1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
|
Network Working Group S. Hollenbeck
Request for Comments: 3375 Verisign, Inc.
Category: Informational September 2002
Generic Registry-Registrar Protocol Requirements
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract
This document describes high-level functional and interface
requirements for a client-server protocol for the registration and
management of Internet domain names in shared registries. Specific
technical requirements detailed for protocol design are not presented
here. Instead, this document focuses on the basic functions and
interfaces required of a protocol to support multiple registry and
registrar operational models.
Conventions Used In This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Table of Contents
1. Introduction ....................................... 2
1.1 Definitions, Acronyms, and Abbreviations ........... 2
2. General Description ................................ 4
2.1 System Perspective ................................. 4
2.2 System Functions ................................... 4
2.3 User Characteristics ............................... 5
2.4 Assumptions ........................................ 5
3. Functional Requirements ............................ 5
3.1 Session Management ................................. 6
3.2 Identification and Authentication .................. 6
3.3 Transaction Identification ......................... 7
3.4 Object Management .................................. 7
3.5 Domain Status Indicators ........................... 13
Hollenbeck Informational [Page 1]
^L
RFC 3375 Generic RRP Requirements September 2002
3.6 Transaction Completion Status ...................... 13
4. External Interface Requirements .................... 14
4.1 User, Hardware, and Software Interfaces ............ 14
4.2 Communications Interfaces .......................... 14
5. Performance Requirements ........................... 14
6. Design Constraints ................................. 14
6.1 Standards Compliance ............................... 14
6.2 Hardware Limitations ............................... 15
7. Service Attributes ................................. 15
7.1 Reliability ........................................ 15
7.2 Availability ....................................... 15
7.3 Scalability ........................................ 16
7.4 Maintainability .................................... 16
7.5 Extensibility ...................................... 16
7.6 Security ........................................... 16
8. Other Requirements ................................. 17
8.1 Database Requirements .............................. 17
8.2 Operational Requirements ........................... 17
8.3 Site Adaptation Requirements ....................... 17
8.4 Data Collection Requirements ....................... 17
9. Internationalization Requirements .................. 18
10. IANA Considerations ................................ 18
11. Security Considerations ............................ 18
12. Acknowledgements ................................... 19
13. References ......................................... 19
14. Editor's Address ................................... 20
15. Full Copyright Statement ........................... 21
1. Introduction
The advent of shared domain name registration systems illustrates the
utility of a common, generic protocol for registry-registrar
interaction. A standard generic protocol will allow registrars to
communicate with multiple registries through a common interface,
reducing operational complexity. This document describes high level
functional and interface requirements for a generic provisioning
protocol suitable for registry-registrar operations. Detailed
technical requirements are not addressed in this document.
1.1 Definitions, Acronyms, and Abbreviations
ccTLD: Country Code Top Level Domain. ".us" is an example of a
ccTLD.
DNS: Domain Name System
gTLD: Generic Top Level Domain. ".com" is an example of a gTLD.
Hollenbeck Informational [Page 2]
^L
RFC 3375 Generic RRP Requirements September 2002
IANA: Internet Assigned Numbers Authority
IETF: Internet Engineering Task Force
IP Address: Either or both IPv4 or IPv6 address.
IPv4: Internet Protocol version 4
IPv6: Internet Protocol version 6
RRP: Registry-Registrar Protocol
TLD: Top Level Domain. A generic term used to describe both gTLDs
and ccTLDs that exist under the top-level root of the domain name
hierarchy.
Exclusive Registration System: A domain name registration system in
which registry services are limited to a single registrar. Exclusive
Registration Systems are either loosely coupled (in which case the
separation between registry and registrar systems is readily
evident), or tightly coupled (in which case the separation between
registry and registrar systems is obscure).
Name Space: The range of values that can be assigned within a
particular node of the domain name hierarchy.
Object: A generic term used to describe entities that are created,
updated, deleted, and otherwise managed by a generic registry-
registrar protocol.
