Tech-invite3GPPspaceIETF RFCsSIP
929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 5730

Extensible Provisioning Protocol (EPP)

Pages: 67
Internet Standard: 69
Errata
STD 69 is also:  5731573257335734
Obsoletes:  4930
Part 2 of 3 – Pages 19 to 45
First   Prev   Next

Top   ToC   RFC5730 - Page 19   prevText

2.9. Protocol Commands

EPP provides commands to manage sessions, retrieve object information, and perform transformation operations on objects. All EPP commands are atomic and designed so that they can be made idempotent, either succeeding completely or failing completely and producing predictable results in case of repeated executions. This section describes each EPP command, including examples with representative server responses.

2.9.1. Session Management Commands

EPP provides two commands for session management: <login> to establish a session with a server and <logout> to end a session with a server. The <login> command establishes an ongoing server session that preserves client identity and authorization information during the duration of the session.
Top   ToC   RFC5730 - Page 20
2.9.1.1. EPP <login> Command
The EPP <login> command is used to establish a session with an EPP server in response to a greeting issued by the server. A <login> command MUST be sent to a server before any other EPP command to establish an ongoing session. A server operator MAY limit the number of failed login attempts N, 1 <= N <= infinity, after which a login failure results in the connection to the server (if a connection exists) being closed. A client identifier and initial password MUST be created on the server before a client can successfully complete a <login> command. The client identifier and initial password MUST be delivered to the client using an out-of-band method that protects the identifier and password from inadvertent disclosure. In addition to the standard EPP command elements, the <login> command contains the following child elements: - A <clID> element that contains the client identifier assigned to the client by the server. - A <pw> element that contains the client's plain text password. The value of this element is case sensitive. - An OPTIONAL <newPW> element that contains a new plain text password to be assigned to the client for use with subsequent <login> commands. The value of this element is case sensitive. - An <options> element that contains the following child elements: - A <version> element that contains the protocol version to be used for the command or ongoing server session. - A <lang> element that contains the text response language to be used for the command or ongoing server session commands. The values of the <version> and <lang> elements MUST exactly match one of the values presented in the EPP greeting. - A <svcs> element that contains one or more <objURI> elements that contain namespace URIs representing the objects to be managed during the session. The <svcs> element MAY contain an OPTIONAL <svcExtension> element that contains one or more <extURI> elements that identify object extensions to be used during the session.
Top   ToC   RFC5730 - Page 21
   The PLAIN Simple Authentication and Security Layer (SASL) mechanism
   presented in [RFC4616] describes a format for providing a user
   identifier, an authorization identifier, and a password as part of a
   single plain-text string.  The EPP authentication mechanism is
   similar, though EPP does not require a session-level authorization
   identifier and the user identifier and password are separated into
   distinct XML elements.  Additional identification and authorization
   schemes MUST be provided at other protocol layers to provide more
   robust security services.

   Example <login> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <login>
   C:      <clID>ClientX</clID>
   C:      <pw>foo-BAR2</pw>
   C:      <newPW>bar-FOO2</newPW>
   C:      <options>
   C:        <version>1.0</version>
   C:        <lang>en</lang>
   C:      </options>
   C:      <svcs>
   C:        <objURI>urn:ietf:params:xml:ns:obj1</objURI>
   C:        <objURI>urn:ietf:params:xml:ns:obj2</objURI>
   C:        <objURI>urn:ietf:params:xml:ns:obj3</objURI>
   C:        <svcExtension>
   C:          <extURI>http://custom/obj1ext-1.0</extURI>
   C:        </svcExtension>
   C:      </svcs>
   C:    </login>
   C:    <clTRID>ABC-12345</clTRID>
   C:  </command>
   C:</epp>

   When a <login> command has been processed successfully, a server MUST
   respond with an EPP response with no <resData> element.  If
   successful, the server will respond by creating and maintaining a new
   session that SHOULD be terminated by a future <logout> command.

   Example <login> response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
Top   ToC   RFC5730 - Page 22
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <login> command is used to establish a session with an EPP
   server.  A <login> command MUST be rejected if received within the
   bounds of an existing session.  This command MUST be available to all
   clients.

