Tech-invite3GPPspaceIETFspace
96959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 4930

Extensible Provisioning Protocol (EPP)

Pages: 72
Obsoletes:  3730
Obsoleted by:  5730
Part 2 of 3 – Pages 21 to 48
First   Prev   Next

ToP   noToC   RFC4930 - Page 21   prevText

2.9. Protocol Commands

EPP provides commands to manage sessions, retrieve object information, and perform transformation operations on objects. All EPP commands are atomic and designed so that they can be made idempotent, either succeeding completely or failing completely and producing predictable results in case of repeated executions. This section describes each EPP command, including examples with representative server responses.

2.9.1. Session Management Commands

EPP provides two commands for session management: <login> to establish a session with a server, and <logout> to end a session with a server. The <login> command establishes an ongoing server session that preserves client identity and authorization information during the duration of the session.
2.9.1.1. EPP <login> Command
The EPP <login> command is used to establish a session with an EPP server in response to a greeting issued by the server. A <login> command MUST be sent to a server before any other EPP command to establish an ongoing session. A server operator MAY limit the number of failed login attempts N, 1 <= N <= infinity, after which a login failure results in the connection to the server (if a connection exists) being closed. A client identifier and initial password MUST be created on the server before a client can successfully complete a <login> command. The client identifier and initial password MUST be delivered to the client using an out-of-band method that protects the identifier and password from inadvertent disclosure. In addition to the standard EPP command elements, the <login> command contains the following child elements: - A <clID> element that contains the client identifier assigned to the client by the server. - A <pw> element that contains the client's plain text password. The value of this element is case sensitive. - An OPTIONAL <newPW> element that contains a new plain text password to be assigned to the client for use with subsequent <login> commands. The value of this element is case sensitive.
ToP   noToC   RFC4930 - Page 22
   -  An <options> element that contains the following child elements:

      -  A <version> element that contains the protocol version to be
         used for the command or ongoing server session.

      -  A <lang> element that contains the text response language to be
         used for the command or ongoing server session commands.

      The values of the <version> and <lang> elements MUST exactly match
      one of the values presented in the EPP greeting.

   -  A <svcs> element that contains one or more <objURI> elements that
      contain namespace URIs representing the objects to be managed
      during the session.  The <svcs> element MAY contain an OPTIONAL
      <svcExtension> element that contains one or more <extURI> elements
      that identify object extensions to be used during the session.

   The PLAIN Simple Authentication and Security Layer (SASL) mechanism
   presented in [RFC2595] describes a format for providing a user
   identifier, an authorization identifier, and a password as part of a
   single plain text string.  The EPP authentication mechanism is
   similar, though EPP does not require a session-level authorization
   identifier and the user identifier and password are separated into
   distinct XML elements.  Additional identification and authorization
   schemes MUST be provided at other protocol layers to provide more
   robust security services.
ToP   noToC   RFC4930 - Page 23
   Example <login> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <login>
   C:      <clID>ClientX</clID>
   C:      <pw>foo-BAR2</pw>
   C:      <newPW>bar-FOO2</newPW>
   C:      <options>
   C:        <version>1.0</version>
   C:        <lang>en</lang>
   C:      </options>
   C:      <svcs>
   C:        <objURI>urn:ietf:params:xml:ns:obj1</objURI>
   C:        <objURI>urn:ietf:params:xml:ns:obj2</objURI>
   C:        <objURI>urn:ietf:params:xml:ns:obj3</objURI>
   C:        <svcExtension>
   C:          <extURI>http://custom/obj1ext-1.0</extURI>
   C:        </svcExtension>
   C:      </svcs>
   C:    </login>
   C:    <clTRID>ABC-12345</clTRID>
   C:  </command>
   C:</epp>

   When a <login> command has been processed successfully, a server MUST
   respond with an EPP response with no <resData> element.  If
   successful, the server will respond by creating and maintaining a new
   session that SHOULD be terminated by a future <logout> command.

