As per Relevance of the word register, we have this rfc below:
Network Working Group S.
Request for Comments: 2832 M.
Category: Informational Network Solutions, Inc.
May 2000
NSI Registry Registrar Protocol (RRP) Version 1.1.0
Status of this
This memo provides information for the Internet community. It
not specify an Internet standard of any kind. Distribution of
memo is unlimited
Copyright
Copyright (C) The Internet Society (2000). All Rights Reserved
This document describes a protocol for the registration
management of second level domain names and associated name
in both generic Top Level Domains (gTLDs) and country code Top
Domains (ccTLDs). This protocol was developed by the
Solutions Registry for use within the Shared Registration System
is being published "as-is" to document the protocol
developed by the Network Solutions, Inc. Registry
Internet domain name registration typically involves three entities
a registrant who wishes to register a domain name, a registrar
provides services to the registrant, and a registry that
services to the registrar while serving as the
repository of all functional information required to resolve
registered in the registry's TLDs. This document describes
protocol for registry-registrar communication only. The
does not provide any registrant services
This document is being discussed on the "rrp" mailing list. To
the list, send a message to with
words "subscribe rrp" in the body of the message. There is also a
site for the mailing list archives
.
Conventions Used In This
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
document are to be interpreted as described in [MUSTSHOULD]. Further
Hollenbeck & Srivastava Informational [Page 1]
RFC 2832 NSI Registry Registrar Protocol May 2000
the term "implicit attribute" refers to an entity attribute
value is derived either from another attribute or is dependent on
established RRP session
In examples, "C:" represents lines sent by the registrar client
"S:" represents lines sent by the registry server
The term "System" is used in this document to collectively refer
this protocol and the software and hardware that implements
protocol
Table of
1. Introduction ................................................. 3
2. Security Services ............................................ 4
2.1 Connection Security ......................................... 4
2.2 System Data Security ........................................ 5
3. Connection Model ............................................. 5
4. Protocol Description ......................................... 6
4.1 Request Format .............................................. 7
4.2 Response Format ............................................. 8
4.3 Protocol Commands ........................................... 8
4.3.1 ADD ....................................................... 8
4.3.2 CHECK ..................................................... 11
4.3.3 DEL ....................................................... 12
4.3.4 DESCRIBE .................................................. 14
4.3.5 MOD ....................................................... 14
4.3.6 QUIT ...................................................... 16
4.3.7 RENEW ..................................................... 17
4.3.8 SESSION ................................................... 18
4.3.9 STATUS .................................................... 18
4.3.10 TRANSFER ................................................. 21
5. Response Codes ............................................... 23
5.1 Response Code Summary ....................................... 23
5.2 Command-Response Correspondence ............................. 28
6. Domain Status Codes .......................................... 29
6.1 Domain Status Code Description .............................. 30
7. Formal Syntax ................................................ 30
8. Internationalization ......................................... 35
9. Known Issues ................................................. 35
10. Security Considerations ..................................... 37
11. IANA Considerations ......................................... 37
12. References .................................................. 37
13. Acknowledgments ............................................. 38
14. Authors' Addresses .......................................... 38
15. Full Copyright Statement .................................... 39
Hollenbeck & Srivastava Informational [Page 2]
RFC 2832 NSI Registry Registrar Protocol May 2000
1.
This document describes the specifications for the NSI
Registrar Protocol (RRP) version 1.1.0, a TCP-based, 7-bit US-
text protocol that permits multiple registrars to provide
level Internet domain name registration services in the top
domains (TLDs) administered by a TLD registry. RRP is specified
Augmented Backus-Nauer Form (ABNF) as described in [ABNF]. Note
all ABNF string literals are case-insensitive and the
provided in this document may use mixed case to improve readability
RRP was developed by the Network Solutions, Inc. Registry under
auspices of the Shared Registration System program. The protocol
initially deployed in April 1999 as part of a test bed
of the Shared Registration System with five registrars.
registrars began using the protocol in July 1999. The
experiences of both the registry and the registrars
several "lessons learned" which have been documented here as "
Issues".
This document provides both a description of a protocol and notice
learned operational issues that may be useful as first steps
developing a standards track domain registration services protocol
This document and the protocol it describes may be modified in
future based on continued operational experience and
reaction
The registry stores information about registered domain names
associated name servers. A domain name's data includes its name,
servers, registrar, registration expiration date, and status. A
server's data includes its server name, IP addresses, and registrar
A registrar MAY perform the following registration service
using RRP
- Determine if a domain name has been registered
- Register a domain name
- Renew the registration of a domain name
- Cancel the registration of a domain name
- Update the name servers of a domain name
- Transfer a domain name from another registrar
- Examine the status of domain names that the registrar
registered
- Modify the status of domain names that the registrar
registered
- Determine if a name server has been registered
- Register a name server
- Update the IP addresses of a name server
Hollenbeck & Srivastava Informational [Page 3]
RFC 2832 NSI Registry Registrar Protocol May 2000
- Delete a name server
- Examine the status of name servers that the registrar
registered
All RRP commands include features to provide idempotency. That is
the effect of each command is the same if the command is
once or if the command is executed multiple times. This property
extremely useful in situations when a command is retried due to
error condition that results in a missed command response and
command retry is attempted. Command retries will be caught by
System and rejected with an appropriate error response code.
