From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc3731.txt | 2523 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 2523 insertions(+) create mode 100644 doc/rfc/rfc3731.txt (limited to 'doc/rfc/rfc3731.txt') diff --git a/doc/rfc/rfc3731.txt b/doc/rfc/rfc3731.txt new file mode 100644 index 0000000..c18e0df --- /dev/null +++ b/doc/rfc/rfc3731.txt @@ -0,0 +1,2523 @@ + + + + + + +Network Working Group S. Hollenbeck +Request for Comments: 3731 VeriSign, Inc. +Category: Standards Track March 2004 + + + Extensible Provisioning Protocol (EPP) Domain Name Mapping + +Status of this Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2004). All Rights Reserved. + +Abstract + + This document describes an Extensible Provisioning Protocol (EPP) + mapping for the provisioning and management of Internet domain names + stored in a shared central repository. Specified in XML, the mapping + defines EPP command syntax and semantics as applied to domain names. + +Table of Contents + + 1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . 2 + 1.1. Relationship of Domain Objects and Host Objects . . . . 2 + 1.2. Conventions Used In This Document . . . . . . . . . . . 4 + 2. Object Attributes . . . . . . . . . . . . . . . . . . . . . . 4 + 2.1. Domain and Host Names . . . . . . . . . . . . . . . . . 4 + 2.2. Contact and Client Identifiers. . . . . . . . . . . . . 5 + 2.3. Status Values . . . . . . . . . . . . . . . . . . . . . 5 + 2.4. Dates and Times . . . . . . . . . . . . . . . . . . . . 7 + 2.5. Validity Periods. . . . . . . . . . . . . . . . . . . . 7 + 2.6. Authorization Information . . . . . . . . . . . . . . . 7 + 2.7. Other DNS Resource Record Attributes. . . . . . . . . . 7 + 3. EPP Command Mapping . . . . . . . . . . . . . . . . . . . . . 8 + 3.1. EPP Query Commands. . . . . . . . . . . . . . . . . . . 8 + 3.1.1. EPP Command . . . . . . . . . . . . . . 8 + 3.1.2. EPP Command. . . . . . . . . . . . . . . 10 + 3.1.3. EPP Query Command. . . . . . . . . . 16 + 3.2. EPP Transform Commands. . . . . . . . . . . . . . . . . 18 + 3.2.1. EPP Command. . . . . . . . . . . . . . 19 + 3.2.2. EPP Command. . . . . . . . . . . . . . 21 + 3.2.3. EPP Command . . . . . . . . . . . . . . 23 + + + +Hollenbeck Standards Track [Page 1] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + 3.2.4. EPP Command. . . . . . . . . . . . . 24 + 3.2.5. EPP Command. . . . . . . . . . . . . . 27 + 3.2.6. Offline Review of Requested Actions . . . . . . 29 + 4. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 32 + 5. Internationalization Considerations . . . . . . . . . . . . . 41 + 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 42 + 7. Security Considerations . . . . . . . . . . . . . . . . . . . 42 + 8. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . 42 + 9. References. . . . . . . . . . . . . . . . . . . . . . . . . . 43 + 9.1. Normative References. . . . . . . . . . . . . . . . . . 43 + 9.2. Informative References. . . . . . . . . . . . . . . . . 43 + 10. Author's Address. . . . . . . . . . . . . . . . . . . . . . . 44 + 11. Full Copyright Statement. . . . . . . . . . . . . . . . . . . 45 + +1. Introduction + + This document describes an Internet domain name mapping for version + 1.0 of the Extensible Provisioning Protocol (EPP). This mapping is + specified using the Extensible Markup Language (XML) 1.0 as described + in [XML] and XML Schema notation as described in [XMLS-1] and + [XMLS-2]. + + [RFC3730] provides a complete description of EPP command and response + structures. A thorough understanding of the base protocol + specification is necessary to understand the mapping described in + this document. + + XML is case sensitive. Unless stated otherwise, XML specifications + and examples provided in this document MUST be interpreted in the + character case presented to develop a conforming implementation. + +1.1. Relationship of Domain Objects and Host Objects + + The EPP mapping for host objects is described in [RFC3732]. This + document assumes that domain name objects have a superordinate + relationship to subordinate host name objects. For example, domain + name "example.com" has a superordinate relationship to host name + "ns1.example.com". EPP actions (such as object transfers) that do + not preserve this relationship MUST be explicitly disallowed. + + A host name object can be created in a repository for which no + superordinate domain name object exists. For example, host name + "ns1.example.com" can be created in the ".example" repository so that + DNS domains in ".example" can be delegated to the host. Such hosts + are described as "external" hosts in this specification since the + name of the host does not belong to the name space of the repository + in which the host is being used for delegation purposes. + + + + +Hollenbeck Standards Track [Page 2] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Whether a host is external or internal relates to the repository in + which the host is being used for delegation purposes. Whether an + internal host is subordinate or not relates to a domain within the + repository. For example, host ns1.example1.com is a subordinate host + of domain example1.com, but it is a not a subordinate host of domain + example2.com. ns1.example1.com can be used as a name server for + example2.com. In this case, ns1.example1.com MUST be treated as an + internal host, subject to the rules governing operations on + subordinate hosts within the same repository. + + Name server hosts for domain delegation can be specified as either + references to existing host objects or as domain attributes that + describe a host machine. A server operator MUST use one name server + specification form consistently. A server operator that announces + support for host objects in an EPP greeting MUST NOT allow domain + attributes to describe a name server host machine. A server operator + that does not announce support for host objects MUST allow domain + attributes to describe a name server host machine. When domain + attributes are used to describe a name server host machine, IP + addresses SHOULD be required only as needed to generate DNS glue + records. + + Name servers are specified within a element. This + element MUST contain one or more elements or one or + more elements. A element contains + the fully qualified name of a known name server host object. A + element contains the following child elements: + + - A element that contains the fully qualified name + of a host. + + - Zero or more OPTIONAL elements that contain the + IP addresses to be associated with the host. Each element MAY + contain an "ip" attribute to identify the IP address format. + Attribute value "v4" is used to note IPv4 address format. + Attribute value "v6" is used to note IPv6 address format. If the + "ip" attribute is not specified, "v4" is the default attribute + value. IP address syntax requirements are described in Section + 2.5 of the EPP host mapping [RFC3732]. + + Example host object name server elements for domain example.com: + + + ns1.example.com + ns1.example.net + + + + + + +Hollenbeck Standards Track [Page 3] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example host attribute name server elements for domain example.com: + + + + ns1.example.com + 192.0.2.2 + 1080:0:0:0:8:800:200C:417A + + + ns1.example.net + + + +1.2. Conventions Used In This Document + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this + document are to be interpreted as described in [RFC2119]. + + In examples, "C:" represents lines sent by a protocol client and "S:" + represents lines returned by a protocol server. Indentation and + white space in examples is provided only to illustrate element + relationships and is not a REQUIRED feature of this protocol. + +2. Object Attributes + + An EPP domain object has attributes and associated values that can be + viewed and modified by the sponsoring client or the server. This + section describes each attribute type in detail. The formal syntax + for the attribute values described here can be found in the "Formal + Syntax" section of this document and in the appropriate normative + references. + +2.1. Domain and Host Names + + The syntax for domain and host names described in this document MUST + conform to [RFC952] as updated by [RFC1123]. At the time of this + writing, RFC 3490 [RFC3490] describes a standard to use certain ASCII + name labels to represent non-ASCII name labels. These conformance + requirements might change as a result of progressing work in + developing standards for internationalized domain names. A server + MAY restrict allowable domain names to a particular top level domain, + second level domain, or other domain for which the server is + authoritative. The trailing dot required when these names are stored + in a DNS zone is implicit and MUST NOT be provided when exchanging + host and domain names. + + + +Hollenbeck Standards Track [Page 4] + +RFC 3731 EPP Domain Name Mapping March 2004 + + +2.2. Contact and Client Identifiers + + All EPP contacts are identified by a server-unique identifier. + Contact identifiers are character strings with a specified minimum + length, a specified maximum length, and a specified format. Contact + identifiers use the "clIDType" client identifier syntax described in + [RFC3730]. + +2.3. Status Values + + A domain object MUST always have at least one associated status + value. Status values can be set only by the client that sponsors a + domain object and by the server on which the object resides. A + client can change the status of a domain object using the EPP + command. Each status value MAY be accompanied by a string + of human-readable text that describes the rationale for the status + applied to the object. + + A client MUST NOT alter status values set by the server. A server + MAY alter or override status values set by a client subject to local + server policies. The status of an object MAY change as a result of + either a client-initiated transform command or an action performed by + a server operator. + + Status values that can be added or removed by a client are prefixed + with "client". Corresponding status values that can be added or + removed by a server are prefixed with "server". Status values that + do not begin with either "client" or "server" are server-managed. + + Status Value Descriptions: + + - clientDeleteProhibited, serverDeleteProhibited + + Requests to delete the object MUST be rejected. + + - clientHold, serverHold + + DNS delegation information MUST NOT be published for the object. + + - clientRenewProhibited, serverRenewProhibited + + Requests to renew the object MUST be rejected. + + - clientTransferProhibited, serverTransferProhibited + + Requests to transfer the object MUST be rejected. + + + + + +Hollenbeck Standards Track [Page 5] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + - clientUpdateProhibited, serverUpdateProhibited + + Requests to update the object (other than to remove this status) MUST + be rejected. + + - inactive + + Delegation information has not been associated with the object. + + - ok + + This is the normal status value for an object that has no pending + operations or prohibitions. This value is set and removed by the + server as other status values are added or removed. + + - pendingCreate, pendingDelete, pendingRenew, pendingTransfer, + pendingUpdate + + A transform command has been processed for the object, but the action + has not been completed by the server. Server operators can delay + action completion for a variety of reasons, such as to allow for + human review or third-party action. A transform command that is + processed, but whose requested action is pending, is noted with + response code 1001. + + With one exception, transform commands MUST be rejected when a + pendingCreate, pendingDelete, pendingRenew, pendingTransfer, or + pendingUpdate status is set. The only exception is that a + command to approve, reject, or cancel a transfer MAY be processed + while an object is in "pendingTransfer" status. + + When the requested action has been completed, the pendingCreate, + pendingDelete, pendingRenew, pendingTransfer, or pendingUpdate status + value MUST be removed. All clients involved in the transaction MUST + be notified using a service message that the action has been + completed and that the status of the object has changed. + + "ok" status MUST NOT be combined with any other status. + + "pendingDelete" status MUST NOT be combined with either + "clientDeleteProhibited" or "serverDeleteProhibited" status. + + "pendingRenew" status MUST NOT be combined with either + "clientRenewProhibited" or "serverRenewProhibited" status. + + "pendingTransfer" status MUST NOT be combined with either + "clientTransferProhibited" or "serverTransferProhibited" status. + + + + +Hollenbeck Standards Track [Page 6] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + "pendingUpdate" status MUST NOT be combined with either + "clientUpdateProhibited" or "serverUpdateProhibited" status. + + The pendingCreate, pendingDelete, pendingRenew, pendingTransfer, and + pendingUpdate status values MUST NOT be combined with each other. + + Other status combinations not expressly prohibited MAY be used. + +2.4. Dates and Times + + Date and time attribute values MUST be represented in Universal + Coordinated Time (UTC) using the Gregorian