2.9.1.2. EPP <logout> Command
The EPP <logout> command is used to end a session with an EPP server. The <logout> command MUST be represented as an empty element with no child elements. A server MAY end a session due to client inactivity or excessive client-session longevity. The parameters for determining excessive client inactivity or session longevity are a matter of server policy and are not specified by this protocol. Transport mappings MUST explicitly describe any connection-oriented processing that takes place after processing a <logout> command and ending a session. Example <logout> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <logout/> C: <clTRID>ABC-12345</clTRID> C: </command> C:</epp> When a <logout> command has been processed successfully, a server MUST respond with an EPP response with no <resData> element. If successful, the server MUST also end the current session. Example <logout> response: S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S: <response> S: <result code="1500">
Top   ToC   RFC5730 - Page 23
   S:      <msg>Command completed successfully; ending session</msg>
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <logout> command is used to end a session with an EPP server.
   A <logout> command MUST be rejected if the command has not been
   preceded by a successful <login> command.  This command MUST be
   available to all clients.

2.9.2. Query Commands

2.9.2.1. EPP <check> Command
The EPP <check> command is used to determine if an object can be provisioned within a repository. It provides a hint that allows a client to anticipate the success or failure of provisioning an object using the <create> command as object-provisioning requirements are ultimately a matter of server policy. The elements needed to identify an object are object-specific, so the child elements of the <check> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <check> command contains the following child elements: - An object-specific <obj:check> element that identifies the objects to be queried. Multiple objects of the same type MAY be queried within a single <check> command. Example <check> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <check> C: <obj:check xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <obj:name>example1</obj:name> C: <obj:name>example2</obj:name> C: <obj:name>example3</obj:name> C: </obj:check> C: </check> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp>
Top   ToC   RFC5730 - Page 24
   When a <check> command has been processed successfully, a server MUST
   respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific, though the EPP <resData>
   element MUST contain a child <obj:chkData> element that contains one
   or more <obj:cd> (check data) elements.  Each <obj:cd> element
   contains the following child elements:

   -  An object-specific element that identifies the queried object.
      This element MUST contain an "avail" attribute whose value
      indicates object availability (can it be provisioned or not) at
      the moment the <check> command was completed.  A value of "1" or
      "true" means that the object can be provisioned.  A value of "0"
      or "false" means that the object cannot be provisioned.

   -  An OPTIONAL <obj:reason> element that MAY be provided when an
      object cannot be provisioned.  If present, this element contains
      server-specific text to help explain why the object cannot be
      provisioned.  This text MUST be represented in the response
      language previously negotiated with the client; an OPTIONAL "lang"
      attribute MAY be present to identify the language if the
      negotiated value is something other than the default value of "en"
      (English).

   Example <check> response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:chkData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:cd>
   S:          <obj:name avail="1">example1</obj:name>
   S:        </obj:cd>
   S:        <obj:cd>
   S:          <obj:name avail="0">example2</obj:name>
   S:          <obj:reason>In use</obj:reason>
   S:        </obj:cd>
   S:        <obj:cd>
   S:          <obj:name avail="1">example3</obj:name>
   S:        </obj:cd>
   S:      </obj:chkData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
Top   ToC   RFC5730 - Page 25
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <check> command is used to determine if an object can be
   provisioned within a repository.  This action MUST be open to all
   authorized clients.

2.9.2.2. EPP <info> Command
The EPP <info> command is used to retrieve information associated with an existing object. The elements needed to identify an object and the type of information associated with an object are both object-specific, so the child elements of the <info> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <info> command contains the following child elements: - An object-specific <obj:info> element that identifies the object to be queried. Example <info> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <info> C: <obj:info xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:info> C: </info> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When an <info> command has been processed successfully, a server MUST respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace and the Repository Object IDentifier (ROID) that was assigned to the object when the object was created. Other child elements of the <resData> element are object-specific. Example <info> response: S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S: <response>
Top   ToC   RFC5730 - Page 26
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:infData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:roid>EXAMPLE1-REP</obj:roid>
   S:        <!-- Object-specific elements. -->
   S:      </obj:infData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <info> command is used to retrieve information associated
   with an existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.