   Example <login> response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>
ToP   noToC   RFC4930 - Page 24
   The EPP <login> command is used to establish a session with an EPP
   server.  A <login> command MUST be rejected if received within the
   bounds of an existing session.  This action MUST be open to all
   authorized clients.

2.9.1.2. EPP <logout> Command
The EPP <logout> command is used to end a session with an EPP server. The <logout> command MUST be represented as an empty element with no child elements. A server MAY end a session due to client inactivity or excessive client session longevity. The parameters for determining excessive client inactivity or session longevity are a matter of server policy and are not specified by this protocol. Transport mappings MUST explicitly describe any connection-oriented processing that takes place after processing a <logout> command and ending a session. Example <logout> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <logout/> C: <clTRID>ABC-12345</clTRID> C: </command> C:</epp> When a <logout> command has been processed successfully, a server MUST respond with an EPP response with no <resData> element. If successful, the server MUST also end the current session. Example <logout> response: S:<?xml version="1.0" encoding="UTF-8" standalone="no"?> S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> S: <response> S: <result code="1500"> S: <msg>Command completed successfully; ending session</msg> S: </result> S: <trID> S: <clTRID>ABC-12345</clTRID> S: <svTRID>54321-XYZ</svTRID> S: </trID> S: </response> S:</epp>
ToP   noToC   RFC4930 - Page 25
   The EPP <logout> command is used to end a session with an EPP server.
   A <logout> command MUST be rejected if the command has not been
   preceded by a successful <login> command.  This action MUST be open
   to all authorized clients.

2.9.2. Query Commands

2.9.2.1. EPP <check> Command
The EPP <check> command is used to determine if an object can be provisioned within a repository. It provides a hint that allows a client to anticipate the success or failure of provisioning an object using the <create> command as object provisioning requirements are ultimately a matter of server policy. The elements needed to identify an object are object-specific, so the child elements of the <check> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <check> command contains the following child elements: - An object-specific <obj:check> element that identifies the objects to be queried. Multiple objects of the same type MAY be queried within a single <check> command. Example <check> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <check> C: <obj:check xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <obj:name>example1</obj:name> C: <obj:name>example2</obj:name> C: <obj:name>example3</obj:name> C: </obj:check> C: </check> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When a <check> command has been processed successfully, a server MUST respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace. The child elements of the <resData> element are object-specific, though the EPP <resData> element MUST contain a child <obj:chkData> element that contains one or more <obj:cd> (check data) elements. Each <obj:cd> element contains the following child elements:
ToP   noToC   RFC4930 - Page 26
   -  An object-specific element that identifies the queried object.
      This element MUST contain an "avail" attribute whose value
      indicates object availability (can it be provisioned or not) at
      the moment the <check> command was completed.  A value of "1" or
      "true" means that the object can be provisioned.  A value of "0"
      or "false" means that the object cannot be provisioned.

   -  An OPTIONAL <obj:reason> element that MAY be provided when an
      object cannot be provisioned.  If present, this element contains
      server-specific text to help explain why the object cannot be
      provisioned.  This text MUST be represented in the response
      language previously negotiated with the client; an OPTIONAL "lang"
      attribute MAY be present to identify the language if the
      negotiated value is something other than the default value of "en"
      (English).

