draft-ietf-regext-allocation-token-08.txt   draft-ietf-regext-allocation-token-09.txt 
Network Working Group J. Gould Network Working Group J. Gould
Internet-Draft VeriSign, Inc. Internet-Draft VeriSign, Inc.
Intended status: Standards Track K. Feher Intended status: Standards Track K. Feher
Expires: November 17, 2018 Neustar Expires: February 4, 2019 Neustar
May 16, 2018 August 3, 2018
Allocation Token Extension for the Extensible Provisioning Protocol Allocation Token Extension for the Extensible Provisioning Protocol
(EPP) (EPP)
draft-ietf-regext-allocation-token-08 draft-ietf-regext-allocation-token-09
Abstract Abstract
This document describes an Extensible Provisioning Protocol (EPP) This document describes an Extensible Provisioning Protocol (EPP)
extension for including an Allocation Token in query and transform extension for including an Allocation Token in "query" and
commands. The Allocation Token is used as a credential that "transform" commands. The Allocation Token is used as a credential
authorizes a client to request the allocation of a specific object that authorizes a client to request the allocation of a specific
from the server, using one of the EPP transform commands including object from the server, using one of the EPP transform commands
create and transfer. including create and transfer.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 17, 2018. This Internet-Draft will expire on February 4, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 16 skipping to change at page 2, line 16
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Conventions Used in This Document . . . . . . . . . . . . 3 1.1. Conventions Used in This Document . . . . . . . . . . . . 3
2. Object Attributes . . . . . . . . . . . . . . . . . . . . . . 4 2. Object Attributes . . . . . . . . . . . . . . . . . . . . . . 4
2.1. Allocation Token . . . . . . . . . . . . . . . . . . . . 4 2.1. Allocation Token . . . . . . . . . . . . . . . . . . . . 4
3. EPP Command Mapping . . . . . . . . . . . . . . . . . . . . . 4 3. EPP Command Mapping . . . . . . . . . . . . . . . . . . . . . 4
3.1. EPP Query Commands . . . . . . . . . . . . . . . . . . . 4 3.1. EPP Query Commands . . . . . . . . . . . . . . . . . . . 4
3.1.1. EPP <check> Command . . . . . . . . . . . . . . . . . 4 3.1.1. EPP <check> Command . . . . . . . . . . . . . . . . . 5
3.1.2. EPP <info> Command . . . . . . . . . . . . . . . . . 8 3.1.2. EPP <info> Command . . . . . . . . . . . . . . . . . 8
3.1.3. EPP <transfer> Query Command . . . . . . . . . . . . 10 3.1.3. EPP <transfer> Query Command . . . . . . . . . . . . 10
3.2. EPP Transform Commands . . . . . . . . . . . . . . . . . 11 3.2. EPP Transform Commands . . . . . . . . . . . . . . . . . 11
3.2.1. EPP <create> Command . . . . . . . . . . . . . . . . 11 3.2.1. EPP <create> Command . . . . . . . . . . . . . . . . 11
3.2.2. EPP <delete> Command . . . . . . . . . . . . . . . . 12 3.2.2. EPP <delete> Command . . . . . . . . . . . . . . . . 12
3.2.3. EPP <renew> Command . . . . . . . . . . . . . . . . . 12 3.2.3. EPP <renew> Command . . . . . . . . . . . . . . . . . 12
3.2.4. EPP <transfer> Command . . . . . . . . . . . . . . . 12 3.2.4. EPP <transfer> Command . . . . . . . . . . . . . . . 12
3.2.5. EPP <update> Command . . . . . . . . . . . . . . . . 13 3.2.5. EPP <update> Command . . . . . . . . . . . . . . . . 13
4. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 14 4. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 14
4.1. Allocation Token Extension Schema . . . . . . . . . . . . 14 4.1. Allocation Token Extension Schema . . . . . . . . . . . . 14
skipping to change at page 2, line 40 skipping to change at page 2, line 40
6. Implementation Status . . . . . . . . . . . . . . . . . . . . 15 6. Implementation Status . . . . . . . . . . . . . . . . . . . . 15
6.1. Verisign EPP SDK . . . . . . . . . . . . . . . . . . . . 16 6.1. Verisign EPP SDK . . . . . . . . . . . . . . . . . . . . 16
6.2. Neustar EPP SDK . . . . . . . . . . . . . . . . . . . . . 16 6.2. Neustar EPP SDK . . . . . . . . . . . . . . . . . . . . . 16
6.3. Neustar gTLD SRS . . . . . . . . . . . . . . . . . . . . 17 6.3. Neustar gTLD SRS . . . . . . . . . . . . . . . . . . . . 17