2.9.2.3. EPP <poll> Command
The EPP <poll> command is used to discover and retrieve service messages queued by a server for individual clients. If the message queue is not empty, a successful response to a <poll> command MUST return the first message from the message queue. Each response returned from the server includes a server-unique message identifier that MUST be provided to acknowledge receipt of the message, and a counter that indicates the number of messages in the queue. After a message has been received by the client, the client MUST respond to the message with an explicit acknowledgement to confirm that the message has been received. A server MUST dequeue the message and decrement the queue counter after receiving acknowledgement from the client, making the next message in the queue (if any) available for retrieval. Servers can occasionally perform actions on objects that are not in direct response to a client request, or an action taken by one client can indirectly involve a second client. Examples of such actions include deletion upon expiration, automatic renewal upon expiration, and transfer coordination; other types of service information MAY be defined as a matter of server policy. Service messages SHOULD be created for passive clients affected by an action on an object. Service messages MAY also be created for active clients that request an action on an object, though such messages MUST NOT replace the normal protocol response to the request. For example, <transfer> actions SHOULD be reported to the client that has the authority to
Top   ToC   RFC5730 - Page 27
   approve or reject a transfer request.  Other methods of server-client
   action notification, such as offline reporting, are also possible and
   are beyond the scope of this specification.

   Message queues can consume server resources if clients do not
   retrieve and acknowledge messages on a regular basis.  Servers MAY
   implement other mechanisms to dequeue and deliver messages if queue
   maintenance needs exceed server resource consumption limits.  Server
   operators SHOULD consider time-sensitivity and resource management
   factors when selecting a delivery method for service information
   because some message types can be reasonably delivered using non-
   protocol methods that require fewer server resources.

   Some of the information returned in response to a <poll> command can
   be object-specific, so some child elements of the <poll> response MAY
   be specified using the EPP extension framework.  The <poll> command
   MUST be represented as an empty element with no child elements.  An
   "op" attribute with value "req" is REQUIRED to retrieve the first
   message from the server message queue.  An "op" attribute (with value
   "ack") and a "msgID" attribute (whose value corresponds to the value
   of the "id" attribute copied from the <msg> element in the message
   being acknowledged) are REQUIRED to acknowledge receipt of a message.

   Example <poll> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <poll op="req"/>
   C:    <clTRID>ABC-12345</clTRID>
   C:  </command>
   C:</epp>

   The returned result code notes that a message has been dequeued and
   returned in response to a <poll> command.

   Example <poll> response with object-specific information:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1301">
   S:      <msg>Command completed successfully; ack to dequeue</msg>
   S:    </result>
   S:    <msgQ count="5" id="12345">
   S:      <qDate>2000-06-08T22:00:00.0Z</qDate>
   S:      <msg>Transfer requested.</msg>
   S:    </msgQ>
Top   ToC   RFC5730 - Page 28
   S:    <resData>
   S:      <obj:trnData
   S:       xmlns:obj="urn:ietf:params:xml:ns:obj-1.0">
   S:        <obj:name>example.com</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   A client MUST acknowledge each response to dequeue the message and
   make subsequent messages available for retrieval.

   Example <poll> acknowledgement command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <poll op="ack" msgID="12345"/>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   A <poll> acknowledgement response notes the ID of the message that
   has been acknowledged and the number of messages remaining in the
   queue.

   Example <poll> acknowledgement response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <msgQ count="4" id="12345"/>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
Top   ToC   RFC5730 - Page 29
   S:    </trID>
   S:  </response>
   S:</epp>

   Service messages can also be returned without object information.

   Example <poll> response with mixed message content and without
   object-specific information:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1301">
   S:      <msg>Command completed successfully; ack to dequeue</msg>
   S:    </result>
   S:    <msgQ count="4" id="12346">
   S:      <qDate>2000-06-08T22:10:00.0Z</qDate>
   S:      <msg lang="en">Credit balance low.
   S:        <limit>100</limit><bal>5</bal>
   S:      </msg>
   S:    </msgQ>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The returned result code and message is used to note an empty server
   message queue.

   Example <poll> response to note an empty message queue:

      S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
      S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
      S:  <response>
      S:    <result code="1300">
      S:      <msg>Command completed successfully; no messages</msg>
      S:    </result>
      S:    <trID>
      S:      <clTRID>ABC-12346</clTRID>
      S:      <svTRID>54321-XYZ</svTRID>
      S:    </trID>
      S:  </response>
      S:</epp>
Top   ToC   RFC5730 - Page 30
   The EPP <poll> command is used to discover and retrieve client
   service messages from a server.  This action SHOULD be limited to
   authorized clients; queuing service messages and limiting queue
   access on a per-client basis is RECOMMENDED.