   Example <check> response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:chkData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:cd>
   S:          <obj:name avail="1">example1</obj:name>
   S:        </obj:cd>
   S:        <obj:cd>
   S:          <obj:name avail="0">example2</obj:name>
   S:          <obj:reason>In use</obj:reason>
   S:        </obj:cd>
   S:        <obj:cd>
   S:          <obj:name avail="1">example3</obj:name>
   S:        </obj:cd>
   S:      </obj:chkData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <check> command is used to determine if an object can be
   provisioned within a repository.  This action MUST be open to all
   authorized clients.
ToP   noToC   RFC4930 - Page 27
2.9.2.2. EPP <info> Command
The EPP <info> command is used to retrieve information associated with an existing object. The elements needed to identify an object and the type of information associated with an object are both object-specific, so the child elements of the <info> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <info> command contains the following child elements: - An object-specific <obj:info> element that identifies the object to be queried. Example <info> command: C:<?xml version="1.0" encoding="UTF-8" standalone="no"?> C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"> C: <command> C: <info> C: <obj:info xmlns:obj="urn:ietf:params:xml:ns:obj"> C: <!-- Object-specific elements. --> C: </obj:info> C: </info> C: <clTRID>ABC-12346</clTRID> C: </command> C:</epp> When an <info> command has been processed successfully, a server MUST respond with an EPP <resData> element that MUST contain a child element that identifies the object namespace and the Repository Object IDentifier (ROID) that was assigned to the object when the object was created. Other child elements of the <resData> element are object-specific.
ToP   noToC   RFC4930 - Page 28
   Example <info> response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:infData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:roid>EXAMPLE1-REP</obj:roid>
   S:        <!-- Object-specific elements. -->
   S:      </obj:infData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <info> command is used to retrieve information associated
   with an existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.

2.9.2.3. EPP <poll> Command
The EPP <poll> command is used to discover and retrieve service messages queued by a server for individual clients. If the message queue is not empty, a successful response to a <poll> command MUST return the first message from the message queue. Each response returned from the server includes a server-unique message identifier that MUST be provided to acknowledge receipt of the message, and a counter that indicates the number of messages in the queue. After a message has been received by the client, the client MUST respond to the message with an explicit acknowledgement to confirm that the message has been received. A server MUST dequeue the message and decrement the queue counter after receiving acknowledgement from the client, making the next message in the queue (if any) available for retrieval. Servers can occasionally perform actions on objects that are not in direct response to a client request, or an action taken by one client can indirectly involve a second client. Examples of such actions include deletion upon expiration, automatic renewal upon expiration, and transfer coordination; other types of service information MAY be defined as a matter of server policy. Service messages SHOULD be
ToP   noToC   RFC4930 - Page 29
   created for passive clients affected by an action on an object.
   Service messages MAY also be created for active clients that request
   an action on an object, though such messages MUST NOT replace the
   normal protocol response to the request.  For example, <transfer>
   actions SHOULD be reported to the client that has the authority to
   approve or reject a transfer request.  Other methods of server-client
   action notification, such as offline reporting, are also possible and
   are beyond the scope of this specification.

   Message queues can consume server resources if clients do not
   retrieve and acknowledge messages on a regular basis.  Servers MAY
   implement other mechanisms to dequeue and deliver messages if queue
   maintenance needs exceed server resource consumption limits.  Server
   operators SHOULD consider time-sensitivity and resource management
   factors when selecting a delivery method for service information
   because some message types can be reasonably delivered using non-
   protocol methods that require fewer server resources.

   Some of the information returned in response to a <poll> command can
   be object-specific, so some child elements of the <poll> response MAY
   be specified using the EPP extension framework.  The <poll> command
   MUST be represented as an empty element with no child elements.  An
   "op" attribute with value "req" is REQUIRED to retrieve the first
   message from the server message queue.  An "op" attribute (with value
   "ack") and a "msgID" attribute (whose value corresponds to the value
   of the "id" attribute copied from the <msg> element in the message
   being acknowledged) are REQUIRED to acknowledge receipt of a message.

   Example <poll> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <poll op="req"/>
   C:    <clTRID>ABC-12345</clTRID>
   C:  </command>
   C:</epp>

   The returned result code notes that a message has been dequeued and
   returned in response to a <poll> command.
ToP   noToC   RFC4930 - Page 30
   Example <poll> response with object-specific information:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1301">
   S:      <msg>Command completed successfully; ack to dequeue</msg>
   S:    </result>
   S:    <msgQ count="5" id="12345">
   S:      <qDate>2000-06-08T22:00:00.0Z</qDate>
   S:      <msg>Transfer requested.</msg>
   S:    </msgQ>
   S:    <resData>
   S:      <obj:trnData
   S:       xmlns:obj="urn:ietf:params:xml:ns:obj-1.0">
   S:        <obj:name>example.com</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   A client MUST acknowledge each response to dequeue the message and
   make subsequent messages available for retrieval.