6.4. Net::DRI . . . . . . . . . . . . . . . . . . . . . . . . 17 6.4. Net::DRI . . . . . . . . . . . . . . . . . . . . . . . . 17
7. Security Considerations . . . . . . . . . . . . . . . . . . . 18 7. Security Considerations . . . . . . . . . . . . . . . . . . . 18
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 18
9.1. Normative References . . . . . . . . . . . . . . . . . . 18 9.1. Normative References . . . . . . . . . . . . . . . . . . 18
9.2. Informative References . . . . . . . . . . . . . . . . . 19 9.2. Informative References . . . . . . . . . . . . . . . . . 19
9.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Appendix A. Change History . . . . . . . . . . . . . . . . . . . 19 Appendix A. Change History . . . . . . . . . . . . . . . . . . . 19
A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 19 A.1. Change from 00 to 01 . . . . . . . . . . . . . . . . . . 19
A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 19 A.2. Change from 01 to 02 . . . . . . . . . . . . . . . . . . 20
A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 19 A.3. Change from 02 to 03 . . . . . . . . . . . . . . . . . . 20
A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 19 A.4. Change from 03 to 04 . . . . . . . . . . . . . . . . . . 20
A.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 20 A.5. Change from 04 to REGEXT 00 . . . . . . . . . . . . . . . 20
A.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 20 A.6. Change from REGEXT 00 to REGEXT 01 . . . . . . . . . . . 20
A.7. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 20 A.7. Change from REGEXT 01 to REGEXT 02 . . . . . . . . . . . 20
A.8. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 20 A.8. Change from REGEXT 02 to REGEXT 03 . . . . . . . . . . . 20
A.9. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 20 A.9. Change from REGEXT 03 to REGEXT 04 . . . . . . . . . . . 20
A.10. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 20 A.10. Change from REGEXT 04 to REGEXT 05 . . . . . . . . . . . 20
A.11. Change from REGEXT 05 to REGEXT 06 . . . . . . . . . . . 20 A.11. Change from REGEXT 05 to REGEXT 06 . . . . . . . . . . . 21
A.12. Change from REGEXT 06 to REGEXT 07 . . . . . . . . . . . 22 A.12. Change from REGEXT 06 to REGEXT 07 . . . . . . . . . . . 22
A.13. Change from REGEXT 07 to REGEXT 08 . . . . . . . . . . . 22 A.13. Change from REGEXT 07 to REGEXT 08 . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22 A.14. Change from REGEXT 08 to REGEXT 09 . . . . . . . . . . . 23
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23
1. Introduction 1. Introduction
This document describes an extension mapping for version 1.0 of the This document describes an extension mapping for version 1.0 of the
Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an
extension to EPP object mappings like the EPP domain name mapping extension to EPP object mappings like the EPP domain name mapping
[RFC5731], supports passing an Allocation Token as a credential that [RFC5731], supports passing an Allocation Token as a credential that
authorizes a client to request the allocation of a specific object authorizes a client to request the allocation of a specific object
from the server, using one of the EPP transform commands including from the server, using one of the EPP transform commands including
create and transfer. create and transfer.
skipping to change at page 3, line 37 skipping to change at page 3, line 39
A client MUST pass an Allocation Token known to the server to be A client MUST pass an Allocation Token known to the server to be
authorized to use one of the supported EPP transform commands. It is authorized to use one of the supported EPP transform commands. It is
up to server policy which EPP transform commands and which objects up to server policy which EPP transform commands and which objects
require the Allocation Token. The Allocation Token MAY be returned require the Allocation Token. The Allocation Token MAY be returned
to an authorized client for passing out-of-band to a client that uses to an authorized client for passing out-of-band to a client that uses
it with an EPP transform command. it with an EPP transform command.