2.9.2.4. EPP <transfer> Query Command
The EPP <transfer> command provides a query operation that allows a client to determine real-time status of pending and completed transfer requests. The elements needed to identify an object that is the subject of a transfer request are object-specific, so the child elements of the <transfer> query command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <transfer> command contains an "op" attribute with value "query" and the following child elements: - An object-specific <obj:transfer> element that identifies the object whose transfer status is requested. Transfer status is typically considered sensitive information by the clients involved in the operation. Object mappings MUST provide features to restrict transfer queries to authorized clients, such as by requiring authorization information as part of the request. Example <transfer> query command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <transfer op="query"> C: <obj:transfer xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:transfer> C: </transfer> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When a <transfer> query command has been processed successfully, a server MUST respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace. The child elements of the <resData> element are object-specific, but they MUST include elements that identify the object, the status of the transfer, the identifier of the client that requested the transfer, the date and time that the request was made, the identifier of the client that is authorized to act on the request, the date and time by
Top   ToC   RFC5730 - Page 31
   which an action is expected, and an OPTIONAL date and time noting
   changes in the object's validity period (if applicable) that occur as
   a result of the transfer.

   Example <transfer> query response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:trnData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:name>example</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <transfer> command provides a query operation that allows a
   client to determine real-time status of pending and completed
   transfer requests.  This action SHOULD be limited to authorized
   clients; restricting queries to the requesting and responding clients
   is RECOMMENDED.  Object transfer MAY be unavailable or limited by
   object-specific policies.

2.9.3. Object Transform Commands

EPP provides five commands to transform objects: <create> to create an instance of an object with a server, <delete> to remove an instance of an object from a server, <renew> to extend the validity period of an object, <transfer> to manage changes in client sponsorship of an object, and <update> to change information associated with an object.
Top   ToC   RFC5730 - Page 32
2.9.3.1. EPP <create> Command
The EPP <create> command is used to create an instance of an object. An object can be created for an indefinite period of time, or an object can be created for a specific validity period. The EPP mapping for an object MUST describe the status of an object with respect to time in order to include expected client and server behavior if a validity period is used. The elements needed to identify an object and associated attributes are object-specific, so the child elements of the <create> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <create> command contains the following child elements: - An object-specific <obj:create> element that identifies the object to be created and the elements that are required to create the object. Example <create> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <create> C: <obj:create xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:create> C: </create> C: <clTRID>ABC-12345</clTRID> C: </command> C:</epp> When a <create> command has been processed successfully, a server MAY respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace. The child elements of the <resData> element are object-specific. Example <create> response with <resData>: S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S: <response> S: <result code="1000"> S: <msg>Command completed successfully</msg> S: </result> S: <resData> S: <obj:creData xmlns:obj="urn:ietf:params:xml:ns:obj">
Top   ToC   RFC5730 - Page 33
   S:        <!-- Object-specific elements. -->
   S:      </obj:creData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <create> command is used to create an instance of an object.
   This action SHOULD be limited to authorized clients and MAY be
   restricted on a per-client basis.

2.9.3.2. EPP <delete> Command
The EPP <delete> command is used to remove an instance of an existing object. The elements needed to identify an object are object- specific, so the child elements of the <delete> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <delete> command contains the following child elements: - An object-specific <obj:delete> element that identifies the object to be deleted. Example <delete> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <delete> C: <obj:delete xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:delete> C: </delete> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When a <delete> command has been processed successfully, a server MAY respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace. The child elements of the <resData> element are object-specific.
Top   ToC   RFC5730 - Page 34
   Example <delete> response without <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <delete> command is used to remove an instance of an existing
   object.  This action SHOULD be limited to authorized clients;
   restricting this action to the sponsoring client is RECOMMENDED.

2.9.3.3. EPP <renew> Command
The EPP <renew> command is used to extend the validity period of an existing object. The elements needed to identify and extend the validity period of an object are object-specific, so the child elements of the <renew> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <renew> command contains the following child elements: - An object-specific <obj:renew> element that identifies the object to be renewed and the elements that are required to extend the validity period of the object. Example <renew> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <renew> C: <obj:renew xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:renew> C: </renew> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp>
Top   ToC   RFC5730 - Page 35
   When a <renew> command has been processed successfully, a server MAY
   respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific.