Registrant: An entity that registers domain names in a registry
through the services provided by a registrar. Registrants include
individuals, organizations, and corporations.
Registrar: An entity that provides front-end domain name registration
services to registrants, providing a public interface to registry
services.
Registry: An entity that provides back-end domain name registration
services to registrars, managing a central repository of information
associated with domain name delegations. A registry is typically
responsible for publication and distribution of zone files used by
the Domain Name System.
Shared Registration System: A domain name registration system in
which registry services are shared among multiple independent
registrars. Shared Registration Systems require a loose coupling
between registrars and a registry.
Hollenbeck Informational [Page 3]
^L
RFC 3375 Generic RRP Requirements September 2002
Thick Registry: A registry in which all of the information associated
with registered entities, including both technical information
(information needed to produce zone files) and social information
(information needed to implement operational, business, or legal
practices), is stored within the registry repository.
Thin Registry: A registry in which all elements of the social
information associated with registered entities is distributed
between a shared registry and the registrars served by the registry.
Zone: The complete set of information for a particular "pruned"
subtree of the domain space. The zone concept is described fully in
[RFC1035].
2. General Description
A basic understanding of domain name registration systems provides
focus for the enumeration of functional and interface requirements of
a protocol to serve those systems. This section provides a high-
level description of domain name registration systems to provide
context for the requirements identified later in this document.
2.1 System Perspective
A domain name registration system consists of a protocol and
associated software and hardware that permits registrars to provide
Internet domain name registration services within the name spaces
administered by a registry. A registration system can be shared
among multiple competing registrars, or it can be served by a single
registrar that is either tightly or loosely coupled with back-end
registry services. The system providing registration services for
the .com, .net, and .org gTLDs is an example of a shared registration
system serving multiple competing registrars. The systems providing
registration services for some ccTLDs and the .gov and .mil gTLDs are
examples of registration systems served by a single registrar.
2.2 System Functions
Registrars access a registry through a protocol to register objects
and perform object management functions. Required functions include
session management; object creation, update, renewal, and deletion;
object query; and object transfer.
A registry generates DNS zone files for the name spaces it serves.
Zone files are created and distributed to a series of name servers
that provide the foundation for the domain name system.
Hollenbeck Informational [Page 4]
^L
RFC 3375 Generic RRP Requirements September 2002
2.3 User Characteristics
Protocol users fall into two broad categories: entities that use
protocol client implementations and entities that use protocol server
implementations, though an entity can provide both client and server
services if it provides intermediate services. A protocol provides a
loose coupling between these communicating entities.
2.4 Assumptions
There is one and only one registry that is authoritative for a given
name space and zone.
A registry can be authoritative for more than one name space and
zone. Some registry operations can be billable. The impact of a
billable operation can be mitigated through the specification of
non-billable operations that allow a registrar to make informed
decisions before executing billable operations.
A registry can choose to implement a subset of the features provided
by a generic registry-registrar protocol. A thin registry, for
example, might not provide services to register social information.
Specification of minimal implementation compliance requirements is
thus an exercise left for a formal protocol definition document that
addresses the functional requirements specified here.
A protocol that meets the requirements described here can be called
something other than "Generic Registry Registrar Protocol".
The requirements described in this document are not intended to limit
the set of objects that can be managed by a generic registry-
registrar protocol.
3. Functional Requirements
This section describes functional requirements for a registry-
registrar protocol. Technical requirements that describe how these
requirements are to be met are out of scope for this document.
Hollenbeck Informational [Page 5]
^L
RFC 3375 Generic RRP Requirements September 2002
3.1 Session Management
[1] The protocol MUST provide services to explicitly establish a
client session with a registry server.
[2] In a connection-oriented environment, a server MUST respond to
connection attempts with information that identifies the server and
the default server protocol version.
[3] The protocol MUST provide services that allow a client to request
use of a specific protocol version as part of negotiating a session.
[4] The protocol MUST provide services that allow a server to decline
use of a specific protocol version as part of negotiating a session.