parameters that do not provide idempotency will be explained fully
part of the appropriate command description
2. Security
RRP provides only basic password-based registrar
services. Additional security services, including privacy
registrar authentication using public key cryptography, are
through other System features
2.1 Connection
Each RRP session MUST be encrypted using the Secure Socket
(SSL) v3.0 protocol as specified in [SSL]. SSL provides
services that reduce the risk of inadvertent disclosure
registrar-sensitive information, such as the registrar's
identifier and password
SSL supports mutual authentication of both the client and
using signed digital certificates. The Shared Registration
implemented by the NSI Registry requires digital certificates
by a commercial certification authority for both registrar
and public registry RRP servers. Both the registrar client and
public registry RRP server are authenticated when establishing an
connection. Further, a registrar MUST be authenticated
establishing an RRP connection via the RRP SESSION command
providing a registrar user identifier and password known only to
registrar and the System. Registrars may change their
password at any time using the RRP SESSION command
The SSL protocol is not an IETF Standards Track protocol.
Transport Layer Security protocol, specified in [TLS], is a
Track protocol that provides SSL v3.0 compatibility features
Hollenbeck & Srivastava Informational [Page 4]
RFC 2832 NSI Registry Registrar Protocol May 2000
2.2 System Data
The System stores information about the registered domain names
their name servers. Only the current registrar of a
domain name is authorized to query it, update its name servers,
cancel or renew it. Any registrar can request a transfer of a
name and its associated name servers from another registrar to
requesting registrar. Only the current sponsoring registrar
receive and explicitly approve or reject domain transfer requests
Only a name server's registrar can query, update, and delete it.
general, name servers must be registered through the
registrar of the name server's parent domain name, though
implementation MAY allow use of name servers registered in other
without specifying IP addresses or requiring parent
registration. Use of ccTLD name servers for a gTLD domain name is
such example
Name servers are implicitly transferred by the System when
parent domain name is transferred. In addition, a name server
be deleted if it is hosting domain names
3. Connection
IANA has assigned TCP port 648 for RRP use. All RRP
MUST provide RRP services over SSL on TCP port 648. An RRP
MUST return a banner in the following format to confirm that
connection has been established
<registry name> RRP Server version
Each line ends with carriage return and line feed characters.
server build date and time string includes the day, month, date,
(specified in hours, minutes, and seconds), the local time zone,
the four-digit year. A dot (".") in column one on a line by
marks the end of banner text
A registrar successfully establishes a connection with the
Registry on TCP port 648:
S:NSI RRP Server version 1.1.0
S:Mon Oct 25 20:20:34 EDT 1999
S:.
Hollenbeck & Srivastava Informational [Page 5]
RFC 2832 NSI Registry Registrar Protocol May 2000
4. Protocol
A typical RRP session will go through a number of states during
lifetime. Figure 1 illustrates the possible states of an RRP server
Initially, the server waits for a client connection
authentication (PRE). All client connections MUST be authenticated
|
|
+-----------------+
| Waiting for |-------------------+
Authentication Succeeded | Client | |
+---------| Authentication | Authentication |
| | (PRE) |-----+ Failed |
| +-----------------+ | |
| | |
V V |
+-----------+ Succeeded +--------------------+ |
|Waiting for|<-----------------| Waiting for | |
| Command |----------+ |Authentication Retry| |
| (WFC) | Timeout | | (WFR) | |
+-----------+ | +--------------------+ |
| ^ | | | |
| | | Timeout | | Failed |
Request V |Response | | | |
+-----------+ | V V
| Executing | | +--------------------+
| Command | +--------->| Disconnected |
| (EXE) |-------------------->| (DIS) |
+-----------+ QUIT +--------------------+
Figure 1: RRP Server Finite State
If the authentication fails, the server gives the client
chance to identify itself (WFR). If the authentication fails again
the server disconnects (DIS). Otherwise, the server waits for
request from the client (WFC). Upon receiving a request, the
executes it and responds to the client with the result (EXE).
server then waits again for another request from the client (WFC).
the client sends a QUIT command, the server ends the session
disconnects (DIS). To keep its state in sync with that of the server
the client SHOULD wait for a response from the server before
another request on the same connection. The following
summarizes these states
Hollenbeck & Srivastava Informational [Page 6]
RFC 2832 NSI Registry Registrar Protocol May 2000
PRE Waiting for client connection and
WFR Waiting for authentication
WFC Waiting for a command from an authenticated
EXE Executing a
DIS
The WFR and WFC states MAY time out. An implementation SHOULD
inactivity timeout periods for these states based on System-
factors, including (but not limited to) resource availability
security risk. In the absence of other factors, a default
period of 10 minutes SHOULD be used. The server MAY disconnect if
server is in one of these states and no message is received from
client during the timeout period
4.1 Request
An RRP request nominally consists of a command name, an entity block
command options, and an end-of-command delimiter. Command options
entity blocks collectively define command parameters and
specification is order independent; examples provided in
document specify entity blocks before command options
CommandName [EntityBlock] [CommandOptions]
A command name specifies the type of an RRP request. A command is
word or abbreviation terminated by a carriage-return linefeed (crlf
sequence
CommandName
An entity block specifies the data in an RRP request. It consists
attribute name-value pairs specifying the entity and all of
attributes of the entity. Each attribute name-value pair starts
the attribute name, followed by a colon, the attribute value, and
finally terminated by a carriage-return linefeed sequence.
blocks are optional for some requests
entityName:entityValue
attributeName:attributeValue
Command options specify control parameters for an RRP request.
command option starts with a dash, followed by the option name,
colon, the option value, and is finally terminated by a carriage
return linefeed sequence
-commandOptionName:commandOptionValue
Hollenbeck & Srivastava Informational [Page 7]
RFC 2832 NSI Registry Registrar Protocol May 2000
An EndOfCommand delimiter specifies the end of an RRP request.
consists of a dot (".") in column one followed by a carriage-
linefeed sequence
.