1.1. Conventions Used in This Document 1.1. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in RFC 2119 [RFC2119]. "OPTIONAL" in this document are to be interpreted as described in BCP
14 [1] [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
XML is case sensitive. Unless stated otherwise, XML specifications XML is case sensitive. Unless stated otherwise, XML specifications
and examples provided in this document MUST be interpreted in the and examples provided in this document MUST be interpreted in the
character case presented in order to develop a conforming character case presented in order to develop a conforming
implementation. implementation.
In examples, "C:" represents lines sent by a protocol client and "S:" In examples, "C:" represents lines sent by a protocol client and "S:"
represents lines returned by a protocol server. Indentation and represents lines returned by a protocol server. Indentation and
white space in examples are provided only to illustrate element white space in examples are provided only to illustrate element
relationships and are not a REQUIRED feature of this protocol. relationships and are not a REQUIRED feature of this protocol.
"allocationToken-1.0" is used as an abbreviation for The XML namespace prefix "allocationToken" is used for the namespace
"urn:ietf:params:xml:ns:allocationToken-1.0". The XML namespace "urn:ietf:params:xml:ns:allocationToken-1.0", but implementations
prefix "allocationToken" is used, but implementations MUST NOT depend MUST NOT depend on it and instead employ a proper namespace-aware XML
on it and instead employ a proper namespace-aware XML parser and parser and serializer to interpret and output the XML documents.
serializer to interpret and output the XML documents.
2. Object Attributes 2. Object Attributes
This extension adds additional elements to EPP object mappings like This extension adds additional elements to EPP object mappings like
the EPP domain name mapping [RFC5731]. Only those new elements are the EPP domain name mapping [RFC5731]. Only those new elements are
described here. described here.
2.1. Allocation Token 2.1. Allocation Token
The Allocation Token is a simple XML "token" type. The exact format The Allocation Token is a simple XML "token" type. The exact format
of the Allocation Token is up to server policy. The server MUST have of the Allocation Token is up to server policy. The server MAY have
the Allocation Token for each object to match against the Allocation the Allocation Token for each object to match against the Allocation
Token passed by the client to authorize the allocation of the object. Token passed by the client to authorize the allocation of the object.
The <allocationToken:allocationToken> element is used for all of the The <allocationToken:allocationToken> element is used for all of the
supported EPP commands as well as the info response. If the supported EPP commands as well as the info response. If the
Allocation Token passed to the server does not apply to the object, Allocation Token passed to the server does not apply to the object,
the server MUST return an EPP error result code of 2201. the server MUST return an EPP error result code of 2201.
An example <allocationToken:allocationToken> element with value of An example <allocationToken:allocationToken> element with value of
"abc123": "abc123":
skipping to change at page 4, line 50 skipping to change at page 5, line 10
EPP provides three commands to retrieve object information: <check> EPP provides three commands to retrieve object information: <check>
to determine if an object can be provisioned, <info> to retrieve to determine if an object can be provisioned, <info> to retrieve
information associated with an object, and <transfer> to retrieve information associated with an object, and <transfer> to retrieve
object transfer status information. object transfer status information.
3.1.1. EPP <check> Command 3.1.1. EPP <check> Command
This extension defines additional elements to extend the EPP <check> This extension defines additional elements to extend the EPP <check>
command of an object mapping like [RFC5731]. command of an object mapping like [RFC5731].
This extension allow clients to check the availability of an object This extension allows clients to check the availability of an object
with an Allocation Token, as described in Section 2.1. Clients can with an Allocation Token, as described in Section 2.1. Clients can
check if an object can be created using the Allocation Token. The check if an object can be created using the Allocation Token. The
Allocation Token is applied to all object names included in the EPP Allocation Token is applied to all object names included in the EPP
<check> command. <check> command.