   Example <poll> acknowledgement command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <poll op="ack" msgID="12345"/>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   A <poll> acknowledgement response notes the ID of the message that
   has been acknowledged and the number of messages remaining in the
   queue.
ToP   noToC   RFC4930 - Page 31
   Example <poll> acknowledgement response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <msgQ count="4" id="12345"/>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   Service messages can also be returned without object information.

   Example <poll> response with mixed message content and without
   object-specific information:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1301">
   S:      <msg>Command completed successfully; ack to dequeue</msg>
   S:    </result>
   S:    <msgQ count="4" id="12346">
   S:      <qDate>2000-06-08T22:10:00.0Z</qDate>
   S:      <msg lang="en">Credit balance low.
   S:        <limit>100</limit><bal>5</bal>
   S:      </msg>
   S:    </msgQ>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The returned result code and message is used to note an empty server
   message queue.
ToP   noToC   RFC4930 - Page 32
   Example <poll> response to note an empty message queue:

      S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
      S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
      S:  <response>
      S:    <result code="1300">
      S:      <msg>Command completed successfully; no messages</msg>
      S:    </result>
      S:    <trID>
      S:      <clTRID>ABC-12346</clTRID>
      S:      <svTRID>54321-XYZ</svTRID>
      S:    </trID>
      S:  </response>
      S:</epp>

   The EPP <poll> command is used to discover and retrieve client
   service messages from a server.  This action SHOULD be limited to
   authorized clients; queuing service messages and limiting queue
   access on a per-client basis is RECOMMENDED.

2.9.2.4. EPP <transfer> Query Command
The EPP <transfer> command provides a query operation that allows a client to determine real-time status of pending and completed transfer requests. The elements needed to identify an object that is the subject of a transfer request are object-specific, so the child elements of the <transfer> query command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <transfer> command contains an "op" attribute with value "query", and the following child elements: - An object-specific <obj:transfer> element that identifies the object whose transfer status is requested. Transfer status is typically considered sensitive information by the clients involved in the operation. Object mappings MUST provide features to restrict transfer queries to authorized clients, such as by requiring authorization information as part of the request.
ToP   noToC   RFC4930 - Page 33
   Example <transfer> query command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <transfer op="query">
   C:      <obj:transfer xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:transfer>
   C:    </transfer>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When a <transfer> query command has been processed successfully, a
   server MUST respond with an EPP <resData> element that MUST contain a
   child element that identifies the object namespace.  The child
   elements of the <resData> element are object-specific, but they MUST
   include elements that identify the object, the status of the
   transfer, the identifier of the client that requested the transfer,
   the date and time that the request was made, the identifier of the
   client that is authorized to act on the request, the date and time by
   which an action is expected, and an OPTIONAL date and time noting
   changes in the object's validity period (if applicable) that occur as
   a result of the transfer.
ToP   noToC   RFC4930 - Page 34
   Example <transfer> query response:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:trnData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:name>example</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <transfer> command provides a query operation that allows a
   client to determine real-time status of pending and completed
   transfer requests.  This action SHOULD be limited to authorized
   clients; restricting queries to the requesting and responding clients
   is RECOMMENDED.  Object transfer MAY be unavailable or limited by
   object-specific policies.

2.9.3. Object Transform Commands

EPP provides five commands to transform objects: <create> to create an instance of an object with a server, <delete> to remove an instance of an object from a server, <renew> to extend the validity period of an object, <transfer> to manage changes in client sponsorship of an object, and <update> to change information associated with an object.
2.9.3.1. EPP <create> Command
The EPP <create> command is used to create an instance of an object. An object can be created for an indefinite period of time, or an object can be created for a specific validity period. The EPP mapping for an object MUST describe the status of an object with
ToP   noToC   RFC4930 - Page 35
   respect to time, to include expected client and server behavior if a
   validity period is used.