4.2 Response
An RRP response starts with a three-digit response code, followed
a space, an ASCII text description of the response, a carriage-
linefeed sequence, and zero or more attribute name-value pair lines
An RRP response is terminated by a dot in column one followed by
carriage-return linefeed sequence
ResponseCoderesponseDescription
[attributeName:attributeValue]
.
4.3 Protocol
Implementations of RRP commands MUST provide "all or nothing"
and failure operation. Failed command execution MUST leave the
in the same state it was in before the command was attempted
failed
All RRP commands include features to provide idempotency.
features that are not idempotent are explained fully as needed
part of the appropriate command description
4.3.1
This command allows a registrar to register a domain name or a
server in the System
4.3.1.1 Registering a Domain
The request to register a domain name MUST contain the
data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
Hollenbeck & Srivastava Informational [Page 8]
RFC 2832 NSI Registry Registrar Protocol May 2000
The request to register a domain name MAY contain 1 or more, and
maximum of 13, fully qualified name servers hosting the domain
in multiple instances of the "NameServer" parameter. The name
MUST have already been registered in the registry.
MAY allow specification of name servers associated with
registered in other TLDs. For example, an implementation MAY
use of ccTLD name servers for gTLD domain name registration
The request to register a domain name MAY contain the
registration period in years for the domain being registered in
single instance of the "Period" parameter. The System MUST provide
default initial registration period in years if the "Period
parameter is not provided. The acceptable year values for
"Period" parameter are implementation specific
The System will register the domain name to the registrar for
period specified by the registrar. If the registrar does not
a registration period, a System-specified default value MUST be
for the initial registration period. If the domain name
successfully registered, the System MUST return the
expiration date in the "registration expiration date" attribute
the response
Authorized User: All registrars MAY use the ADD command to
domain names
A registrar registers a domain name without specifying name servers
C:add
C:EntityName:Domain
C:DomainName:example.com
C:-Period:10
C:.
S:200 Command completed successfully
S:registration expiration date:2009-09-22 10:27:00.0
S:status:ACTIVE
S:.
Hollenbeck & Srivastava Informational [Page 9]
RFC 2832 NSI Registry Registrar Protocol May 2000
A registrar registers a domain name using previously-registered
servers
C:add
C:EntityName:Domain
C:DomainName:example2.com
C:-Period:10
C:NameServer:ns1.example.com
C:NameServer:ns2.example.com
C:.
S:200 Command completed successfully
S:registration expiration date:2000-09-22 10:27:00.0
S:status:ACTIVE
S:.
4.3.1.2 Registering a Name
The request to register a name server MUST contain the
data
- The "EntityName" parameter set to value "NameServer".
- Fully qualified server name of the name server in the "NameServer
parameter
If the name server being registered is the child of a
domain name, the name server registration request MUST include one
more, and a maximum of 13, name server IP addresses in
instances of the "IPAddress" parameter. Name servers associated
domains registered in other TLDs SHOULD NOT be specified with
addresses to reduce the possibility of duplicating DNS NS records
the name servers in multiple zone files
The registrar MUST register the name server in the System
using it to host domain names. Further, the name server MUST
registered through the same registrar that is the current
of its parent domain name. The System MAY allow any registrar to
the name server to host domain names
Authorized User: All registrars MAY use the ADD command to
name servers
Hollenbeck & Srivastava Informational [Page 10]
RFC 2832 NSI Registry Registrar Protocol May 2000
A registrar registers a new name server in an existing domain name
C:add
C:EntityName:NameServer
C:NameServer:ns1.example.com
C:IPAddress:198.41.1.11
C:.
S:200 Command completed successfully
S:.
4.3.2
This command allows a registrar to determine if a domain name or
server has been registered in the System
4.3.2.1 Domain Name
The request to determine if a domain name is registered MUST
the following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
The System MUST provide a positive or negative response to
domain name availability at the moment the command is executed
Authorized User: All registrars MAY use the CHECK command
determine if a domain name has been registered or not
A registrar checks the availability of a domain name in the System
C:check
C:EntityName:Domain
C:DomainName:example.com
C:.
S:211 Domain name not available
S:.
Hollenbeck & Srivastava Informational [Page 11]
RFC 2832 NSI Registry Registrar Protocol May 2000
4.3.2.2 Name Server
The request to determine if a name server is registered MUST
the following data
- The "EntityName" parameter set to value "NameServer".
- Fully qualified server name in the "NameServer" parameter
The System MUST provide a positive or negative response to
name server availability at the moment the command is executed.
the name server has been registered, the System MUST return the
address(es) of the name server
Authorized User: All registrars MAY use the CHECK command
determine if a name server has been registered or not
A registrar checks the availability of a server name in the System
C:check
C:EntityName:Nameserver
C:Nameserver:ns1.example.com
C:.
S:213 Name server not available
S:ipAddress:192.10.10.10
S:.