Example <check> command for the example.tld domain name using the Example <check> command for the allocation.example domain name using
<allocationToken:allocationToken> extension with the allocation token the <allocationToken:allocationToken> extension with the allocation
of 'abc123': token of 'abc123':
C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
C: <command> C: <command>
C: <check> C: <check>
C: <domain:check C: <domain:check
C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
C: <domain:name>example.tld</domain:name> C: <domain:name>allocation.example</domain:name>
C: </domain:check> C: </domain:check>
C: </check> C: </check>
C: <extension> C: <extension>
C: <allocationToken:allocationToken C: <allocationToken:allocationToken
C: xmlns:allocationToken= C: xmlns:allocationToken=
C: "urn:ietf:params:xml:ns:allocationToken-1.0"> C: "urn:ietf:params:xml:ns:allocationToken-1.0">
C: abc123 C: abc123
C: </allocationToken:allocationToken> C: </allocationToken:allocationToken>
C: </extension> C: </extension>
C: <clTRID>ABC-12345</clTRID> C: <clTRID>ABC-12345</clTRID>
skipping to change at page 6, line 18 skipping to change at page 6, line 20
S:<?xml version="1.0" encoding="UTF-8"?> S:<?xml version="1.0" encoding="UTF-8"?>
S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
S: <response> S: <response>
S: <result code="1000"> S: <result code="1000">
S: <msg lang="en-US">Command completed successfully</msg> S: <msg lang="en-US">Command completed successfully</msg>
S: </result> S: </result>
S: <resData> S: <resData>
S: <domain:chkData S: <domain:chkData
S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
S: <domain:cd> S: <domain:cd>
S: <domain:name avail="0">example.tld</domain:name> S: <domain:name avail="0">allocation.example</domain:name>
S: <domain:reason>Allocation Token mismatch</domain:reason> S: <domain:reason>Allocation Token mismatch</domain:reason>
S: </domain:cd> S: </domain:cd>
S: </domain:chkData> S: </domain:chkData>
S: </resData> S: </resData>
S: <trID> S: <trID>
S: <clTRID>ABC-DEF-12345</clTRID> S: <clTRID>ABC-DEF-12345</clTRID>
S: <svTRID>54321-XYZ</svTRID> S: <svTRID>54321-XYZ</svTRID>
S: </trID> S: </trID>
S: </response> S: </response>
S:</epp> S:</epp>
Example <check> command with the <allocationToken:allocationToken> Example <check> command with the <allocationToken:allocationToken>
extension for the example.tld and example2.tld domain names. extension for the allocation.example and allocation2.example domain
Availability of example.tld and example2.tld domain names are based names. Availability of allocation.example and allocation2.example
on the Allocation Token 'abc123': domain names are based on the Allocation Token 'abc123':
C:<?xml version="1.0" encoding="UTF-8"?> C:<?xml version="1.0" encoding="UTF-8"?>
C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
C: <command> C: <command>
C: <check> C: <check>
C: <domain:check C: <domain:check
C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
C: <domain:name>example.tld</domain:name> C: <domain:name>allocation.example</domain:name>
C: <domain:name>example2.tld</domain:name> C: <domain:name>allocation2.example</domain:name>
C: </domain:check> C: </domain:check>
C: </check> C: </check>
C: <extension> C: <extension>
C: <allocationToken:allocationToken C: <allocationToken:allocationToken
C: xmlns:allocationToken= C: xmlns:allocationToken=
C: "urn:ietf:params:xml:ns:allocationToken-1.0"> C: "urn:ietf:params:xml:ns:allocationToken-1.0">
C: abc123 C: abc123
C: </allocationToken:allocationToken> C: </allocationToken:allocationToken>
C: </extension> C: </extension>
C: <clTRID>ABC-DEF-12345</clTRID> C: <clTRID>ABC-DEF-12345</clTRID>
skipping to change at page 8, line 18 skipping to change at page 8, line 18
S:<?xml version="1.0" encoding="UTF-8"?> S:<?xml version="1.0" encoding="UTF-8"?>
S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
S: <response> S: <response>
S: <result code="1000"> S: <result code="1000">
S: <msg lang="en-US">Command completed successfully</msg> S: <msg lang="en-US">Command completed successfully</msg>
S: </result> S: </result>
S: <resData> S: <resData>
S: <domain:chkData S: <domain:chkData
S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
S: <domain:cd> S: <domain:cd>
S: <domain:name avail="0">example.tld</domain:name> S: <domain:name avail="0">allocation.example</domain:name>
