internet registries to participate in
> specific authentication systems. The service SHOULD allow the participation
> by an Internet registry in federated, distributed authentication system of
> their choosing." followed by the note you suggest above?
Sounds good to me.
>>There was a concern from the particpants in Yokahama that abusive users
>>would take advantage of a service that allows them to know in advance if
>>they are allowed to issue a query. In other words, they don't want the
>>service to advertise its policy because it leads to abuse.
>
>
> This makes a strong case to allow a toggle for the behaviour
> (advertise/no-advertise) and let the policy-wonks sort out the details
> during implementation.
This is an interesting point. Are you asking that the requirement be
changed so that the service has the capability to advertise usage policy
depending on the paramters desired by the operator?
-andy