[5] A session MUST NOT be established if the client and server are
unable to reach agreement on the protocol version to be used for the
requested session.
[6] The protocol MUST provide services to explicitly end an
established session.
[7] The protocol MUST provide services that provide transactional
atomicity, consistency, isolation, and durability in the advent of
session management failures.
[8] The protocol MUST provide services to confirm that a transaction
has been completed if a session is aborted prematurely.
3.2 Identification and Authentication
[1] The protocol or another layered protocol MUST provide services to
identify registrar clients and registry servers before granting
access to other protocol services.
[2] The protocol or another layered protocol MUST provide services to
authenticate registrar clients and registry servers before granting
access to other protocol services.
[3] The protocol or another layered protocol MUST provide services to
negotiate an authentication mechanism acceptable to both client and
server.
Hollenbeck Informational [Page 6]
^L
RFC 3375 Generic RRP Requirements September 2002
3.3 Transaction Identification
[1] Registry operations that create, modify, or delete objects MUST
be associated with a registry-unique identifier. The protocol MUST
allow each transaction to be identified in a permanent and globally
unique manner to facilitate temporal ordering and state management
services.
3.4 Object Management
This section describes requirements for object management, including
identification, registration, association, update, transfer, renewal,
deletion, and query.
3.4.1 Object Identification
Some objects, such as name servers and contacts, have utility in
multiple registries. However, maintaining disjoint copies of object
information in multiple registries can lead to inconsistencies that
have adverse consequences for the Internet. For example, changing a
name server name in one registry, but not in a second registry that
refers to the server for domain name delegation, can produce
unexpected DNS query results.
[1] The protocol MUST provide services to associate an object
identifier with every object.
[2] Object identifiers MUST be globally unique.
[3] An object's identifier MUST NOT change during the lifetime of the
object in a particular repository, even if administrative control of
the object changes over time.
[4] An object identifier MUST contain information that unambiguously
identifies the object.
[5] Object identifier format specified by the protocol SHOULD be
easily parsed and understood by humans.
[6] An object's identifier MUST be generated and stored when an
object is created.
Hollenbeck Informational [Page 7]
^L
RFC 3375 Generic RRP Requirements September 2002
3.4.2 Object Registration
[1] The protocol MUST provide services to register Internet domain
names.
[2] The protocol MUST permit a starting and ending time for a domain
name registration to be negotiated, thereby allowing a registry to
implement policies allowing a range of registration validity periods
(the start and end points in time during which one normally assumes
that an object will be active), and enabling registrars to select a
period for each registration they submit from within the valid range
based on out-of-band negotiation between the registrar and the
registrant. Registries SHOULD be allowed to accept indefinitely
valid registrations if the policy that they are implementing permits,
and to specify a default validity period if one is not selected by a
registrar. Registries MUST be allowed to specify minimal validity
periods consistent with prevailing or preferred practices for fee-
for-service recovery. The protocol MUST provide features to ensure
that both registry and registrar have a mutual understanding of the
validity period at the conclusion of a successful registration event.
[3] The protocol MUST provide services to register name servers.
Name server registration MUST NOT be limited to a specific period of
time. Name servers MUST be registered with a valid IPv4 or IPv6
address when a "glue record" is required for delegation. A name
server MAY be registered with multiple IP addresses. Multiple name
servers using distinct server names MAY share an IP address.
[4] The protocol MUST provide services to manage delegation of zone
authority. Names of name servers MUST NOT be required to be tied to
the name of the zone(s) for which the server is authoritative.
[5] The protocol MUST provide services to register social information
describing human and organizational entities. Registration of social
information MUST NOT be limited to a specific period of time. Social
information MAY include a name (individual name, organization name,
or both), address (including street address, city, state or province
(if applicable), postal code, and country), voice telephone number,
email address, and facsimile telephone number.
[6] Protocol services to register an object MUST be available to all
authorized registrars.