   The elements needed to identify an object and associated attributes
   are object-specific, so the child elements of the <create> command
   are specified using the EPP extension framework.  In addition to the
   standard EPP command elements, the <create> command contains the
   following child elements:

   -  An object-specific <obj:create> element that identifies the object
      to be created and the elements that are required to create the
      object.

   Example <create> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <create>
   C:      <obj:create xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:create>
   C:    </create>
   C:    <clTRID>ABC-12345</clTRID>
   C:  </command>
   C:</epp>

   When a <create> command has been processed successfully, a server MAY
   respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific.
ToP   noToC   RFC4930 - Page 36
   Example <create> response with <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:creData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <!-- Object-specific elements. -->
   S:      </obj:creData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12345</clTRID>
   S:      <svTRID>54321-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <create> command is used to create an instance of an object.
   This action SHOULD be limited to authorized clients and MAY be
   restricted on a per-client basis.

2.9.3.2. EPP <delete> Command
The EPP <delete> command is used to remove an instance of an existing object. The elements needed to identify an object are object- specific, so the child elements of the <delete> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <delete> command contains the following child elements: - An object-specific <obj:delete> element that identifies the object to be deleted.
ToP   noToC   RFC4930 - Page 37
   Example <delete> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <delete>
   C:      <obj:delete xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:delete>
   C:    </delete>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When a <delete> command has been processed successfully, a server MAY
   respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific.

   Example <delete> response without <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <delete> command is used to remove an instance of an existing
   object.  This action SHOULD be limited to authorized clients;
   restricting this action to the sponsoring client is RECOMMENDED.

2.9.3.3. EPP <renew> Command
The EPP <renew> command is used to extend the validity period of an existing object. The elements needed to identify and extend the validity period of an object are object-specific, so the child elements of the <renew> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <renew> command contains the following child elements:
ToP   noToC   RFC4930 - Page 38
   -  An object-specific <obj:renew> element that identifies the object
      to be renewed and the elements that are required to extend the
      validity period of the object.

   Example <renew> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <renew>
   C:      <obj:renew xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:renew>
   C:    </renew>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When a <renew> command has been processed successfully, a server MAY
   respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific.

   Example <renew> response with <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:renData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <!-- Object-specific elements. -->
   S:      </obj:renData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <renew> command is used to extend the validity period of an
   existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.  Object renewal MAY be unavailable or limited by object-
   specific policies.
ToP   noToC   RFC4930 - Page 39
2.9.3.4. EPP <transfer> Command
The EPP <transfer> command is used to manage changes in client sponsorship of an existing object. Clients can initiate a transfer request, cancel a transfer request, approve a transfer request, and reject a transfer request using the "op" command attribute. A client who wishes to assume sponsorship of a known object from another client uses the <transfer> command with the value of the "op" attribute set to "request". Once a transfer has been requested, the same client can cancel the request using a <transfer> command with the value of the "op" attribute set to "cancel". A request to cancel the transfer MUST be sent to the server before the current sponsoring client either approves or rejects the transfer request and before the server automatically processes the request due to responding client inactivity. Once a transfer request has been received by the server, the server MUST notify the current sponsoring client of the requested transfer either by queuing a service message for retrieval via the <poll> command or by using an out-of-band mechanism to inform the client of the request. The current status of a pending <transfer> command for any object can be found using the <transfer> query command. Transfer service messages MUST include the object-specific elements specified for <transfer> command responses. The current sponsoring client MAY explicitly approve or reject the transfer request. The client can approve the request using a <transfer> command with the value of the "op" attribute set to "approve". The client can reject the request using a <transfer> command with the value of the "op" attribute set to "reject". A server MAY automatically approve or reject all transfer requests that are not explicitly approved or rejected by the current sponsoring client within a fixed amount of time. The amount of time to wait for explicit action and the default server behavior are local matters not specified by EPP, but they SHOULD be documented in a server-specific profile document that describes default server behavior for client information. Objects eligible for transfer MUST have associated authorization information that MUST be provided to complete a <transfer> command. The type of authorization information required is object-specific; passwords or more complex mechanisms based on public key cryptography are typical.
ToP   noToC   RFC4930 - Page 40
   The elements needed to identify and complete the transfer of an
   object are object-specific, so the child elements of the <transfer>
   command are specified using the EPP extension framework.  In addition
   to the standard EPP command elements, the <transfer> command contains
   the following child elements:

   -  An object-specific <obj:transfer> element that identifies the
      object to be transferred and the elements that are required to
      process the transfer command.