4.3.3
This command allows a registrar to delete (cancel the registration
of a domain name or delete a name server
4.3.3.1 Deleting a Domain
The request to cancel the registration of a domain name MUST
the following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
A request to delete a domain name SHOULD cause the deletion of
name servers that are children of the domain name being deleted.
name servers SHOULD be deleted if they are not actively hosting
domains. A domain MUST not be deleted if it has child name
hosting other domains
Hollenbeck & Srivastava Informational [Page 12]
RFC 2832 NSI Registry Registrar Protocol May 2000
Authorized User: The current registrar of a domain name MAY use
DEL command to delete a domain name from the System
A registrar deletes a domain name, implicitly deleting all
servers registered in the domain
C:del
C:EntityName:Domain
C:DomainName:example.com
C:.
S:200 Command completed successfully
S:.
4.3.3.2 Deleting a Name
The request to delete a name server MUST contain the following data
- The "EntityName" parameter set to value "NameServer".
- Fully qualified name of the name server in the "NameServer
parameter
A name server MUST not be deleted if it is hosting domains.
such domains or name servers is prohibited because their
WILL result in orphaning the hosted domains
Authorized User: The current registrar of a name server MAY use
DEL command to delete a name server from the System
A registrar deletes a name server that is not hosting domains
C:del
C:EntityName:NameServer
C:NameServer:ns1.registrarA.com
C:.
S:200 Command completed successfully
S:.
Hollenbeck & Srivastava Informational [Page 13]
RFC 2832 NSI Registry Registrar Protocol May 2000
A registrar tries to delete a name server that is hosting domains
C:del
C:EntityName:NameServer
C:NameServer:ns1.registrarA.com
C:.
S:532 Domain names linked with name server
S:.
4.3.4
This command allows a registrar to obtain general information
an RRP implementation. The command MAY contain the
parameters
- The "Target" parameter set to value "Protocol".
The implementation MUST return the protocol version number whether
not the request contains the "Target" parameter
Authorized User: All registrars MAY use the DESCRIBE command
A registrar obtains general information about an RRP implementation
C:describe
C:-Target:Protocol
C:.
S:200 Command completed successfully
S:Protocol:RRP 1.1.0
S:.
4.3.5
This command allows a registrar to update a registered domain name
a name server. The command allows the following operations on
attribute value for both single-valued and multi-valued attributes
- Add an attribute value. The value to be added MUST be unique
the values of the attribute. For a single-valued attribute,
replaces the current value
- Remove an attribute value. The value to be removed MUST exist
Further, an attribute value cannot be removed if it is the
value of a required attribute
Attribute values to be removed are identified by tagging with an "="
suffix
Hollenbeck & Srivastava Informational [Page 14]
RFC 2832 NSI Registry Registrar Protocol May 2000
4.3.5.1 Domain
The request to modify a registered domain name MUST contain
following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
The registrar can perform the following update operations on
domain name
- Update the name servers of the domain name by setting one or
instances of the "NameServer" parameter
- Update the status of the domain name by setting one or
instances of the "Status" parameter. Valid values for the "Status
parameter are defined in Section 6.
Authorized User: The current registrar of a domain name MAY use
MOD command to modify the attributes of a domain name
A registrar removes one name server (ns1) from a domain and adds
new name server (ns3) to the same domain
C:mod
C:EntityName:Domain
C:DomainName:example.com
C:NameServer:ns3.registrarA.com
C:NameServer:ns1.registrarA.com=
C:.
S:200 Command completed successfully
S:.
4.3.5.2 Name Server
The request to update a name server MUST contain the following data
- The "EntityName" parameter set to value "NameServer".
- Fully qualified server name of the name server in the "NameServer
parameter
Hollenbeck & Srivastava Informational [Page 15]
RFC 2832 NSI Registry Registrar Protocol May 2000
The registrar can perform the following update operations on the
server
- Update the "NameServer" attribute of the name server. This allows
registrar to change the name of a name server while preserving
existing associations
- Update the IP addresses of the name server by setting one or
instances of the "IPAddress" parameter
Authorized User: The current registrar of a name server MAY use
MOD command to modify the attributes of a domain name
A registrar changes the name and IP address of a name server
C:mod
C:EntityName:NameServer
C:NameServer:ns1.registrarA.com
C:NewNameServer:ns2.registrarA.com
C:IPAddress:198.42.1.11
C:IPAddress:198.41.1.11=
C:.
S:200 Command completed successfully
S:.
4.3.6
This command allows a registrar to close an RRP connection.
response MUST be sent before closing the connection
Authorized User: All registrars MAY use the QUIT command
A registrar ends an RRP session and closes an existing connection
C:quit
C:.
S:220 Command completed successfully. Server closing connection
S:.
Hollenbeck & Srivastava Informational [Page 16]
RFC 2832 NSI Registry Registrar Protocol May 2000
4.3.7
This command allows a registrar to renew a domain name in the System
The request to renew a domain name MUST contain the following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
The request to renew a domain name MAY contain the renewal period
years for the domain being renewed in a single instance of a "Period
parameter and a single instance of a "CurrentExpirationYear
parameter. These parameters MUST appear together if either
specified, though the order in which the parameters appear
insignificant. The "Period" parameter identifies the number of
to be added to the registration. The "CurrentExpirationYear
parameter identifies the current expiration year, and is required
ensure that repeated attempts to retry this command do not result
multiple successful renewals. The System MUST provide a
number of renewal years if the "Period" and "CurrentExpirationYear
parameters are not provided. Repeated use of this command without
"Period" and "CurrentExpirationYear" parameters may result
repeated successful renewals since idempotency is not provided
these parameters are not used. The acceptable year values for
"Period" parameter are implementation specific subject to
restrictions
The System renews the domain name for a period specified by
registrar. If the domain name renewal is completed successfully,
System MUST return the new registration expiration date in
"RegistrationExpirationDate" attribute in the response
Authorized User: The current registrar of a domain name MAY use
RENEW command
A registrar renews a domain name using a specified renewal period
C:renew
C:EntityName:Domain
C:DomainName:example.com
C:-Period:9
C:-CurrentExpirationYear:2001
C:.