calendar. The extended + date-time form using upper case "T" and "Z" characters defined in + [RFC3339] MUST be used to represent date-time values as XML Schema + does not support truncated date-time forms or lower case "T" and "Z" + characters. + +2.5. Validity Periods + + A domain name object MAY have a specified validity period. If server + policy supports domain object validity periods, the validity period + is defined when a domain object is created, and it MAY be extended by + the EPP or commands. As a matter of server + policy, this specification does not define actions to be taken upon + expiration of a domain object's validity period. + + Validity periods are measured in years or months with the appropriate + units specified using the "unit" attribute. Valid values for the + "unit" attribute are "y" for years and "m" for months. The minimum + allowable period value is one decimal (1). The maximum allowable + value is ninety-nine decimal (99). A server MAY support a lower + maximum value. + +2.6. Authorization Information + + Authorization information is associated with domain objects to + facilitate transfer operations. Authorization information is + assigned when a domain object is created, and it might be updated in + the future. This specification describes password-based + authorization information, though other mechanisms are possible. + +2.7. Other DNS Resource Record Attributes + + While the DNS allows many resource record types to be associated with + a domain, this mapping only explicitly specifies elements that + describe resource records used for domain delegation and resolution. + Facilities to provision other domain-related resource record types + can be developed by extending this mapping. + + + +Hollenbeck Standards Track [Page 7] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + The provisioning method described in this mapping separates discrete + data elements by data type. This method of data definition allows + XML Schema processors to perform basic syntax validation tasks, + reducing ambiguity and the amount of parsing and syntax-checking work + required of protocol processors. Provisioning and extension methods + that aggregate data into opaque strings are possible, but such + methods SHOULD NOT be used because they impose additional parsing, + interpretation, and validation requirements on protocol processors. + +3. EPP Command Mapping + + A detailed description of the EPP syntax and semantics can be found + in [RFC3730]. The command mappings described here are specifically + for use in provisioning and managing Internet domain names via EPP. + +3.1. EPP Query Commands + + EPP provides three commands to retrieve domain information: + to determine if a domain object can be provisioned within a + repository, to retrieve detailed information associated with a + domain object, and to retrieve domain object transfer + status information. + +3.1.1. EPP Command + + The EPP command is used to determine if an object can be + provisioned within a repository. It provides a hint that allows a + client to anticipate the success or failure of provisioning an object + using the command as object provisioning requirements are + ultimately a matter of server policy. + + In addition to the standard EPP command elements, the command + MUST contain a element that identifies the domain + namespace and the location of the domain schema. The + element contains the following child elements: + + - One or more elements that contain the fully + qualified names of the domain objects to be queried. + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 8] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example command: + + C: + C: + C: + C: + C: + C: example.com + C: example.net + C: example.org + C: + C: + C: ABC-12345 + C: + C: + + When a command has been processed successfully, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. The element contains one or more + elements that contain the following child elements: + + - A element that contains the fully qualified name of + the queried domain object. This element MUST contain an "avail" + attribute whose value indicates object availability (can it be + provisioned or not) at the moment the command was + completed. A value of "1" or "true" means that the object can be + provisioned. A value of "0" or "false" means that the object can + not be provisioned. + + - An OPTIONAL element that MAY be provided when an + object can not be provisioned. If present, this element contains + server-specific text to help explain why the object can not be + provisioned. This text MUST be represented in the response + language previously negotiated with the client; an OPTIONAL "lang" + attribute MAY be present to identify the language if the + negotiated value is something other than the default value of "en" + (English). + + + + + + + +Hollenbeck Standards Track [Page 9] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: + S: example.com + S: + S: + S: example.net + S: In use + S: + S: + S: example.org + S: + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + S: + S: + + An EPP error response MUST be returned if a command can not + be processed for any reason. + +3.1.2. EPP Command + + The EPP command is used to retrieve information associated + with a domain object. The response to this command MAY vary + depending on the identity of the querying client, use of + authorization information, and server policy towards unauthorized + clients. If the querying client is the sponsoring client, all + available information MUST be returned. If the querying client is + not the sponsoring client, but the client provides valid + authorization information, all available information MUST be + + + +Hollenbeck Standards Track [Page 10] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + returned. If the querying client is not the sponsoring client, and + the client does not provide valid authorization information, server + policy determines which OPTIONAL elements are returned. + + In addition to the standard EPP command elements, the command + MUST contain a element that identifies the domain + namespace and the location of the domain schema. The + element contains the following child elements: + + - A element that contains the fully qualified name of + the domain object to be queried. An OPTIONAL "hosts" attribute is + available to control return of information describing hosts + related to the domain object. A value of "all" (the default, + which MAY be absent) returns information describing both + subordinate and delegated hosts. A value of "del" returns + information describing only delegated hosts. A value of "sub" + returns