   Example <transfer> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <transfer op="request">
   C:      <obj:transfer xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:transfer>
   C:    </transfer>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When a <transfer> command has been processed successfully, a server
   MUST respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific, but they MUST include
   elements that identify the object, the status of the transfer, the
   identifier of the client that requested the transfer, the date and
   time that the request was made, the identifier of the client that is
   authorized to act on the request, the date and time by which an
   action is expected, and an OPTIONAL date and time noting changes in
   the object's validity period (if applicable) that occur as a result
   of the transfer.
ToP   noToC   RFC4930 - Page 41
   Example <transfer> response with <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1001">
   S:      <msg>Command completed successfully; action pending</msg>
   S:    </result>
   S:    <resData>
   S:      <obj:trnData xmlns:obj="urn:ietf:params:xml:ns:obj">
   S:        <obj:name>example</obj:name>
   S:        <obj:trStatus>pending</obj:trStatus>
   S:        <obj:reID>ClientX</obj:reID>
   S:        <obj:reDate>2000-06-08T22:00:00.0Z</obj:reDate>
   S:        <obj:acID>ClientY</obj:acID>
   S:        <obj:acDate>2000-06-13T22:00:00.0Z</obj:acDate>
   S:        <obj:exDate>2002-09-08T22:00:00.0Z</obj:exDate>
   S:      </obj:trnData>
   S:    </resData>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <transfer> command is used to manage changes in client
   sponsorship of an existing object.  This action SHOULD be limited to
   authorized clients; restricting <transfer> requests to a client other
   than the current sponsoring client, <transfer> approval requests to
   the current sponsoring client, and <transfer> cancellation requests
   to the original requesting client is RECOMMENDED.  Object transfer
   MAY be unavailable or limited by object-specific policies.

2.9.3.5. EPP <update> Command
The EPP <update> command is used to change information associated with an existing object. The elements needed to identify and modify an object are object-specific, so the child elements of the <update> command are specified using the EPP extension framework. In addition to the standard EPP command elements, the <update> command contains the following child elements: - An object-specific <obj:update> element that identifies the object to be updated and the elements that are required to modify the object. Object-specific elements MUST identify values to be added, values to be removed, or values to be changed.
ToP   noToC   RFC4930 - Page 42
   Example <update> command:

   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   C:  <command>
   C:    <update>
   C:      <obj:update xmlns:obj="urn:ietf:params:xml:ns:obj">
   C:        <!-- Object-specific elements. -->
   C:      </obj:update>
   C:    </update>
   C:    <clTRID>ABC-12346</clTRID>
   C:  </command>
   C:</epp>

   When an <update> command has been processed successfully, a server
   MAY respond with an EPP <resData> element that MUST contain a child
   element that identifies the object namespace.  The child elements of
   the <resData> element are object-specific.

   Example <update> response without <resData>:

   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
   S:  <response>
   S:    <result code="1000">
   S:      <msg>Command completed successfully</msg>
   S:    </result>
   S:    <trID>
   S:      <clTRID>ABC-12346</clTRID>
   S:      <svTRID>54322-XYZ</svTRID>
   S:    </trID>
   S:  </response>
   S:</epp>

   The EPP <update> command is used to change information associated
   with an existing object.  This action SHOULD be limited to authorized
   clients; restricting this action to the sponsoring client is
   RECOMMENDED.

3. Result Codes

EPP result codes are based on the theory of reply codes described in section 4.2.1 of [RFC2821]. EPP uses four decimal digits to describe the success or failure of each EPP command. Each of the digits of the reply have special significance.
ToP   noToC   RFC4930 - Page 43
   The first digit denotes command success or failure.  The second digit
   denotes the response category, such as command syntax or security.
   The third and fourth digits provide explicit response detail within
   each response category.