   Example <renew> response with <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:renData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <!-- Object-specific elements. -->
   S:      </obj:renData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <renew> command is used to extend the validity period of an
   existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.  Object renewal MAY be unavailable or limited by object-
   specific policies.

2.9.3.4. EPP <transfer> Command
The EPP <transfer> command is used to manage changes in client sponsorship of an existing object. Clients can initiate a transfer request, cancel a transfer request, approve a transfer request, and reject a transfer request using the "op" command attribute. A client who wishes to assume sponsorship of a known object from another client uses the <transfer> command with the value of the "op" attribute set to "request". Once a transfer has been requested, the same client can cancel the request using a <transfer> command with the value of the "op" attribute set to "cancel". A request to cancel the transfer MUST be sent to the server before the current sponsoring client either approves or rejects the transfer request and before the server automatically processes the request due to responding client inactivity.
Top   ToC   RFC5730 - Page 36
   Once a transfer request has been received by the server, the server
   MUST notify the current sponsoring client of the requested transfer
   either by queuing a service message for retrieval via the <poll>
   command or by using an out-of-band mechanism to inform the client of
   the request.  The current status of a pending <transfer> command for
   any object can be found using the <transfer> query command.  Transfer
   service messages MUST include the object-specific elements specified
   for <transfer> command responses.

   The current sponsoring client MAY explicitly approve or reject the
   transfer request.  The client can approve the request using a
   <transfer> command with the value of the "op" attribute set to
   "approve".  The client can reject the request using a <transfer>
   command with the value of the "op" attribute set to "reject".

   A server MAY automatically approve or reject all transfer requests
   that are not explicitly approved or rejected by the current
   sponsoring client within a fixed amount of time.  The amount of time
   to wait for explicit action and the default server behavior are local
   matters not specified by EPP, but they SHOULD be documented in a
   server-specific profile document that describes default server
   behavior for client information.

   Objects eligible for transfer MUST have associated authorization
   information that MUST be provided to complete a <transfer> command.
   The type of authorization information required is object-specific;
   passwords or more complex mechanisms based on public key cryptography
   are typical.

   The elements needed to identify and complete the transfer of an
   object are object-specific, so the child elements of the <transfer>
   command are specified using the EPP extension framework.  In addition
   to the standard EPP command elements, the <transfer> command contains
   the following child elements:

   -  An object-specific <obj:transfer> element that identifies the
      object to be transferred and the elements that are required to
      process the transfer command.

   Example <transfer> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <transfer op="request">
   C:      <obj:transfer xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:transfer>
Top   ToC   RFC5730 - Page 37
   C:    </transfer>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When a <transfer> command has been processed successfully, a server
   MUST respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific, but they MUST include
   elements that identify the object, the status of the transfer, the
   identifier of the client that requested the transfer, the date and
   time that the request was made, the identifier of the client that is
   authorized to act on the request, the date and time by which an
   action is expected, and an OPTIONAL date and time noting changes in
   the object's validity period (if applicable) that occur as a result
   of the transfer.

   Example <transfer> response with <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1001">
   S:      <msg>Command completed successfully; action pending</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:trnData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:name>example</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <transfer> command is used to manage changes in client
   sponsorship of an existing object.  This action SHOULD be limited to
   authorized clients; restricting <transfer> requests to a client other
   than the current sponsoring client, <transfer> approval requests to
Top   ToC   RFC5730 - Page 38
   the current sponsoring client, and <transfer> cancellation requests
   to the original requesting client is RECOMMENDED.  Object transfer
   MAY be unavailable or limited by object-specific policies.

2.9.3.5. EPP <update> Command
The EPP <update> command is used to change information associated with an existing object. The elements needed to identify and modify an object are object-specific, so the child elements of the <update> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <update> command contains the following child elements: - An object-specific <obj:update> element that identifies the object to be updated and the elements that are required to modify the object. Object-specific elements MUST identify values to be added, values to be removed, or values to be changed. Example <update> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <update> C: <obj:update xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:update> C: </update> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When an <update> command has been processed successfully, a server MAY respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace. The child elements of the <resData> element are object-specific. Example <update> response without <resData>: S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S: <response> S: <result code="1000"> S: <msg>Command completed successfully</msg> S: </result> S: <trID> S: <clTRID>ABC-12346</clTRID> S: <svTRID>54322-XYZ</svTRID>
Top   ToC   RFC5730 - Page 39
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <update> command is used to change information associated
   with an existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.