Hollenbeck Informational [Page 8]
^L
RFC 3375 Generic RRP Requirements September 2002
3.4.3 Object Association
[1] The protocol MUST provide services to associate name servers with
domain names to delegate authority for zones. A domain name MAY have
multiple authoritative name servers. Name servers MAY be
authoritative for multiple zones.
[2] The protocol MUST provide services to associate IP addresses with
name servers. A name server MAY have multiple IP addresses. An IP
address MAY be associated with multiple name server registrations.
[3] The protocol MUST provide services to associate social
information with other objects. Social information associations MUST
be identified by type. "Registrant" is an example social information
type that might be associated with an object such as a domain name.
[4] The protocol MUST provide services to associate object management
capabilities on a per-registrar basis.
[5] Some managed objects represent shared resources that might be
referenced by multiple registrars. The protocol MUST provide
services that allow a registrar to associate an existing shared
resource object with other registered objects sponsored by a second
registrar. For example, authority for the example.tld zone
(example.tld domain object managed by registrar X) and authority for
the test.tld zone (test.tld domain object managed by registrar Y)
might be delegated to server ns1.example.tld (managed by registrar
X). Registrar X maintains administrative control over domain object
example.tld and server object ns1.example.tld, and registrar Y
maintains administrative control over domain object test.tld.
Registrar Y does not have administrative control over server object
ns1.example.tld.
3.4.4 Object Update
[1] The protocol MUST provide services to update information
associated with registered Internet domain names.
[2] The protocol MUST provide services to update information
associated with registered name servers.
[3] The protocol MUST provide services to update social information
associated with registered human and organizational entities.
[4] The protocol MUST provide services to limit requests to update a
registered object to the registrar that currently sponsors the
registered object.
Hollenbeck Informational [Page 9]
^L
RFC 3375 Generic RRP Requirements September 2002
[5] The protocol MUST provide services to explicitly reject
unauthorized attempts to update a registered object.
3.4.5 Object Transfer
[1] The protocol MUST provide services to transfer domain names among
authorized registrars. Name servers registered in a domain being
transferred MUST be transferred along with the domain itself. For
example, name servers "ns1.example.tld" and "ns2.example.tld" MUST be
implicitly transferred when domain "example.tld" is transferred.
[2] The protocol MUST provide services to describe all objects,
including associated objects, that are transferred as a result of an
object transfer.
[3] The protocol MUST provide services to transfer social information
objects among authorized registrars.
[4] Protocol transfer requests MUST be initiated by the registrar who
wishes to become the new administrator of an object.
[5] The protocol MUST provide services to confirm registrar
authorization to transfer an object.
[6] The protocol MUST provide services that allow the requesting
registrar to cancel a requested object transfer before the request
has been approved or rejected by the original sponsoring registrar.
Requests to cancel the transfer of registered objects MUST be limited
to the registrar that requested transfer of the registered object.
Unauthorized attempts to cancel the transfer of a registered object
MUST be explicitly rejected.
[7] The protocol MUST provide services that allow the original
sponsoring registrar to approve or reject a requested object
transfer. Requests to approve or reject the transfer of registered
objects MUST be limited to the registrar that currently sponsors the
registered object. Unauthorized attempts to approve or reject the
transfer of a registered object MUST be explicitly rejected.
[8] The protocol MUST provide services that allow both the original
sponsoring registrar and the potential new registrar to monitor the
status of both pending and completed transfer requests.
[9] Transfer of an object MAY extend the object's registration
period. If an object's registration period will be extended as the
result of a transfer, the new expiration date and time MUST be
returned after successful completion of a transfer request.
Hollenbeck Informational [Page 10]
^L
RFC 3375 Generic RRP Requirements September 2002
[10] Requests to initiate the transfer of a registered object MUST be
available to all authorized registrars.
[11] Registrars might become non-functional and unable to respond to
transfer requests. It might be necessary for one registrar to assume
management responsibility for the objects associated with another
registrar in the event of registrar failure. The protocol MUST NOT
restrict the ability to transfer objects in the event of registrar
failure.