S:200 Command completed successfully
S:registration expiration date:2010-09-22 10:27:00.0
S:.
Hollenbeck & Srivastava Informational [Page 17]
RFC 2832 NSI Registry Registrar Protocol May 2000
4.3.8
This command allows a registrar to establish an RRP session.
registrar can also use this command to change their password.
request to establish an RRP connection MUST contain the
command parameters
- The "Id" parameter set to the registrar's System user ID
- The "Password" parameter set to the registrar's current
password
The request to establish an RRP session MAY contain a new
for the registrar in a single instance of the "NewPassword
parameter
The registrar MUST send this command to the System before any
command. If the command fails due to invalid information (such as
invalid registrar ID or password), the registrar can resend
request with corrected information. If the command fails a
time, the System SHOULD close the connection
Authorized User: All registrars MAY use the SESSION command
A registrar establishes an RRP session
C:session
C:-Id:registrarA
C:-Password:i-am-registrarA
C:.
S:200 Command completed successfully
S:.
4.3.9
This command allows a registrar to determine the current status of
domain name or name server
4.3.9.1 Domain
The request to query a domain name MUST contain the following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
Hollenbeck & Srivastava Informational [Page 18]
RFC 2832 NSI Registry Registrar Protocol May 2000
The response from the System MAY contain the following data
- Fully qualified server names of name servers hosting the
name in multiple instances of the "nameserver" attribute
- Registration expiration date in the "registration expiration date
attribute
- ID of the current registrar of the domain name in the "registrar
attribute
- Date the domain name was transferred by the current registrar
the "registrar transfer date" attribute
- Current statuses of the domain name in multiple instances of
"status" attribute
- Date the domain name was originally registered in the "
date" attribute
- ID of the registrar that originally registered the domain name
the "created by" attribute
- Date the domain name was last updated in the "updated date
attribute
- ID of the entity (either a registrar or the registry) that
updated the domain name in the "updated by" attribute
Authorized User: The current registrar of a domain name MAY use
STATUS command to view current domain name attributes
The current registrar of a domain name queries the domain name
C:status
C:EntityName:Domain
C:DomainName:example.com
C:.
S:200 Command completed successfully
S:nameserver:ns2.registrarA.com
S:nameserver:ns3.registrarA.com
S:registration expiration date:2010-09-22 10:27:00.0
S:registrar:registrarA
S:registrar transfer date:1999-09-22 10:27:00.0
S:status:ACTIVE
S:created date:1998-09-22 10:27:00.0
S:created by:registrarA
S:updated date:2002-09-22 10:27:00.0
S:updated by:registrarA
S:.
Hollenbeck & Srivastava Informational [Page 19]
RFC 2832 NSI Registry Registrar Protocol May 2000
A registrar queries a domain name currently registered by
registrar
C:status
C:EntityName:Domain
C:DomainName:example.com
C:.
S:531 Authorization failed
S:.
4.3.9.2 Name Server
The request to query a name server MUST contain the following data
- The "EntityName" parameter set to value "NameServer".
- Fully qualified name of the name server in the "NameServer
parameter
The response from the System MAY contain the following data
- Fully qualified name of the name server in the "nameserver
attribute
- IP addresses of the name server in multiple instances of
"ipaddress" attribute
- ID of the current registrar of the name server in the "registrar
attribute
- Date the name server was transferred by the current registrar
the "registrar transfer date" attribute
- Date the name server was registered in the "created date
attribute
- ID of the entity that registered the name server in the "
by" attribute
- Date the name server was last updated in the "updated date
attribute
- ID of the entity that last updated the name server in the "
by" attribute
Authorized User: The current registrar of a name server MAY use
STATUS command to view current domain name attributes
The current registrar of a name server queries the name server
C:status
C:EntityName:NameServer
C:NameServer:ns1.registrarA.com
C:.
Hollenbeck & Srivastava Informational [Page 20]
RFC 2832 NSI Registry Registrar Protocol May 2000
S:200 Command completed successfully
S:ipaddress:198.42.1.11
S:registrar:registrarA
S:registrar transfer date:1999-09-22 10:27:00.0
S:CreatedDate:1998-09-22 10:27:00.0
S:CreatedBy:registrarA
S:UpdatedDate:2002-09-22 10:27:00.0
S:UpdatedBy:registrarA
S:.
A registrar queries a name server that was registered by
registrar
C:status
C:EntityName:NameServer
C:NameServer:ns1.registrarA.com
C:.
S:531 Authorization failed
S:.
4.3.10
This command allows a registrar to request transfer of domain
sponsorship from a second registrar and to approve or reject
requests initiated by other registrars. The request to transfer
domain name MUST contain the following data
- The "EntityName" parameter set to value "Domain".