S: <domain:reason>Allocation Token mismatch</domain:reason> S: <domain:reason>Allocation Token mismatch</domain:reason>
S: </domain:cd> S: </domain:cd>
S: <domain:cd> S: <domain:cd>
S: <domain:name avail="1">example2.tld</domain:name> S: <domain:name avail="1">allocation2.example</domain:name>
S: </domain:cd> S: </domain:cd>
S: </domain:chkData> S: </domain:chkData>
S: </resData> S: </resData>
S: <trID> S: <trID>
S: <clTRID>ABC-DEF-12345</clTRID> S: <clTRID>ABC-DEF-12345</clTRID>
S: <svTRID>54321-XYZ</svTRID> S: <svTRID>54321-XYZ</svTRID>
S: </trID> S: </trID>
S: </response> S: </response>
S:</epp> S:</epp>
skipping to change at page 9, line 4 skipping to change at page 9, line 4
The EPP <info> command allows a client to request information The EPP <info> command allows a client to request information
associated with an existing object. Authorized clients MAY retrieve associated with an existing object. Authorized clients MAY retrieve
the Allocation Token (Section 2.1) along with the other object the Allocation Token (Section 2.1) along with the other object
information using the <allocationToken:info> element. The information using the <allocationToken:info> element. The
<allocationToken:info> element is an empty element that serves as a <allocationToken:info> element is an empty element that serves as a
marker to the server to return the <allocationToken:allocationToken> marker to the server to return the <allocationToken:allocationToken>
element in the info response. If the client is not authorized to element in the info response. If the client is not authorized to
receive the Allocation Token, the server MUST return an EPP error receive the Allocation Token, the server MUST return an EPP error
result code of 2201. If the client is authorized to receive the result code of 2201. If the client is authorized to receive the
Allocation Token, but there is no Allocation Token associated with Allocation Token, but there is no Allocation Token associated with
the object, the server MUST return an EPP error result code of 2303 the object, the server MUST return an EPP error result code of 2303.
object referencing the <allocationToken:info> element. The The auhorization is subject to server policy.
auhorization is subject to server policy.
Example <info> command with the allocationToken:info extension for Example <info> command with the allocationToken:info extension for
the example.tld domain name: the allocation.example domain name:
C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
C: <command> C: <command>
C: <info> C: <info>
C: <domain:info C: <domain:info
C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0" C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"
C: xsi:schemaLocation="urn:ietf:params:xml:ns:domain-1.0 C: xsi:schemaLocation="urn:ietf:params:xml:ns:domain-1.0
C: domain-1.0.xsd"> C: domain-1.0.xsd">
C: <domain:name>example.tld</domain:name> C: <domain:name>allocation.example</domain:name>
C: </domain:info> C: </domain:info>
C: </info> C: </info>
C: <extension> C: <extension>
C: <allocationToken:info C: <allocationToken:info
C: xmlns:allocationToken= C: xmlns:allocationToken=
C: "urn:ietf:params:xml:ns:allocationToken-1.0/> C: "urn:ietf:params:xml:ns:allocationToken-1.0/>
C: </extension> C: </extension>
C: <clTRID>ABC-12345</clTRID> C: <clTRID>ABC-12345</clTRID>
C: </command> C: </command>
C:</epp> C:</epp>
skipping to change at page 10, line 17 skipping to change at page 10, line 17
S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
S: <response> S: <response>
S: <result code="1000"> S: <result code="1000">
S: <msg>Command completed successfully</msg> S: <msg>Command completed successfully</msg>
S: </result> S: </result>
S: <resData> S: <resData>
S: <domain:infData S: <domain:infData
S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> S: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
S: <domain:name>example.tld</domain:name> S: <domain:name>allocation.example</domain:name>
S: <domain:roid>EXAMPLE1-REP</domain:roid> S: <domain:roid>EXAMPLE1-REP</domain:roid>
S: <domain:status s="pendingCreate"/> S: <domain:status s="pendingCreate"/>
S: <domain:registrant>jd1234</domain:registrant> S: <domain:registrant>jd1234</domain:registrant>
S: <domain:contact type="admin">sh8013</domain:contact> S: <domain:contact type="admin">sh8013</domain:contact>
S: <domain:contact type="tech">sh8013</domain:contact> S: <domain:contact type="tech">sh8013</domain:contact>