3.4.6 Object Renewal/Extension
[1] The protocol MUST provide services to renew or extend the
validity period of registered domain names. If applicable, the new
expiration date and time MUST be returned after successful completion
of a request to renew or extend the validity period.
[2] Requests to renew or extend the validity period of a registered
object MUST be limited to the registrar that currently sponsors the
registered object. Unauthorized attempts to renew or extend the
validity period of a registered object MUST be explicitly rejected.
3.4.7 Object Deletion
[1] The protocol MUST provide services to remove a domain name from
the registry.
[2] The protocol MUST provide services to remove a name server from
the registry.
[3] The protocol MUST provide services to remove a social information
object from the registry.
[4] Requests to remove a registered object MUST be limited to the
registrar that currently sponsors the registered object.
Unauthorized attempts to remove a registered object MUST be
explicitly rejected.
3.4.8 Object Existence Query
This section describes requirements for a lightweight query mechanism
whose sole purpose is to determine if an object exists in a registry.
[1] The protocol MUST provide services to determine if a domain name
exists in the registry. Domain names MUST be searchable by fully
qualified name.
Hollenbeck Informational [Page 11]
^L
RFC 3375 Generic RRP Requirements September 2002
[2] The protocol MUST provide services to determine if a name server
exists in the registry. Name servers MUST be searchable by fully
qualified name.
[3] The protocol MUST provide services to determine if a social
information object exists in the registry. Social information MUST
be searchable by a registry-unique identifier.
[4] A query to determine if an object exists in the registry MUST
return only a positive or negative response so that server software
that responds to this query can be optimized for speed.
[5] Requests to determine the existence of a registered object MUST
be available to all authorized registrars.
3.4.9 Object Information Query
This section describes requirements for a query mechanism whose
purpose is to provide detailed information describing objects that
exist in a registry.
[1] The protocol MUST provide services to retrieve information
describing a domain name from the registry. Returned information
MUST include the identifier of the current sponsoring registrar, the
identifier of the registrar that originally registered the domain,
the creation date and time, the expiration date and time (if any),
the date and time of the last successful update (if any), the
identifier of the registrar that performed the last update, the date
and time of last completed transfer (if any), the current status of
the domain, authorization information, identifiers describing social
information associated with the domain, and the subordinate name
servers registered in the domain. Authorization information MUST
only be returned to the current sponsoring registrar.
[2] The protocol MUST provide services to retrieve information
describing a name server from the registry. Returned information
MUST include the identifier of the current sponsoring registrar, the
identifier of the registrar that originally registered the name
server, the creation date and time, the date and time of the last
successful update (if any), the identifier of the registrar that
performed the last update, the date and time of last completed
transfer (if any), and the IP addresses currently associated with the
name server.
[3] The protocol MUST provide services to retrieve social information
from the registry. Returned information MUST include identification
attributes (which MAY include name, address, telephone numbers, and
email address), the identifier of the registrar that originally
Hollenbeck Informational [Page 12]
^L
RFC 3375 Generic RRP Requirements September 2002
registered the information, the creation date and time, the date and
time of the last successful update (if any), the identifier of the
registrar that performed the last update, the date and time of last
completed transfer (if any), and authorization information.
Authorization information MUST only be returned to the current
sponsoring registrar.
[4] The protocol MUST provide services to identify all associated
object references, such as name servers associated with domains
(including delegations and hierarchical relationships) and contacts
associated with domains. This information MUST be visible if the
object associations have an impact on the success or failure of
protocol operations.
[5] Requests to retrieve information describing a registered object
MAY be granted by the registrar that currently sponsors the
registered object. Unauthorized attempts to retrieve information
describing a registered object MUST be explicitly rejected.
3.5 Domain Status Indicators
[1] The protocol MUST provide status indicators that identify the
operational state of a domain name. Indicators MAY be provided to
identify a newly created state (the domain has been registered but
has not yet appeared in a zone), a normal active state (the domain
can be modified and is published in a zone), an inactive state (the
domain can be modified but is not published in a zone because it has
no authoritative name servers), a hold state (the domain can not be
modified and is not published in a zone), a lock state (the domain
can not be modified and is published in a zone), a pending transfer
state, and a pending removal state.