- Fully qualified second level domain name in the "DomainName
parameter
The identity of the requesting registrar is derived from the
active session. The identity of the current sponsoring registrar (
registrar who must approve or reject the transfer request) is
by the registry and does not need to be known by the
registrar in advance of issuing the transfer request
The System MUST notify the potential losing registrar when a
transfer request has been received using an out-of-band
mechanism such as electronic mail and/or transaction reporting.
losing registrar SHOULD then explicitly approve or reject
transfer. A request to approve or reject a transfer request
contain a single instance of the "Approve" parameter with a value
"Yes" to approve the transfer or a value of "No" to reject
transfer. A server implementation MAY provide a default approval
rejection action to be taken if the losing registrar does
explicitly approve or reject the transfer request within a
amount of time. The criteria used by registrars to approve or
Hollenbeck & Srivastava Informational [Page 21]
RFC 2832 NSI Registry Registrar Protocol May 2000
requested transfers are typically based on business policies that
beyond the scope of this document
Approval of a transfer by the current sponsoring registrar results
a change of sponsorship to the original requesting registrar
Approval attempts by any other registrar MUST result in
failure of the attempted approval. Rejection of the transfer by
current sponsoring registrar results in an end to the
request with no change in sponsorship. Rejection attempts by
other registrar MUST result in explicit failure of the
rejection
Name servers MUST be implicitly transferred when their parent
name is transferred
Authorized User: All registrars MAY use the TRANSFER command
request transfer of registration service authority to the
registrar. Only the current sponsoring registrar of a domain name
explicitly approve or reject a requested transfer. The registry
implicitly approve or reject requested transfers after a fixed
of time
A registrar requests transfer of a domain name from
registrar
C:transfer
C:EntityName:Domain
C:DomainName:example.com
C:.
S:200 Command completed successfully
S:.
The original registrar approves the transfer request
C:transfer
C:-Approve:Yes
C:EntityName:Domain
C:DomainName:example.com
C:.
S:200 Command completed successfully
S:.
Hollenbeck & Srivastava Informational [Page 22]
RFC 2832 NSI Registry Registrar Protocol May 2000
5. Response
RRP commands may return a variety of response codes to signify
completion or error conditions. This section documents all of
defined RRP response codes
5.1 Response Code
200 Command completed
This is the normal response for successful completion of most
commands
210 Domain name
This is the normal response for successful completion of an RRP
command for a domain name that is not currently registered
211 Domain name not
This is the normal response for successful completion of an RRP
command for a domain name that is currently registered
212 Name server
This is the normal response for successful completion of an RRP
command for a name server that is not currently registered
213 Name server not
This is the normal response for successful completion of an RRP
command for a name server that is currently registered
220 Command completed successfully. Server closing connection This
the normal response for successful completion of an RRP QUIT command
It may also be returned by other RRP commands if a
situation is noted that requires closing the connection
successfully completing the RRP command
420 Command failed due to server error. Server closing connection
transient server error has caused RRP command failure and
termination. A new session must be established before
processing can be attempted
421 Command failed due to server error. Client should try again
transient server error has caused RRP command failure. A
retry may produce successful results
500 Invalid command
A client-specified RRP command name was not recognized as a valid
command name
Hollenbeck & Srivastava Informational [Page 23]
RFC 2832 NSI Registry Registrar Protocol May 2000
501 Invalid command
A client-specified RRP command parameter was not recognized as
valid RRP command parameter
502 Invalid entity
The "value" of an entity name-value pair is invalid. Command
that require an "EntityName" parameter also require a value
specifies the entity name, and the provided value is invalid
503 Invalid attribute
A client-specified RRP command parameter was not recognized as
valid RRP command parameter
504 Missing required
A parameter required to execute the RRP command was not provided
the client. The command should be retried with all
parameters specified
505 Invalid attribute value
A supplied parameter value is syntactically incorrect. For example,
year value digit such as "5" may be required but the client
a string of characters such as "five".
506 Invalid option
A client-specified value for an RRP command parameter is out-of
bounds or otherwise not within acceptable System limits
507 Invalid command
The specified command does not resemble a well-formed RRP command
The command should be retried using the proper command structure
syntax
508 Missing required
An entity required for command completion was not provided by
client. For example, the CHECK command requires specification
either a "Domain" entity or a "Nameserver" entity
509 Missing command
A command parameter that isn't really optional (such as the
ID in a SESSION command) was not provided by the client. The
should be retried with all needed parameters
520 Server closing connection. Client should try opening
connection;
A timeout event has been detected, and the client's session is
ended. The System SHOULD define timeout periods to begin a
Hollenbeck & Srivastava Informational [Page 24]
RFC 2832 NSI Registry Registrar Protocol May 2000
command, complete a client command, and for the duration of an
session. The reason for the timeout MUST be provided at the end
the response code string
521 Too many sessions open. Server closing
A System-defined limit on the number of open connections has
exceeded, and it is impossible to establish a new session at
moment. It may be possible to establish a session by waiting for
few moments or by closing existing unused sessions
530 Authentication
The client-supplied registrar identifier or password was
recognized by the System. A subsequent retry with valid values
produce successful results. Repeated authorization failures
result in termination of the TCP connection
531 Authorization