information describing only subordinate hosts. A value of + "none" returns no information describing delegated or subordinate + hosts. + + - An OPTIONAL element that contains authorization + information associated with the domain object or authorization + information associated with the domain object's registrant or + associated contacts. An OPTIONAL "roid" attribute MUST be used to + identify the registrant or contact object if and only if the given + authInfo is associated with a registrant or contact object, and + not the domain object itself. If this element is not provided or + if the authorization information is invalid, server policy + determines if the command is rejected or if response information + will be returned to the client. + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 11] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example command without authorization information: + + C: + C: + C: + C: + C: + C: example.com + C: + C: + C: ABC-12345 + C: + C: + + Example command with authorization information: + + C: + C: + C: + C: + C: + C: example.com + C: + C: 2fooBAR + C: + C: + C: + C: ABC-12345 + C: + C: + + + + + + + + + +Hollenbeck Standards Track [Page 12] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + When an command has been processed successfully, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. Elements that are not OPTIONAL MUST be returned; OPTIONAL + elements are returned based on client authorization and server + policy. The element contains the following child + elements: + + - A element that contains the fully qualified name of + the domain object. + + - A element that contains the Repository Object + IDentifier assigned to the domain object when the object was + created. + + - Zero or more OPTIONAL elements that contain the + current status descriptors associated with the domain. + + - If supported by the server, one OPTIONAL + element and one or more OPTIONAL elements that + contain identifiers for the human or organizational social + information objects associated with the domain object. + + - An OPTIONAL element that contains the fully qualified + names of the delegated host objects or host attributes (name + servers) associated with the domain object. See section 1.1 for a + description of the elements used to specify host objects or host + attributes. + + - Zero or more OPTIONAL elements that contain the + fully qualified names of the subordinate host objects that exist + under this superordinate domain object. + + - A element that contains the identifier of the + sponsoring client. + + - An OPTIONAL element that contains the identifier of + the client that created the domain object. + + - An OPTIONAL element that contains the date and + time of domain object creation. + + - An OPTIONAL element that contains the date and + time identifying the end of the domain object's registration + period. + + + + + + +Hollenbeck Standards Track [Page 13] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + - An OPTIONAL element that contains the identifier of + the client that last updated the domain object. This element MUST + NOT be present if the domain has never been modified. + + - An OPTIONAL element that contains the date and + time of the most recent domain object modification. This element + MUST NOT be present if the domain object has never been modified. + + - An OPTIONAL elements that contains the date and + time of the most recent successful domain object transfer. This + element MUST NOT be provided if the domain object has never been + transferred. + + - An OPTIONAL element that contains authorization + information associated with the domain object. This element MUST + only be returned if the querying client is the current sponsoring + client, or if the client supplied valid authorization information + with the command. + + Example response for an authorized client: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: example.com + S: EXAMPLE1-REP + S: + S: jd1234 + S: sh8013 + S: sh8013 + S: + S: ns1.example.com + S: ns1.example.net + S: + S: ns1.example.com + S: ns2.example.com + S: ClientX + + + +Hollenbeck Standards Track [Page 14] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + S: ClientY + S: 1999-04-03T22:00:00.0Z + S: ClientX + S: 1999-12-03T09:00:00.0Z + S: 2005-04-03T22:00:00.0Z + S: 2000-04-08T09:00:00.0Z + S: + S: 2fooBAR + S: + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + S: + S: + + A server with a different information return policy MAY provide less + information in a response. + + Example response for an unauthorized client: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: example.com + S: EXAMPLE1-REP + S: ClientX + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + S: + S: + + + +Hollenbeck Standards Track [Page 15] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + An EPP error response MUST be returned if an command can not + be processed for any reason. + +3.1.3. EPP Query Command + + The EPP command provides a query operation that allows a + client to determine real-time status of pending and completed + transfer requests. In addition to the standard EPP command elements, + the command MUST contain an "op" attribute with value + "query", and a element that identifies the domain + namespace and the location of the domain schema. The + element contains the following child elements: + + - A element that contains the fully qualified name of + the domain object to be queried. + + - An OPTIONAL element that contains authorization + information associated with the domain object or authorization + information associated with the domain object's registrant or + associated contacts. An OPTIONAL "roid" attribute MUST be used to + identify the registrant or contact object if and only if the given + authInfo is associated with a registrant or contact object, and + not the domain object itself. If this element is not provided or + if the authorization information is invalid, server policy + determines if the command is rejected or if response information + will be returned to the client. + + Example query command: + + C: + C: + C: + C: + C: + C: example.com + C: + C: 2fooBAR + C: + C: + C: + C: ABC-12345 + C: + + + +Hollenbeck Standards Track [Page 16] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + C: + + When a query command has been processed successfully, the + EPP element MUST contain a child element + that identifies the domain namespace and the location of the domain + schema. The element contains the following child + elements: + + - A element that contains the fully qualified name of + the domain object. + + - A element that contains the state of the most + recent transfer