S: <domain:clID>ClientX</domain:clID> S: <domain:clID>ClientX</domain:clID>
S: <domain:crID>ClientY</domain:crID> S: <domain:crID>ClientY</domain:crID>
S: <domain:crDate>2012-04-03T22:00:00.0Z</domain:crDate> S: <domain:crDate>2012-04-03T22:00:00.0Z</domain:crDate>
S: <domain:authInfo> S: <domain:authInfo>
S: <domain:pw>2fooBAR</domain:pw> S: <domain:pw>2fooBAR</domain:pw>
skipping to change at page 10, line 48 skipping to change at page 10, line 48
S: <trID> S: <trID>
S: <clTRID>ABC-12345</clTRID> S: <clTRID>ABC-12345</clTRID>
S: <svTRID>54321-XYZ</svTRID> S: <svTRID>54321-XYZ</svTRID>
S: </trID> S: </trID>
S: </response> S: </response>
S:</epp> S:</epp>
3.1.3. EPP <transfer> Query Command 3.1.3. EPP <transfer> Query Command
This extension does not add any elements to the EPP <transfer> query This extension does not add any elements to the EPP <transfer> query
command or <transfer> query response described in the [RFC5730]. command or <transfer> query response described in [RFC5730].
3.2. EPP Transform Commands 3.2. EPP Transform Commands
EPP provides five commands to transform objects: <create> to create EPP provides five commands to transform objects: <create> to create
an instance of an object, <delete> to delete an instance of an an instance of an object, <delete> to delete an instance of an
object, <renew> to extend the validity period of an object, object, <renew> to extend the validity period of an object,
<transfer> to manage object sponsorship changes, and <update> to <transfer> to manage object sponsorship changes, and <update> to
change information associated with an object. change information associated with an object.
3.2.1. EPP <create> Command 3.2.1. EPP <create> Command
skipping to change at page 12, line 14 skipping to change at page 12, line 14
Example <create> command to create a domain object with an Allocation Example <create> command to create a domain object with an Allocation
Token: Token:
C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
C: <command> C: <command>
C: <create> C: <create>
C: <domain:create C: <domain:create
C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
C: <domain:name>example.tld</domain:name> C: <domain:name>allocation.example</domain:name>
C: <domain:registrant>jd1234</domain:registrant> C: <domain:registrant>jd1234</domain:registrant>
C: <domain:contact type="admin">sh8013</domain:contact> C: <domain:contact type="admin">sh8013</domain:contact>
C: <domain:contact type="tech">sh8013</domain:contact> C: <domain:contact type="tech">sh8013</domain:contact>
C: <domain:authInfo> C: <domain:authInfo>
C: <domain:pw>2fooBAR</domain:pw> C: <domain:pw>2fooBAR</domain:pw>
C: </domain:authInfo> C: </domain:authInfo>
C: </domain:create> C: </domain:create>
C: </create> C: </create>
C: <extension> C: <extension>
C: <allocationToken:allocationToken C: <allocationToken:allocationToken
skipping to change at page 13, line 13 skipping to change at page 13, line 13
<transfer> request command of an object mapping like [RFC5731]. <transfer> request command of an object mapping like [RFC5731].
The EPP <transfer> request command provides a transform operation The EPP <transfer> request command provides a transform operation
that allows a client to request the transfer of an object. In that allows a client to request the transfer of an object. In
addition to the EPP command elements described in an object mapping addition to the EPP command elements described in an object mapping
like [RFC5731], the command MUST contain a child like [RFC5731], the command MUST contain a child
<allocationToken:allocationToken> element for the client to be <allocationToken:allocationToken> element for the client to be
authorized to transfer and allocate the object. The authorization authorized to transfer and allocate the object. The authorization
associated with the Allocation Token is in addition to and does not associated with the Allocation Token is in addition to and does not
replace the authorization mechanism defined for the object's replace the authorization mechanism defined for the object's
<transfer> request command. If the Allocation Token does not apply <transfer> request command. If the Allocation Token is invalid or
to the object, the server MUST return an EPP error result code of not required for the object, the server MUST return an EPP error
2201. result code of 2201.