Registrars may not view or alter data associated with either
registry or another registrar. This response code is
returned when a registrar attempts to view or modify data
to either the registry or another registrar. A typical
includes doing a STATUS command for a domain registered to
registrar
532 Domain names linked with name
The name server is hosting active domains. This error occurs when
registrar is trying to delete a server that is the name server
active domains. The registry MUST not allow the registrar to
this server. All of the domain names using this server MUST
modified to use a different name server before the name server can
deleted
533 Domain name has active name
The domain name has active name servers. The registrar is trying
delete a domain name that is a parent domain of an active
server, i.e., a server that is hosting active domains. All of
name servers within the domain MUST be removed from service
the domain can be deleted
534 Domain name has not been flagged for
The registrar is trying to approve or reject a domain name
for a domain name that is not pending transfer
535 Restricted IP
IANA identifies certain IP address ranges that are not valid
normal use. The registrar is trying to use an IP address that is
a restricted IP address range as identified by IANA
Hollenbeck & Srivastava Informational [Page 25]
RFC 2832 NSI Registry Registrar Protocol May 2000
536 Domain already flagged for
The registrar tried to perform a transfer command for a domain
that is awaiting approval of an earlier transfer request
540 Attribute value is not
A supplied attribute value is not unique. This occurs when
registrar is adding a domain name that already exists in
registry, a server that already exists in the registry, or an
address that is already being used by another server in the registry
Another possibility occurs when performing domain modifications
the registrar is adding a server that is already in the list
servers for the domain name or setting a domain name to a status
which it is already set. The RRP STATUS command MAY be used
determine current domain name status before attempting to change
status. When modifying or adding a name server, the IP address of
name server might not be unique. The registry MUST not allow
addresses to be used by more than one server
541 Invalid attribute
A supplied parameter value is invalid. Examples of invalid
values include an invalid IP address, an invalid domain name,
invalid server name, or an invalid renewal period
542 Invalid old value for an
A current attribute value to be modified is invalid. The registrar
trying to modify an attribute of a server or a domain name that
not exist in the registry
543 Final or implicit attribute cannot be
The registrar is attempting to modify an attribute that is
modifiable by the registry. Registrars can not modify final
implicit attribute values
544 Entity on
The attempted operation was rejected because the entity is on
status. If the HOLD status was set by the registrar, the status
be changed using the MOD command and the requested command can
retried. If the HOLD status was set by the registry, the
must contact the registry to change the status before the command
be successful
545 Entity reference not
A required entity reference was not found. This occurs when
registrar tries to add a new name server and the parent domain of
name server does not exist in the registry. It also occurs when
user is trying to add a new name server to a domain name when
name server does not exist in the registry
Hollenbeck & Srivastava Informational [Page 26]
RFC 2832 NSI Registry Registrar Protocol May 2000
546 Credit limit
The registrar's credit limit has been exceeded. This is
implementation specific error that occurs when a potentially
operation, such as adding a domain name, renewing a domain name,
transferring a domain name, is attempted and the registrar does
have sufficient financial standing with the registry to complete
operation
547 Invalid command
RRP commands are issued using a well-formed syntax that
entry of command structures in particular sequences. This
code indicates that an ill-formed command was received and rejected
548 Domain is not up for
A RENEW command was attempted during a period in which the domain
not be renewed. Implementations MAY limit renewal periods
particular time frames, such as within 90 days of the domain'
expiration. This response indicates that the RENEW command
received outside of the System-defined domain renewal period
549 Command
A System error prevented successful completion of the requested
command. Retrying the command might produce success, but a
failure indicates a System error condition
550 Parent domain not
The parent domain of a name server being registered is
registered. This occurs when the registrar tries to add a new
server and the parent domain for the server does not exist in
registry
551 Parent domain status does not allow for
The status of the parent domain does not allow the
operation. This occurs when a registrar tries to modify a
whose parent domain is flagged as LOCK or HOLD in the registry
552 Domain status does not allow for
The status of the domain does not allow the requested operation.
occurs when a registrar tries to modify or delete a domain that
flagged as LOCK or HOLD in the registry
553 Operation not allowed. Domain pending
The status of the domain does not allow the requested operation.
registrar is attempting to delete a domain that is pending
or denial of a transfer request
Hollenbeck & Srivastava Informational [Page 27]
RFC 2832 NSI Registry Registrar Protocol May 2000
554 Domain already
A registrar tried to register a domain name that has already
registered by the same registrar
555 Domain already
A registrar tried to renew a domain using the same parameters
specified for an earlier, successful renewal. This will
occur when executing the same RENEW command more than once
556 Maximum registration period
A registrar tried to renew a domain registration, and the
new registration period exceeds the System-defined
registration period. If there is renewal time available with
System-defined maximum registration period it may be possible
retry the RENEW command with specified renewal period parameters
5.2 Command-Response
The session between the client and the server is intended to be
alternating dialogue. Each command issued by a client MUST be
upon by the server, which MUST return a response code to document
success or failure of command execution. "Success" means that
command completed normal execution without error. "Failure"
that the System did not complete the command as requested.