request. + + - A element that contains the identifier of the client + that requested the object transfer. + + - A element that contains the date and time that the + transfer was requested. + + - A element that contains the identifier of the client + that SHOULD act upon the transfer request. + + - A element that contains the date and time of a + required or completed response. For a PENDING request, the value + identifies the date and time by which a response is required + before an automated response action will be taken by the server. + For all other status types, the value identifies the date and time + when the request was completed. + + - An OPTIONAL element that contains the end of the + domain object's validity period if the command caused + or causes a change in the validity period. + + Example query response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: example.com + S: pending + S: ClientX + S: 2000-06-06T22:00:00.0Z + S: ClientY + S: 2000-06-11T22:00:00.0Z + S: 2002-09-08T22:00:00.0Z + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + S: + S: + + An EPP error response MUST be returned if a query command + can not be processed for any reason. + +3.2. EPP Transform Commands + + EPP provides five commands to transform domain objects: to + create an instance of a domain object, to delete an instance + of a domain object, to extend the validity period of a domain + object, to manage domain object sponsorship changes, and + to change information associated with a domain object. + + Transform commands are typically processed and completed in real + time. Server operators MAY receive and process transform commands, + but defer completing the requested action if human or third-party + review is required before the requested action can be completed. In + such situations the server MUST return a 1001 response code to the + client to note that the command has been received and processed, but + the requested action is pending. The server MUST also manage the + status of the object that is the subject of the command to reflect + the initiation and completion of the requested action. Once the + action has been completed, all clients involved in the transaction + MUST be notified using a service message that the action has been + completed and that the status of the object has changed. + + + + + + + + + + +Hollenbeck Standards Track [Page 18] + +RFC 3731 EPP Domain Name Mapping March 2004 + + +3.2.1. EPP Command + + The EPP command provides a transform operation that allows a + client to create a domain object. In addition to the standard EPP + command elements, the command MUST contain a + element that identifies the domain namespace and the location of the + domain schema. The element contains the following + child elements: + + - A element that contains the fully qualified name of + the domain object to be created. + + - An OPTIONAL element that contains the initial + registration period of the domain object. A server MAY define a + default initial registration period if not specified by the + client. + + - An OPTIONAL element that contains the fully qualified + names of the delegated host objects or host attributes (name + servers) associated with the domain object to provide resolution + services for the domain; see section 1.1 for a description of the + elements used to specify host objects or host attributes. A host + object MUST be known to the server before the host object can be + associated with a domain object. + + - An OPTIONAL element that contains the + identifier for the human or organizational social information + (contact) object to be associated with the domain object as the + object registrant. This object identifier MUST be known to the + server before the contact object can be associated with the domain + object. The EPP mapping for contact objects is described in + [RFC3733]. + + - Zero or more OPTIONAL elements that contain the + identifiers for other contact objects to be associated with the + domain object. Contact object identifiers MUST be known to the + server before the contact object can be associated with the domain + object. + + - A element that contains authorization + information to be associated with the domain object. This mapping + includes a password-based authentication mechanism, but the schema + allows new mechanisms to be defined in new schemas. + + + + + + + + +Hollenbeck Standards Track [Page 19] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example command: + + C: + C: + C: + C: + C: + C: example.com + C: 2 + C: + C: ns1.example.com + C: ns1.example.net + C: + C: jd1234 + C: sh8013 + C: sh8013 + C: + C: 2fooBAR + C: + C: + C: + C: ABC-12345 + C: + C: + + When a command has been processed successfully, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. The element contains the following child + elements: + + - A element that contains the fully qualified name of + the domain object. + + - A element that contains the date and time of + domain object creation. + + - An OPTIONAL element that contains the date and + time identifying the end of the domain object's registration + period. + + + + + +Hollenbeck Standards Track [Page 20] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Example response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: example.com + S: 1999-04-03T22:00:00.0Z + S: 2001-04-03T22:00:00.0Z + S: + S: + S: + S: ABC-12345 + S: 54321-XYZ + S: + S: + S: + + An EPP error response MUST be returned if a command can not + be processed for any reason. + +3.2.2. EPP Command + + The EPP command provides a transform operation that allows a + client to delete a domain object. In addition to the standard EPP + command elements, the command MUST contain a + element that identifies the domain namespace and the location of the + domain schema. The element contains the following + child elements: + + - A element that contains the fully qualified name of + the domain object to be deleted. + + A domain object SHOULD NOT be deleted if subordinate host objects are + associated with the domain object. For example, if domain + "example.com" exists, and host object "ns1.example.com" also exists, + then domain "example.com" SHOULD NOT be deleted until host + "ns1.example.com" has been either deleted or renamed to exist in a + + + +Hollenbeck Standards Track [Page 21] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + different superordinate domain. A server SHOULD notify clients that + object relationships exist by sending a 2305 error response code when + a command is attempted and fails due to existing object + relationships. Delegated and subordinate host objects associated + with a domain object can be