Example <transfer> request command to allocate the domain object with Example <transfer> request command to allocate the domain object with
the Allocation Token: the Allocation Token:
C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
C: <command> C: <command>
C: <transfer op="request"> C: <transfer op="request">
C: <domain:transfer C: <domain:transfer
C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"> C: xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
skipping to change at page 15, line 10 skipping to change at page 15, line 10
<!-- End of schema. --> <!-- End of schema. -->
</schema> </schema>
END END
5. IANA Considerations 5. IANA Considerations
5.1. XML Namespace 5.1. XML Namespace
This document uses URNs to describe XML namespaces and XML schemas This document uses URNs to describe XML namespaces and XML schemas
conforming to a registry mechanism described in [RFC3688]. The conforming to a registry mechanism described in [RFC3688].
following URI assignment is requested of IANA:
Registration request for the allocationToken namespace: Registration request for the allocationToken namespace:
URI: ietf:params:xml:ns:allocationToken-1.0 URI: ietf:params:xml:ns:allocationToken-1.0
Registrant Contact: IESG Registrant Contact: IESG
XML: None. Namespace URIs do not represent an XML specification. XML: None. Namespace URIs do not represent an XML specification.
Registration request for the allocationToken XML schema: Registration request for the allocationToken XML schema:
URI: ietf:params:xml:ns:allocationToken-1.0 URI: ietf:params:xml:schema:allocationToken-1.0
Registrant Contact: IESG Registrant Contact: IESG
XML: See the "Formal Syntax" section of this document. XML: See the "Formal Syntax" section of this document.
5.2. EPP Extension Registry 5.2. EPP Extension Registry
The following registration of the EPP Extension Registry, described The following registration of the EPP Extension Registry, described
in [RFC7451], is requested: in [RFC7451], is requested:
Name of Extension: "Allocation Token Extension for the Extensible Name of Extension: "Allocation Token Extension for the Extensible
Provisioning Protocol (EPP)" Provisioning Protocol (EPP)"
skipping to change at page 18, line 29 skipping to change at page 18, line 29
2. An Allocation Token should be single use, meaning it should be 2. An Allocation Token should be single use, meaning it should be
unique per object and per allocation operation. unique per object and per allocation operation.
3. An Allocation Token should have a limited life with some form of 3. An Allocation Token should have a limited life with some form of
expiry in the Allocation Token if generated by a trusted 3rd expiry in the Allocation Token if generated by a trusted 3rd
third party, or with a server-side expiry if generated by the third party, or with a server-side expiry if generated by the
server. server.
4. An Allocation Token should use a strong random value if it is 4. An Allocation Token should use a strong random value if it is
based on an unsigned code. based on an unsigned code.
5. An Allocation Token should leverage digital signatures to confirm 5. An Allocation Token should leverage digital signatures to confirm
its authenticity if generated by a trusted 3rd party. its authenticity if generated by a trusted 3rd party.
6. An Allocation Token should is signed XML should be encoded (e.g., 6. An Allocation Token that is signed XML should be encoded (e.g.,
base64) to mitigate server validation issues. base64 [RFC4648]) to mitigate server validation issues.
8. Acknowledgements 8. Acknowledgements
The authors wish to acknowledge the original concept for this draft The authors wish to acknowledge the original concept for this draft
and the efforts in the initial versions of this draft by Trung Tran and the efforts in the initial versions of this draft by Trung Tran
and Sharon Wodjenski. and Sharon Wodjenski.
Special suggestions that have been incorporated into this document Special suggestions that have been incorporated into this document
were provided by Scott Hollenbeck, Rubens Kuhl, Alexander Mayrhofer, were provided by Scott Hollenbeck, Rubens Kuhl, Alexander Mayrhofer,
and Patrick Mevzek. Patrick Mevzek, and Adam Roach.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, <https://www.rfc- DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
editor.org/info/rfc2119>. editor.org/info/rfc2119>.
skipping to change at page 19, line 25 skipping to change at page 19, line 25
DOI 10.17487/RFC5731, August 2009, <https://www.rfc- DOI 10.17487/RFC5731, August 2009, <https://www.rfc-
editor.org/info/rfc5731>. editor.org/info/rfc5731>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205, Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016, RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>. <https://www.rfc-editor.org/info/rfc7942>.