[2] If provided, protocol indicators for hold and lock status MUST
allow independent setting by both registry and registrar.
[3] A domain MAY have multiple statuses at any given time. Some
statuses MAY be mutually exclusive.
3.6 Transaction Completion Status
[1] The protocol MUST provide services that unambiguously note the
success or failure of every transaction. Individual success and
error conditions MUST be noted distinctly.
Hollenbeck Informational [Page 13]
^L
RFC 3375 Generic RRP Requirements September 2002
4. External Interface Requirements
External interfaces define the interaction points between a system
and entities that communicate with the system. Specific areas of
interest include user interfaces, hardware interfaces, software
interfaces, and communications interfaces.
4.1 User, Hardware, and Software Interfaces
[1] The protocol MUST define a wire format for data exchange, not an
application design for user, hardware, or software interfaces so that
any application able to create the same bits on the wire, and to
maintain the image of the same integrity constraints, is a valid
implementation of the protocol.
4.2 Communications Interfaces
[1] Registries, registrars, and registrants interact using a wide
spectrum of communications interfaces built upon multiple protocols,
including transport layer protocols such as TCP and application layer
protocols such as SMTP. The protocol MUST only be run over IETF
approved protocols that feature congestion control, such as TCP and
SCTP.
5. Performance Requirements
[1] Run-time performance is an absolutely critical aspect of protocol
usability. While performance is very heavily dependent on the
hardware and software architecture that implements a protocol,
protocol features can have a direct impact on the ability of the
underlying architecture to provide optimal performance. The protocol
MUST be usable in both high volume and low volume operating
environments.
6. Design Constraints
Protocol designers need to be aware of issues beyond functional and
interface requirements when balancing protocol design decisions.
This section describes additional factors that might have an impact
on protocol design, including standards compliance and hardware
limitations.
6.1 Standards Compliance
[1] The protocol MUST conform to current IETF standards. Standards
for domain and host name syntax, IP address syntax, security, and
transport are particularly relevant. Emerging standards for the
Domain Name System MUST be considered as they approach maturity.
Hollenbeck Informational [Page 14]
^L
RFC 3375 Generic RRP Requirements September 2002
[2] The protocol MUST NOT reinvent services offered by lower layer
protocol standards. For example, the use of a transport that
provides reliability is to be chosen over use of a non-reliable
transport with the protocol itself using retransmission to achieve
reliability.
6.2 Hardware Limitations
[1] The protocol MUST NOT define any features that preclude hardware
independence.
7. Service Attributes
Elements of service beyond functional and interface requirements are
essential factors to consider as part of a protocol design effort.
This section describes several important service elements to be
addressed by protocol designers, including reliability, availability,
scalability, maintainability, extensibility, and security.
7.1 Reliability
[1] Reliability is a measure of the extent to which a protocol
provides a consistent, dependable level of service. Reliability is
an important attribute for a domain name management protocol. An
unreliable protocol increases the risk of data exchange errors, which
at one extreme can have a direct impact on protocol usability and at
the other extreme can introduce discontinuity between registry and
registrar data stores. The protocol MUST include features that
maximize reliability at the application protocol layer. Services
provided by underlying transport, session, and presentation protocols
SHOULD also be considered when addressing application protocol
reliability.
[2] The protocol MUST be run over the most reliable transport option
available in a given environment. The protocol MUST NOT implement a
service that is otherwise available in an applicable standard
transport.
[3] Default protocol actions for when a request or event times out
MUST be well defined.
7.2 Availability
[1] Availability is a measure of the extent to which the services
provided by a protocol are accessible for an intended use.
Availability of an application layer protocol is primarily dependent
on the software and hardware systems that implement the protocol.
Hollenbeck Informational [Page 15]
^L
RFC 3375 Generic RRP Requirements September 2002
The protocol MUST NOT include any features that impinge on the
underlying availability of the software and hardware systems needed
to service the protocol.