3. Result Codes

EPP result codes are based on the theory of reply codes described in section 4.2.1 of [RFC5321]. EPP uses four decimal digits to describe the success or failure of each EPP command. Each of the digits of the reply have special significance. The first digit denotes command success or failure. The second digit denotes the response category, such as command syntax or security. The third and fourth digits provide explicit response detail within each response category. There are two values for the first digit of the reply code: 1yzz Positive completion reply. The command was accepted and processed by the system without error. 2yzz Negative completion reply. The command was not accepted, and the requested action did not occur. The second digit groups responses into one of six specific categories: x0zz Protocol Syntax x1zz Implementation-specific Rules x2zz Security x3zz Data Management x4zz Server System x5zz Connection Management The third and fourth digits provide response detail within the categories defined by the first and second digits. The complete list of valid result codes is enumerated below and in the normative schema.
Top   ToC   RFC5730 - Page 40
   Every EPP response MUST include a result code and a human-readable
   description of the result code.  The language used to represent the
   description MAY be identified using an instance of the "lang"
   attribute within the <msg> element.  If not specified, the default
   language is English, identified as "en".  A description of the
   structure of valid values for the "lang" attribute is described in
   [RFC4646].

   Response text MAY be translated into other languages, though the
   translation MUST preserve the meaning of the code as described here.
   Response code values MUST NOT be changed when translating text.

   Response text in the table below is enclosed in quotes to clearly
   mark the beginning and ending of each response string.  Quotes MUST
   NOT be used to delimit these strings when returning response text via
   the protocol.

   Successful command completion responses:

      Code    Response text in English

      ____    ________________________

      1000    "Command completed successfully"

              This is the usual response code for a successfully
              completed command that is not addressed by any other
              1xxx-series response code.

      1001    "Command completed successfully; action pending"

              This response code MUST be returned when responding to a
              command that requires offline activity before the
              requested action can be completed.  See Section 2 for a
              description of other processing requirements.

      1300    "Command completed successfully; no messages"

              This response code MUST be returned when responding to a
              <poll> request command and the server message queue is
              empty.

      1301    "Command completed successfully; ack to dequeue"

              This response code MUST be returned when responding to a
              <poll> request command and a message has been retrieved
              from the server message queue.
Top   ToC   RFC5730 - Page 41
      1500    "Command completed successfully; ending session"

              This response code MUST be returned when responding to a
              successful <logout> command.

   Command error responses:

      Code    Response text in English

      ____    ________________________

      2000    "Unknown command"

              This response code MUST be returned when a server receives
              a command element that is not defined by EPP.

      2001    "Command syntax error"

              This response code MUST be returned when a server receives
              an improperly formed command element.

      2002    "Command use error"

              This response code MUST be returned when a server receives
              a properly formed command element but the command cannot
              be executed due to a sequencing or context error.  For
              example, a <logout> command cannot be executed without
              having first completed a <login> command.

      2003    "Required parameter missing"

              This response code MUST be returned when a server receives
              a command for which a required parameter value has not
              been provided.

      2004    "Parameter value range error"

              This response code MUST be returned when a server receives
              a command parameter whose value is outside the range of
              values specified by the protocol.  The error value SHOULD
              be returned via a <value> element in the EPP response.

      2005    "Parameter value syntax error"

              This response code MUST be returned when a server receives
              a command containing a parameter whose value is improperly
              formed.  The error value SHOULD be returned via a <value>
              element in the EPP response.
Top   ToC   RFC5730 - Page 42
      2100    "Unimplemented protocol version"

              This response code MUST be returned when a server receives
              a command element specifying a protocol version that is
              not implemented by the server.

      2101    "Unimplemented command"

              This response code MUST be returned when a server receives
              a valid EPP command element that is not implemented by the
              server.  For example, a <transfer> command can be
              unimplemented for certain object types.

      2102    "Unimplemented option"

              This response code MUST be returned when a server receives
              a valid EPP command element that contains a protocol
              option that is not implemented by the server.