9.2. Informative References 9.2. Informative References
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
<https://www.rfc-editor.org/info/rfc4648>.
[RFC7451] Hollenbeck, S., "Extension Registry for the Extensible [RFC7451] Hollenbeck, S., "Extension Registry for the Extensible
Provisioning Protocol", RFC 7451, DOI 10.17487/RFC7451, Provisioning Protocol", RFC 7451, DOI 10.17487/RFC7451,
February 2015, <https://www.rfc-editor.org/info/rfc7451>. February 2015, <https://www.rfc-editor.org/info/rfc7451>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
9.3. URIs
[1] https://tools.ietf.org/html/bcp14
Appendix A. Change History Appendix A. Change History
A.1. Change from 00 to 01 A.1. Change from 00 to 01
1. Amended XML Namespace section of IANA Considerations, added EPP 1. Amended XML Namespace section of IANA Considerations, added EPP
Extension Registry section. Extension Registry section.
2. Moved Change History to the back section as an Appendix. 2. Moved Change History to the back section as an Appendix.
A.2. Change from 01 to 02 A.2. Change from 01 to 02
skipping to change at page 22, line 40 skipping to change at page 23, line 5
1. Updated obsoleted RFC 7942 to RFC 7942. 1. Updated obsoleted RFC 7942 to RFC 7942.
2. Moved RFC 7451 to an informational reference. 2. Moved RFC 7451 to an informational reference.
A.13. Change from REGEXT 07 to REGEXT 08 A.13. Change from REGEXT 07 to REGEXT 08
1. Changed Kal Feher's contact e-mail address. 1. Changed Kal Feher's contact e-mail address.
2. Changed Neustar's Implementation Status contact e-mail address. 2. Changed Neustar's Implementation Status contact e-mail address.
3. Added the Net::DRI sub-section to the Implementation Status 3. Added the Net::DRI sub-section to the Implementation Status
section. section.
A.14. Change from REGEXT 08 to REGEXT 09
1. Updates based on the AD review by Adam Roach, that include:
1. In "Abstract", set "query" and "transform" off in some way
(e.g., using quotation marks)
2. In "Conventions Used in This Document", please update to use
the boilerplate from RFC 8174.
3. Remove "allocationToken-1.0" is used as an abbreviation for
"urn:ietf:params:xml:ns:allocationToken-1.0".
4. In "Allocation Token", change "The server MUST have the
Allocation Token" to "The server MAY have the Allocation
Token".
5. In "EPP <check> Command", change "This extension allow
clients" to "This extension allows clients".
6. Use domains reserved by RFC 2026 for the examples. The
example domain "example.tld" was changed to
"allocation.example" and the example domain "example2.tld"
was changed to "allocation2.example".
7. In "EPP <info> Command", change "...the server MUST return
an EPP error result code of 2303 object referencing the
<allocationToken:info> element." to "...the server MUST
return an EPP error result code of 2303."
8. In "EPP <transfer> Query Command", remove "the" before
"[RFC5730]".
9. In "EPP <transfer> Command", change "If the Allocation Token
does not apply to the object..." to "If the Allocation Token
is invalid or not required for the object...".
10. In "XML Namespace", remove the sentence "The following URI
assignment is requested of IANA:"
11. In "Security Considerations", change "An Allocation Token
should is" to "An Allocation Token that is". Also
informatively cite RFC 4648 for the base64 reference.
2. Change "ietf:params:xml:ns:allocationToken-1.0" to
"ietf:params:xml:schema:allocationToken-1.0" for the XML schema
IANA registration.
Authors' Addresses Authors' Addresses
James Gould James Gould
VeriSign, Inc. VeriSign, Inc.
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
US US
Email: jgould@verisign.com Email: jgould@verisign.com
URI: http://www.verisigninc.com URI: http://www.verisigninc.com
 End of changes. 34 change blocks. 
53 lines changed or deleted 103 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/