7.3 Scalability
[1] Scalability is a measure of the extent to which a protocol can
accommodate use growth while preserving acceptable operational
characteristics. The protocol MUST be capable of operating at an
acceptable level as the load on registry and registrar systems
increases.
7.4 Maintainability
[1] Maintainability is a measure of the extent to which a protocol
can be adapted or modified to address unforeseen operational needs or
defects. The protocol SHOULD be developed under the nominal working
group processes of the IETF to provide a well-known mechanism for
ongoing maintenance.
7.5 Extensibility
[1] Extensibility is a measure of the extent to which a protocol can
be adapted for future uses that were not readily evident when the
protocol was originally designed. The protocol SHOULD provide
features that at a minimum allow for the management of new object
types without requiring revisions to the protocol itself.
[2] The requirements described in this document are not intended to
limit the set of objects that might be managed by the protocol. The
protocol MUST include features that allow extension to object types
that are not described in this document.
[3] The protocol MUST provide an optional field within all commands
whose format and use will be controlled by individual registry
policy.
7.6 Security
[1] Transactional privacy and integrity services MUST be available at
some protocol layer.
[2] This document describes requirements for basic user
identification and authentication services. A generic protocol MAY
include additional security services to protect against the attacks
described here. A generic protocol MUST depend on other-layered
protocols to provide security services that are not provided in the
generic protocol itself. A generic protocol that relies on security
Hollenbeck Informational [Page 16]
^L
RFC 3375 Generic RRP Requirements September 2002
services from other-layered protocols MUST specify the protocol
layers needed to provide security services.
8. Other Requirements
Certain aspects of anticipated operational environments have to be
considered when designing a generic registry-registrar protocol.
Areas of concern include database operations, operations, site
adaptation, and data collection.
8.1 Database Requirements
[1] The protocol MUST NOT have any database dependencies. However,
efficient use of database operations and resources has to be
considered as part of the protocol design effort. The protocol
SHOULD provide atomic features that can be efficiently implemented to
minimize database load.
8.2 Operational Requirements
[1] Registry-registrar interactions at the protocol level SHOULD
operate without human intervention. However, intermediate services
that preserve the integrity of the protocol MAY be provided. For
example, an intermediate service that determines if a registrant is
authorized to register a name in a name space can be provided.
[2] The protocol MUST provide services that allow clients and servers
to maintain a consistent understanding of the current date and time
to effectively manage objects with temporal properties.
8.3 Site Adaptation Requirements
[1] Registries and registrars have varying business and operational
requirements. Several factors, including governance standards, local
laws, customs, and business practices all play roles in determining
how registries and registrars are operated. The protocol MUST be
flexible enough to operate in diverse registry-registrar
environments.
8.4 Data Collection Requirements
[1] Some of the data exchanged between a registrar and registry might
be considered personal, private, or otherwise sensitive. Disclosure
of such information might be restricted by laws and/or business
practices. The protocol MUST provide services to identify data
collection policies.
Hollenbeck Informational [Page 17]
^L
RFC 3375 Generic RRP Requirements September 2002
[2] Some of the social information exchanged between a registrar and
registry might be required to create, manage, or operate Internet or
DNS infrastructure facilities, such as zone files. Such information
is subject to public disclosure per relevant IETF standards.
9. Internationalization Requirements
[1] [RFC1035] describes Internet host and domain names using
characters traditionally found in a subset of the 7-bit US-ASCII
character set. More recent standards, such as [RFC2130] and
[RFC2277], describe the need to develop protocols for an
international Internet. These and other standards MUST be considered
during the protocol design process to ensure world-wide usability of
a generic registry registrar protocol.
[2] The protocol MUST allow exchange of data in formats consistent
with current international agreements for the representation of such
objects. In particular, this means that addresses MUST include
country, that telephone numbers MUST start with the international
prefix "+", and that appropriate thought be given to the usability of
information in both local and international contexts. This means
that some elements (like names and addresses) might need to be
represented multiple times, or formatted for different contexts (for
instance English/French in Canada, or Latin/ideographic in Japan).