may be due to either syntax, semantic, data, or System errors
A complete list of response codes for each RRP command is
below
Command:
Success: 200, 220
Failure: 420, 421, 500, 502, 503, 504, 505, 507, 508, 520, 531, 535,
540, 541, 545, 546, 547, 549, 550, 554
Command:
Success: 210, 211, 212, 213
Failure: 220, 420, 421, 500, 502, 503, 504, 505, 507, 508, 520, 541,
547, 549
Command:
Success: 200, 220
Failure: 420, 421, 500, 502, 503, 504, 505, 507, 508, 520, 531, 532,
533, 541, 544, 545, 547, 549, 551, 552, 553
Command:
Success: 200, 220
Failure: 420, 421, 500, 501, 506, 507, 509, 520, 547, 549
Hollenbeck & Srivastava Informational [Page 28]
RFC 2832 NSI Registry Registrar Protocol May 2000
Command:
Success: 200, 220
Failure: 420, 421, 500, 502, 503, 504, 505, 507, 508, 520, 531, 535,
540, 541, 542, 543, 544, 545, 547, 549, 550, 551, 552, 553
Command:
Success: 220
Failure: 420, 421, 500, 507, 520, 547, 549
Command:
Success: 200, 220
Failure: 420, 421, 500, 502, 503, 504, 505, 507, 508, 520, 531, 541,
545, 546, 547, 548, 549, 552, 553, 555, 556
Command:
Success: 200, 220
Failure: 420, 421, 500, 501, 506, 507, 508, 509, 520, 521, 530, 531,
547, 549
Command:
Success: 200, 220
Failure: 420, 421, 500, 501, 502, 503, 504, 505, 506, 507, 508, 520,
531, 541, 545, 547, 549
Command:
Success: 200, 220
Failure: 420, 421, 500, 501, 502, 503, 504, 505, 506, 507, 508, 520,
531, 534, 536, 541, 544, 545, 546, 547, 549, 552, 553
6. Domain Status
The status of a domain can be viewed using the RRP STATUS command
modified using the RRP MOD command. Both the registry and
sponsoring registrar MAY view and change the status of a domain.
criteria for status changes are highly dependent on registry
registrar business models and are thus beyond the scope of
specification
The domain's status SHOULD have a direct bearing on whether or
the domain appears in the appropriate TLD zone file and whether
not the domain can be modified. A domain can have more than
assigned status, e.g., REGISTRAR-HOLD and REGISTRAR-LOCK. If a
is in ACTIVE status, then the domain name can only be in this status
When a registrar sets a domain name to REGISTRAR-LOCK, the
MUST automatically remove the ACTIVE status. When the
removes the REGISTRAR-LOCK and other domain statuses, the
MUST automatically set the domain name status to ACTIVE
Hollenbeck & Srivastava Informational [Page 29]
RFC 2832 NSI Registry Registrar Protocol May 2000
6.1 Domain Status Code
ACTIVE: This is the default status of a domain at registration time
The registry sets the domain to this status. The domain is
by the registrar. The domain can be renewed. The domain SHALL
included in the zone file when in this status if the domain has
least one associated name server
REGISTRY-LOCK: The registry sets the domain to this status.
domain cannot be modified or deleted by the registrar. The
MUST remove the REGISTRY-LOCK status for the registrar to modify
domain. The domain can be renewed. The domain SHALL be included
the zone file when in this status if the domain has at least
associated name server
REGISTRY-HOLD: The registry sets the domain to this status.
domain cannot be modified or deleted by the registrar. The
MUST remove the REGISTRY-HOLD status for the registrar to modify
domain. The domain can be renewed. The domain SHALL NOT be
in the zone file when in this status
REGISTRAR-HOLD: The registrar of the domain sets the domain to
status. The domain can not be modified or deleted when in
status. The registrar MUST remove REGISTRAR-HOLD status to modify
domain. The domain can be renewed. The domain SHALL NOT be
in the zone file when in this status
REGISTRAR-LOCK: The registrar of the domain sets the domain to
status. The domain cannot be modified or deleted when in this status
The registrar MUST remove REGISTRAR-LOCK status to modify the domain
The domain can be renewed. The domain SHALL be included in the
file when in this status
REGISTRY-DELETE-NOTIFY: A domain is set on this status if it
expired and has child name servers that are hosting other domains
Only the registry may set this status. The domain SHALL be
in the zone file when in this status if the domain has at least
associated name server
7. Formal
The following syntax specification uses the augmented Backus-
Form (BNF) as described in [ABNF].
; ABNF specification for Registry Registrar Protocol (RRP) v1.1.0
; Note that character string literals are case insensitive
Hollenbeck & Srivastava Informational [Page 30]
RFC 2832 NSI Registry Registrar Protocol May 2000
; Lexical
space = %x20 ; " "
dot = %x2E ; "."
dash = %x2D ; "-"
underscore = %x5F ; "_"
colon = %x3A ; ":"
cr = %x0D ; ASCII carriage
lf = %x0A ; ASCII
crlf = cr
alpha = %x41-5A / %x61-7A ; A-Z / a-
digit = %x30-39 ; 0-9
dns-char = alpha / digit /
id-char = alpha / digit / underscore /
id-prefix = alpha /
id-word = id-prefix *id-
printable-char = %x20-7E ; ASCII " " - "~"
; Start of basic grammar
year = 4
month = 2
day = 2
ymd = year dash month dash
hour = 2
minute = 2
second = 2
split-second = 1
hms = hour colon minute colon second dot split-
time-stamp = ymd space
ip-address = 1*3digit dot 1*3digit dot 1*3digit dot 1*3
password = 4*16printable-
option-name = 1*128id-
option-tag = dash option-
option-value = 1*128id-
attribute-name = 1*128id-
attribute-value = 1*128printable-
attribute-line = attribute-name colon attribute-value
response = 3digit space 1*printable-char
version-number = "RRP" space 1*digit dot 1*digit dot 1*
label = id-prefix [*61dns-char id-prefix
sldn = label dot
servername = *(label dot)
period = %x31-39 / (%x31-39 %x30-39) ; "1" - "9" or "10" - "99"
period-option = dash "Period" colon period
yesno = "Yes" / "No
domainstat