      2103    "Unimplemented extension"

              This response code MUST be returned when a server receives
              a valid EPP command element that contains a protocol
              command extension that is not implemented by the server.

      2104    "Billing failure"

              This response code MUST be returned when a server attempts
              to execute a billable operation and the command cannot be
              completed due to a client-billing failure.

      2105    "Object is not eligible for renewal"

              This response code MUST be returned when a client attempts
              to <renew> an object that is not eligible for renewal in
              accordance with server policy.

      2106    "Object is not eligible for transfer"

              This response code MUST be returned when a client attempts
              to <transfer> an object that is not eligible for transfer
              in accordance with server policy.

      2200    "Authentication error"

              This response code MUST be returned when a server notes an
              error when validating client credentials.
Top   ToC   RFC5730 - Page 43
      2201    "Authorization error"

              This response code MUST be returned when a server notes a
              client-authorization error when executing a command.  This
              error is used to note that a client lacks privileges to
              execute the requested command.

      2202    "Invalid authorization information"

              This response code MUST be returned when a server receives
              invalid command authorization information when attempting
              to confirm authorization to execute a command.  This error
              is used to note that a client has the privileges required
              to execute the requested command, but the authorization
              information provided by the client does not match the
              authorization information archived by the server.

      2300    "Object pending transfer"

              This response code MUST be returned when a server receives
              a command to transfer of an object that is pending
              transfer due to an earlier transfer request.

      2301    "Object not pending transfer"

              This response code MUST be returned when a server receives
              a command to confirm, reject, or cancel the transfer of an
              object when no command has been made to transfer the
              object.

      2302    "Object exists"

              This response code MUST be returned when a server receives
              a command to create an object that already exists in the
              repository.

      2303    "Object does not exist"

              This response code MUST be returned when a server receives
              a command to query or transform an object that does not
              exist in the repository.

      2304    "Object status prohibits operation"

              This response code MUST be returned when a server receives
              a command to transform an object that cannot be completed
              due to server policy or business practices.  For example,
              a server can disallow <transfer> commands under terms and
Top   ToC   RFC5730 - Page 44
              conditions that are matters of local policy, or the server
              might have received a <delete> command for an object whose
              status prohibits deletion.

      2305    "Object association prohibits operation"

              This response code MUST be returned when a server receives
              a command to transform an object that cannot be completed
              due to dependencies on other objects that are associated
              with the target object.  For example, a server can
              disallow <delete> commands while an object has active
              associations with other objects.

      2306    "Parameter value policy error"

              This response code MUST be returned when a server receives
              a command containing a parameter value that is
              syntactically valid but semantically invalid due to local
              policy.  For example, the server can support a subset of a
              range of valid protocol parameter values.  The error value
              SHOULD be returned via a <value> element in the EPP
              response.

      2307    "Unimplemented object service"

              This response code MUST be returned when a server receives
              a command to operate on an object service that is not
              supported by the server.

      2308    "Data management policy violation"

              This response code MUST be returned when a server receives
              a command whose execution results in a violation of server
              data management policies.  For example, removing all
              attribute values or object associations from an object
              might be a violation of a server's data management
              policies.

      2400    "Command failed"

              This response code MUST be returned when a server is
              unable to execute a command due to an internal server
              error that is not related to the protocol.  The failure
              can be transient.  The server MUST keep any ongoing
              session active.
Top   ToC   RFC5730 - Page 45
      2500    "Command failed; server closing connection"

              This response code MUST be returned when a server receives
              a command that cannot be completed due to an internal
              server error that is not related to the protocol.  The
              failure is not transient and will cause other commands to
              fail as well.  The server MUST end the active session and
              close the existing connection.

      2501    "Authentication error; server closing connection"

              This response code MUST be returned when a server notes an
              error when validating client credentials and a
              server-defined limit on the number of allowable failures
              has been exceeded.  The server MUST close the existing
              connection.

      2502    "Session limit exceeded; server closing connection"

              This response code MUST be returned when a server receives
              a <login> command and the command cannot be completed
              because the client has exceeded a system-defined limit on
              the number of sessions that the client can establish.  It
              might be possible to establish a session by ending
              existing unused sessions and closing inactive connections.



(page 45 continued on part 3)

Next Section