determined using the query command + for the domain object. + + Example command: + + C: + C: + C: + C: + C: + C: example.com + C: + C: + C: ABC-12345 + C: + C: + + When a command has been processed successfully, a server + MUST respond with an EPP response with no element. + + Example response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: ABC-12345 + S: 54321-XYZ + S: + S: + S: + + + + +Hollenbeck Standards Track [Page 22] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + An EPP error response MUST be returned if a command can not + be processed for any reason. + +3.2.3. EPP Command + + The EPP command provides a transform operation that allows a + client to extend the validity period of a domain object. In addition + to the standard EPP command elements, the command MUST + contain a element that identifies the domain namespace + and the location of the domain schema. The element + contains the following child elements: + + - A element that contains the fully qualified name of + the domain object whose validity period is to be extended. + + - A element that contains the date on which the + current validity period ends. This value ensures that repeated + commands do not result in multiple unanticipated + successful renewals. + + - An OPTIONAL element that contains the number of + units to be added to the registration period of the domain object. + The number of units available MAY be subject to limits imposed by + the server. + + Example command: + + C: + C: + C: + C: + C: + C: example.com + C: 2000-04-03 + C: 5 + C: + C: + C: ABC-12345 + C: + C: + + + + + +Hollenbeck Standards Track [Page 23] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + When a command has been processed successfully, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. The element contains the following child + elements: + + - A element that contains the fully qualified name of + the domain object. + + - An OPTIONAL element that contains the date and + time identifying the end of the domain object's registration + period. + + Example response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: + S: example.com + S: 2005-04-03T22:00:00.0Z + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + S: + S: + + An EPP error response MUST be returned if a command can not + be processed for any reason. + +3.2.4. EPP Command + + The EPP command provides a transform operation that allows + a client to manage requests to transfer the sponsorship of a domain + object. In addition to the standard EPP command elements, the + + + +Hollenbeck Standards Track [Page 24] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + command MUST contain a element that + identifies the domain namespace and the location of the domain + schema. The element contains the following child + elements: + + - A element that contains the fully qualified name of + the domain object for which a transfer request is to be created, + approved, rejected, or cancelled. + + - An OPTIONAL element that contains the number of + units to be added to the registration period of the domain object + at completion of the transfer process. This element can only be + used when a transfer is requested, and it MUST be ignored if used + otherwise. The number of units available MAY be subject to limits + imposed by the server. + + - A element that contains authorization + information associated with the domain object or authorization + information associated with the domain object's registrant or + associated contacts. An OPTIONAL "roid" attribute MUST be used to + identify the registrant or contact object if and only if the given + authInfo is associated with a registrant or contact object, and + not the domain object itself. + + Every EPP command MUST contain an "op" attribute that + identifies the transfer operation to be performed. Valid values, + definitions, and authorizations for all attribute values are defined + in [RFC3730]. + + Transfer of a domain object MUST implicitly transfer all host objects + that are subordinate to the domain object. For example, if domain + object "example.com" is transferred and host object "ns1.example.com" + exists, the host object MUST be transferred as part of the + "example.com" transfer process. Host objects that are subject to + transfer when transferring a domain object are listed in the response + to an EPP command performed on the domain object. + + Example request command: + + C: + C: + C: + C: + C: + C: example.com + C: 1 + C: + C: 2fooBAR + C: + C: + C: + C: ABC-12345 + C: + C: + + When a command has been processed successfully, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. The element contains the same child + elements defined for a transfer query response. + + Example response: + + S: + S: + S: + S: + S: Command completed successfully; action pending + S: + S: + S: + S: example.com + S: pending + S: ClientX + S: 2000-06-08T22:00:00.0Z + S: ClientY + S: 2000-06-13T22:00:00.0Z + S: 2002-09-08T22:00:00.0Z + S: + S: + S: + S: ABC-12345 + S: 54322-XYZ + S: + + + +Hollenbeck Standards Track [Page 26] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + S: + S: + + An EPP error response MUST be returned if a command can + not be processed for any reason. + +3.2.5. EPP Command + + The EPP command provides a transform operation that allows a + client to modify the attributes of a domain object. In addition to + the standard EPP command elements, the command MUST contain + a element that identifies the domain namespace and + the location of the domain schema. The element + contains the following child elements: + + - A element that contains the fully qualified name of + the domain object to be updated. + + - An OPTIONAL element that contains attribute values to + be added to the object. + + - An OPTIONAL element that contains attribute values to + be removed from the object. + + - An OPTIONAL element that contains object attribute + values to be changed. + + At least one , , or element MUST + be provided. The and elements contain the + following child elements: + + - An OPTIONAL element that contains the fully qualified + names of the delegated host objects or host attributes (name + servers) associated with the domain object to provide resolution + services for the domain; see section 1.1 for a description of the + elements used to specify host objects or host attributes. A host + object MUST be known to the server before the host object can be + associated with a domain object. If host attributes are used to + specify name servers, note that IP address elements are not needed + to identify a name server that is being removed. IP address + elements can safely be absent or ignored in this