   There are two values for the first digit of the reply code:

   1yzz    Positive completion reply.  The command was accepted and
           processed by the system without error.

   2yzz    Negative completion reply.  The command was not accepted, and
           the requested action did not occur.

   The second digit groups responses into one of six specific
   categories:

   x0zz    Protocol Syntax
   x1zz    Implementation-specific Rules
   x2zz    Security
   x3zz    Data Management
   x4zz    Server System
   x5zz    Connection Management

   The third and fourth digits provide response detail within the
   categories defined by the first and second digits.  Specific result
   codes are listed in the table below.

   Every EPP response MUST include a result code and a human-readable
   description of the result code.  The language used to represent the
   description MAY be identified using an instance of the "lang"
   attribute within the <msg> element.  If not specified, the default
   language is English, identified as "en".  A description of the
   structure of valid values for the "lang" attribute is described in
   [RFC3066].

   Response text MAY be translated into other languages, though the
   translation MUST preserve the meaning of the code as described here.
   Response code values MUST NOT be changed when translating text.

   Response text in the table below is enclosed in quotes to clearly
   mark the beginning and ending of each response string.  Quotes MUST
   NOT be used to delimit these strings when returning response text via
   the protocol.

   Successful command completion responses:
ToP   noToC   RFC4930 - Page 44
   Code    Response text in English
   ____    ________________________

   1000    "Command completed successfully"
           This is the usual response code for a successfully completed
           command that is not addressed by any other 1xxx-series
           response code.

   1001    "Command completed successfully; action pending"
           This response code MUST be returned when responding to a
           command that requires offline activity before the requested
           action can be completed.  See Section 2 for a description of
           other processing requirements.

   1300    "Command completed successfully; no messages"
           This response code MUST be returned when responding to a
           <poll> request command and the server message queue is empty.

   1301    "Command completed successfully; ack to dequeue"
           This response code MUST be returned when responding to a
           <poll> request command and a message has been retrieved from
           the server message queue.

   1500    "Command completed successfully; ending session"
           This response code MUST be returned when responding to a
           successful <logout> command.

   Command error responses:

   Code    Response text in English
   ____    ________________________

   2000    "Unknown command"
           This response code MUST be returned when a server receives a
           command element that is not defined by EPP.

   2001    "Command syntax error"
           This response code MUST be returned when a server receives an
           improperly formed command element.

   2002    "Command use error"
           This response code MUST be returned when a server receives a
           properly formed command element, but the command cannot be
           executed due to a sequencing or context error.  For example,
           a <logout> command cannot be executed without having first
           completed a <login> command.
ToP   noToC   RFC4930 - Page 45
   2003    "Required parameter missing"
           This response code MUST be returned when a server receives a
           command for which a required parameter value has not been
           provided.

   2004    "Parameter value range error"
           This response code MUST be returned when a server receives a
           command parameter whose value is outside the range of values
           specified by the protocol.  The error value SHOULD be
           returned via a <value> element in the EPP response.

   2005    "Parameter value syntax error"
           This response code MUST be returned when a server receives a
           command containing a parameter whose value is improperly
           formed.  The error value SHOULD be returned via a <value>
           element in the EPP response.

   2100    "Unimplemented protocol version"
           This response code MUST be returned when a server receives a
           command element specifying a protocol version that is not
           implemented by the server.

   2101    "Unimplemented command"
           This response code MUST be returned when a server receives a
           valid EPP command element that is not implemented by the
           server.  For example, a <transfer> command can be
           unimplemented for certain object types.

   2102    "Unimplemented option"
           This response code MUST be returned when a server receives a
           valid EPP command element that contains a protocol option
           that is not implemented by the server.

   2103    "Unimplemented extension"
           This response code MUST be returned when a server receives a
           valid EPP command element that contains a protocol command
           extension that is not implemented by the server.