[3] All date and time values specified in a generic registry-
registrar protocol MUST be expressed in Universal Coordinated Time.
Dates and times MUST include information to represent a four-digit
calendar year, a calendar month, a calendar day, hours, minutes,
seconds, fractional seconds, and the time zone for Universal
Coordinated Time. Calendars apart from the Gregorian calendar MUST
NOT be used
10. IANA Considerations
This document does not require any action on the part of IANA.
Protocol specifications that require IANA action MUST follow the
guidelines described in [RFC2434].
11. Security Considerations
Security services, including confidentiality, authentication, access
control, integrity, and non-repudiation SHOULD be applied to protect
interactions between registries and registrars as appropriate.
Confidentiality services protect sensitive exchanged information from
inadvertent disclosure. Authentication services confirm the claimed
identity of registries and registrars before engaging in online
transactions. Access control services control access to data and
Hollenbeck Informational [Page 18]
^L
RFC 3375 Generic RRP Requirements September 2002
services based on identity. Integrity services guarantee that
exchanged data has not been altered between the registry and the
registrar. Non-repudiation services provide assurance that the
sender of a transaction can not deny being the source of the
transaction, and that the recipient cannot deny being the receiver of
the transaction.
12. Acknowledgements
This document was originally written as an individual submission
Internet-Draft. The provreg working group later adopted it as a
working group document and provided many invaluable comments and
suggested improvements. The author wishes to acknowledge the efforts
of WG chairs Edward Lewis and Jaap Akkerhuis for their process and
editorial contributions.
Specific comments that helped guide development of this document were
provided by Harald Tveit Alvestrand, Christopher Ambler, Karl
Auerbach, Jorg Bauer, George Belotsky, Eric Brunner-Williams, Jordyn
Buchanan, Randy Bush, Bruce Campbell, Dan Cohen, Andre Cormier, Kent
Crispin, Dave Crocker, Ayesha Damaraju, Lucio De Re, Mats Dufberg,
Peter Eisenhauer, Sheer El-Showk, Urs Eppenberger, Patrik Faltstrom,
Paul George, Patrick Greenwell, Jarle Greipsland, Olivier Guillard,
Alf Hansen, Paul Hoffman, Paul Kane, Shane Kerr, Elmar Knipp, Mike
Lampson, Matt Larson, Ping Lu, Klaus Malorny, Bill Manning, Michael
Mealling, Patrick Mevzek, Peter Mott, Catherine Murphy, Martin
Oldfield, Geva Patz, Elisabeth Porteneuve, Ross Wm. Rader, Budi
Rahardjo, Annie Renard, Scott Rose, Takeshi Saigoh, Marcos Sanz,
Marcel Schneider, J. William Semich, James Seng, Richard Shockey,
Brian Spolarich, William Tan, Stig Venaas, Herbert Vitzthum, and Rick
Wesson.
13. References
Normative References:
[RFC2119] Bradner, S., "Key Words for Use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 2434,
October 1998.
Informative References:
[RFC1035] Mockapetris, P., "Domain Names - Implementation and
Specification", STD 13, RFC 1035, November 1987.
Hollenbeck Informational [Page 19]
^L
RFC 3375 Generic RRP Requirements September 2002
[RFC2130] Weider, C., Preston, C., Simonsen, K., Alvestrand, H.,
Atkinson, R., Cripsin, M. and P. Svanberg, "The Report of
the IAB Character Set Workshop", RFC 2130, April 1997.
[RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
Languages", BCP 18, RFC 2277, January 1998.
14. Editor's Address
Scott Hollenbeck
VeriSign Global Registry Services
21345 Ridgetop Circle
Dulles, VA 20166-6503
USA
EMail: shollenbeck@verisign.com
Hollenbeck Informational [Page 20]
^L
RFC 3375 Generic RRP Requirements September 2002
15. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Hollenbeck Informational [Page 21]
^L
|