situation. + + - Zero or more elements that contain the + identifiers for contact objects to be associated with or removed + from the domain object. Contact object identifiers MUST be known + to the server before the contact object can be associated with the + domain object. + + + + +Hollenbeck Standards Track [Page 27] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + - Zero or more elements that contain status values + to be applied to or removed from the object. When specifying a + value to be removed, only the attribute value is significant; + element text is not required to match a value for removal. + + A element contains the following child elements: + + - A element that contains the identifier for the + human or organizational social information (contact) object to be + associated with the domain object as the object registrant. This + object identifier MUST be known to the server before the contact + object can be associated with the domain object. An empty element + can be used to remove registrant information. + + - A element that contains authorization + information associated with the domain object. This mapping + includes a password-based authentication mechanism, but the schema + allows new mechanisms to be defined in new schemas. A + element can be used within the + element to remove authorization information. + + Example command: + + C: + C: + C: + C: + C: + C: example.com + C: + C: + C: ns2.example.com + C: + C: mak21 + C: Payment overdue. + C: + C: + C: + C: ns1.example.com + C: + C: sh8013 + + + +Hollenbeck Standards Track [Page 28] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + C: + C: + C: + C: sh8013 + C: + C: 2BARfoo + C: + C: + C: + C: + C: ABC-12345 + C: + C: + + When an command has been processed successfully, a server + MUST respond with an EPP response with no element. + + Example response: + + S: + S: + S: + S: + S: Command completed successfully + S: + S: + S: ABC-12345 + S: 54321-XYZ + S: + S: + S: + + An EPP error response MUST be returned if an command can not + be processed for any reason. + +3.2.6. Offline Review of Requested Actions + + Commands are processed by a server in the order they are received + from a client. Though an immediate response confirming receipt and + processing of the command is produced by the server, a server + operator MAY perform an offline review of requested transform + commands before completing the requested action. In such situations + the response from the server MUST clearly note that the transform + command has been received and processed, but the requested action is + + + + +Hollenbeck Standards Track [Page 29] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + pending. The status of the corresponding object MUST clearly reflect + processing of the pending action. The server MUST notify the client + when offline processing of the action has been completed. + + Examples describing a command that requires offline review + are included here. Note the result code and message returned in + response to the command. + + S: + S: + S: + S: + S: Command completed successfully; action pending + S: + S: + S: + S: example.com + S: 1999-04-03T22:00:00.0Z + S: 2001-04-03T22:00:00.0Z + S: + S: + S: + S: ABC-12345 + S: 54321-XYZ + S: + S: + S: + + The status of the domain object after returning this response MUST + include "pendingCreate". The server operator reviews the request + offline, and informs the client of the outcome of the review by + queuing a service message for retrieval via the command. + + The service message MUST contain text in the , , + element that describes the notification. In addition, the EPP + element MUST contain a child element that + identifies the domain namespace and the location of the domain + schema. The element contains the following child + elements: + + + + + + +Hollenbeck Standards Track [Page 30] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + - A element that contains the fully qualified name of + the domain object. The element contains a REQUIRED + "paResult" attribute. A positive boolean value indicates that the + request has been approved and completed. A negative boolean value + indicates that the request has been denied and the requested + action has not been taken. + + - A element that contains the client transaction + identifier and server transaction identifier returned with the + original response to process the command. The client transaction + identifier is OPTIONAL and will only be returned if the client + provided an identifier with the original command. + + - A element that contains the date and time + describing when review of the requested action was completed. + + Example "review completed" service message: + + S: + S: + S: + S: + S: Command completed successfully; ack to dequeue + S: + S: + S: 1999-04-04T22:01:00.0Z + S: Pending action completed successfully. + S: + S: + S: + S: example.com + S: + S: ABC-12345 + S: 54321-XYZ + S: + S: 1999-04-04T22:00:00.0Z + S: + S: + S: + S: BCD-23456 + S: 65432-WXY + S: + + + +Hollenbeck Standards Track [Page 31] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + S: + S: + +4. Formal Syntax + + An EPP object mapping is specified in XML Schema notation. The + formal syntax presented here is a complete schema representation of + the object mapping suitable for automated validation of EPP XML + instances. The BEGIN and END tags are not part of the schema; they + are used to note the beginning and ending of the schema for URI + registration purposes. + + BEGIN + + + + + + + + + + + + Extensible Provisioning Protocol v1.0 + domain provisioning schema. + + + + + + + + + + + + +Hollenbeck Standards Track [Page 32] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 34] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 35] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 37] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 38] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 39] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 40] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + + + + + + + + + + + + + END + +5. Internationalization Considerations + + EPP is represented in XML, which provides native support for encoding + information using the Unicode character set and its more compact + representations including UTF-8. Conformant XML processors recognize + both UTF-8 and UTF-16 [RFC2781]. Though XML includes provisions to + identify and use other character encodings through use of an + "encoding" attribute in an declaration, use of UTF-8 is + RECOMMENDED in environments where parser encoding support + incompatibility exists. + + All date-time values presented via EPP MUST be expressed in Universal + Coordinated Time using the Gregorian calendar. XML Schema allows use + of time zone identifiers to indicate offsets from the zero meridian, + but this option MUST NOT be used with EPP. The extended date-time + form using upper case "T" and "Z" characters defined in [RFC3339] + MUST be used to represent date-time values as XML Schema does not + support truncated date-time forms or lower case "T" and "Z" + characters. + + This document requires domain and host name syntax as specified in + [RFC952] as updated by [RFC1123]. At the time of this writing, RFC + 3490 [RFC3490] describes a standard to use certain ASCII name labels + to represent non-ASCII name labels. These conformance requirements + might change as a result of progressing work in developing standards + for internationalized domain names. + + + + + + + + +Hollenbeck Standards Track [Page 41] + +RFC 3731 EPP Domain Name Mapping March 2004 + + +6. IANA Considerations + + This document uses URNs to describe XML namespaces and XML schemas + conforming to a registry mechanism described in [RFC3688]. Two URI + assignments have been registered by the IANA. + + Registration request for the domain namespace: + + URI: urn:ietf:params:xml:ns:domain-1.0 + + Registrant Contact: See the "Author's Address" section of this + document. + + XML: None. Namespace URIs do not represent an XML specification. + + Registration request for the domain XML schema: + + URI: urn:ietf:params:xml:schema:domain-1.0 + + Registrant Contact: See the "Author's Address" section of this + document. + + XML: See the "Formal Syntax" section of this document. + +7. Security Considerations + + Authorization information as described in section 2.6 is REQUIRED to + create a domain object. This information is used in some query and + transfer operations as an additional means of determining client + authorization to perform the command. Failure to protect + authorization information from inadvertent disclosure can result in + unauthorized transfer operations and unauthorized information + release. Both client and server MUST ensure that authorization + information is stored and exchanged with high-grade encryption + mechanisms to provide privacy services. + + The object mapping described in this document does not provide any + other security services or introduce any additional considerations + beyond those described by [RFC3730] and protocol layers used by EPP. + +8. Acknowledgements + + This document was originally written as an individual submission + Internet-Draft. The provreg working group later adopted it as a + working group document and provided many invaluable comments and + suggested improvements. The author wishes to acknowledge the efforts + of WG chairs Edward Lewis and Jaap Akkerhuis for their process and + editorial contributions. + + + +Hollenbeck Standards Track [Page 42] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + Specific suggestions that have been incorporated into this document + were provided by Joe Abley, Chris Bason, Eric Brunner-Williams, + Jordyn Buchanan, Dave Crocker, Ayesha Damaraju, Anthony Eden, Sheer + El-Showk, Klaus Malorny, Dan Manley, Michael Mealling, Patrick + Mevzek, Asbjorn Steira, Bruce Tonkin, and Rick Wesson. + +9. References + +9.1. Normative References + + [RFC952] Harrenstien, K., Stahl, M. and E. Feinler, "DOD Internet + Host Table Specification", RFC 952, October 1985. + + [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts -- + Application and Support", STD 3, RFC 1123, October 1989. + + [RFC2119] Bradner, S., "Key Words for Use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, March 1997. + + [RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet: + Timestamps", RFC 3339, July 2002. + + [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, + January 2004. + + [RFC3730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", + RFC 3730, March 2004. + + [RFC3732] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) + Host Mapping", RFC 3732, March 2004. + + [RFC3733] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) + Contact Mapping", RFC 3733, March 2004. + + [XML] Editor T. Bray et al.: "Extensible Markup Language (XML) + 1.0 (Second Edition)", W3C Recommendation 6 October 2000. + + [XMLS-1] Editors H. Thompson et al.: "XML Schema Part 1: + Structures", W3C Recommendation 2 May 2001. + + [XMLS-2] Editors P. Biron, A. Malhotra: "XML Schema Part 2: + Datatypes", W3C Recommendation 2 May 2001. + +9.2. Informative References + + [RFC2781] Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO + 10646", RFC 2781, February 2000. + + + + +Hollenbeck Standards Track [Page 43] + +RFC 3731 EPP Domain Name Mapping March 2004 + + + [RFC3490] Faltstrom, P., Hoffman, P. and A. Costello, + "Internationalizing Domain Names in Applications (IDNA)", + RFC 3490, March 2003. + +10. Author's Address + + Scott Hollenbeck + VeriSign Global Registry Services + 21345 Ridgetop Circle + Dulles, VA 20166-6503 + USA + + EMail: shollenbeck@verisign.com + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hollenbeck Standards Track [Page 44] + +RFC 3731 EPP Domain Name Mapping March 2004 + + +11. Full Copyright Statement + + Copyright (C) The Internet Society (2004). This document is subject + to the rights, licenses and restrictions contained in BCP 78 and + except as set forth therein, the authors retain all their rights. + + This document and the information contained herein are provided on an + "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS + OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET + ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Intellectual Property + + The IETF takes no position regarding the validity or scope of any + Intellectual Property Rights or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; nor does it represent that it has + made any independent effort to identify any such rights. Information + on the procedures with respect to rights in RFC documents can be + found in BCP 78 and BCP 79. + + Copies of IPR disclosures made to the IETF Secretariat and any + assurances of licenses to be made available, or the result of an + attempt made to obtain a general license or permission for the use of + such proprietary rights by implementers or users of this + specification can be obtained from the IETF on-line IPR repository at + http://www.ietf.org/ipr. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights that may cover technology that may be required to implement + this standard. Please address the information to the IETF at ietf- + ipr@ietf.org. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + + + +Hollenbeck Standards Track [Page 45] + -- cgit v1.2.3