   2104    "Billing failure"
           This response code MUST be returned when a server attempts to
           execute a billable operation and the command cannot be
           completed due to a client billing failure.

   2105    "Object is not eligible for renewal"
           This response code MUST be returned when a client attempts to
           <renew> an object that is not eligible for renewal in
           accordance with server policy.
ToP   noToC   RFC4930 - Page 46
   2106    "Object is not eligible for transfer"
           This response code MUST be returned when a client attempts to
           <transfer> an object that is not eligible for transfer in
           accordance with server policy.

   2200    "Authentication error"
           This response code MUST be returned when a server notes an
           error when validating client credentials.

   2201    "Authorization error"
           This response code MUST be returned when a server notes a
           client authorization error when executing a command.  This
           error is used to note that a client lacks privileges to
           execute the requested command.

   2202    "Invalid authorization information"
           This response code MUST be returned when a server receives
           invalid command authorization information required to confirm
           authorization to execute a command.  This error is used to
           note that a client has the privileges required to execute the
           requested command, but the authorization information provided
           by the client does not match the authorization information
           archived by the server.

   2300    "Object pending transfer"
           This response code MUST be returned when a server receives a
           command to transfer of an object that is pending transfer due
           to an earlier transfer request.

   2301    "Object not pending transfer"
           This response code MUST be returned when a server receives a
           command to confirm, reject, or cancel the transfer an object
           when no command has been made to transfer the object.

   2302    "Object exists"
           This response code MUST be returned when a server receives a
           command to create an object that already exists in the
           repository.

   2303    "Object does not exist"
           This response code MUST be returned when a server receives a
           command to query or transform an object that does not exist
           in the repository.
ToP   noToC   RFC4930 - Page 47
   2304    "Object status prohibits operation"
           This response code MUST be returned when a server receives a
           command to transform an object that cannot be completed due
           to server policy or business practices.  For example, a
           server can disallow <transfer> commands under terms and
           conditions that are matters of local policy, or the server
           might have received a <delete> command for an object whose
           status prohibits deletion.

   2305    "Object association prohibits operation"
           This response code MUST be returned when a server receives a
           command to transform an object that cannot be completed due
           to dependencies on other objects that are associated with the
           target object.  For example, a server can disallow <delete>
           commands while an object has active associations with other
           objects.

   2306    "Parameter value policy error"
           This response code MUST be returned when a server receives a
           command containing a parameter value that is syntactically
           valid, but semantically invalid due to local policy.  For
           example, the server can support a subset of a range of valid
           protocol parameter values.  The error value SHOULD be
           returned via a <value> element in the EPP response.

   2307    "Unimplemented object service"
           This response code MUST be returned when a server receives a
           command to operate on an object service that is not supported
           by the server.

   2308    "Data management policy violation"
           This response code MUST be returned when a server receives a
           command whose execution results in a violation of server data
           management policies.  For example, removing all attribute
           values or object associations from an object might be a
           violation of a server's data management policies.

   2400    "Command failed"
           This response code MUST be returned when a server is unable
           to execute a command due to an internal server error that is
           not related to the protocol.  The failure can be transient.
           The server MUST keep any ongoing session active.
ToP   noToC   RFC4930 - Page 48
   2500    "Command failed; server closing connection"
           This response code MUST be returned when a server receives a
           command that cannot be completed due to an internal server
           error that is not related to the protocol.  The failure is
           not transient and will cause other commands to fail as well.
           The server MUST end the active session and close the existing
           connection.

   2501    "Authentication error; server closing connection"
           This response code MUST be returned when a server notes an
           error when validating client credentials and a server-defined
           limit on the number of allowable failures has been exceeded.
           The server MUST close the existing connection.

   2502    "Session limit exceeded; server closing connection"
           This response code MUST be returned when a server receives a
           <login> command, and the command cannot be completed because
           the client has exceeded a system-defined limit on the number
           of sessions that the client can establish.  It might be
           possible to establish a session by ending existing unused
           sessions and closing inactive connections.



(page 48 continued on part 3)

Next Section