Internet Engineering Task Force G. Lozano Internet-Draft E. Alvarez Intended status: Informational ICANN Expires: September 27, 2020 March 26, 2020 ICANN Registrar Interfaces draft-icann-registrar-interfaces-04 Abstract This document describes the interfaces provided by ICANN to Registrars and Data Escrow Agents in order to fulfill the data escrow requirements of the Registrar Accreditation Agreement and the Registrar Data Escrow Specifications. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on September 27, 2020. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Lozano & Alvarez Expires September 27, 2020 [Page 1] Internet-Draft ICANN Registrar Interfaces March 2020 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 1.2. Date and Time . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Common elements used in this specification . . . . . . . 3 2. Interfaces for Registrar Data Escrow Notifications . . . . . 3 2.1. Registrar Reporting . . . . . . . . . . . . . . . . . . . 3 2.2. Data Escrow Agent Reporting . . . . . . . . . . . . . . . 6 3. Technical details of the interfaces . . . . . . . . . . . . . 11 3.1. Registrar Reporting . . . . . . . . . . . . . . . . . . . 12 3.2. Data Escrow Agent Reporting . . . . . . . . . . . . . . . 13 4. Monitoring Registrar reporting . . . . . . . . . . . . . . . 15 4.1. Monitoring the reporting status of a Registrar . . . . . 15 4.2. Monitoring Registrar Data Escrow Reports . . . . . . . . 17 4.3. Monitoring Registrar Data Escrow Agent Notifications . . 19 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 6. Security Considerations . . . . . . . . . . . . . . . . . . . 21 7. Change History . . . . . . . . . . . . . . . . . . . . . . . 21 7.1. Version 00 . . . . . . . . . . . . . . . . . . . . . . . 21 7.2. Version 01 . . . . . . . . . . . . . . . . . . . . . . . 21 7.3. Version 02 . . . . . . . . . . . . . . . . . . . . . . . 22 7.4. Version 03 . . . . . . . . . . . . . . . . . . . . . . . 22 7.5. Version 04 . . . . . . . . . . . . . . . . . . . . . . . 22 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 8.1. Normative References . . . . . . . . . . . . . . . . . . 22 8.2. Informative References . . . . . . . . . . . . . . . . . 23 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 23 1. Introduction This document describes the technical details of the interfaces provided by the Internet Corporation for Assigned Names and Numbers (ICANN) to Registrars and Data Escrow Agents in order to fulfill the data escrow requirements of the Registrar Accreditation Agreement [ICANN-RAA-2013] and the Registrar Data Escrow Specifications [ICANN-RDE-SPEC]. 1.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. XML is case sensitive. Unless stated otherwise, XML specifications and examples provided in this document MUST be interpreted in the character case presented in order to develop a conforming implementation. Lozano & Alvarez Expires September 27, 2020 [Page 2] Internet-Draft ICANN Registrar Interfaces March 2020 1.2. Date and Time Numerous fields indicate "date and time", such as the creation and receipt dates for data escrow deposits. These fields SHALL contain timestamps indicating the date and time in UTC as specified in [RFC3339], with no offset from the zero meridian. 1.3. Common elements used in this specification Common elements used in this specification are explained in this section. o : The base URL used in the reporting interfaces examples must be replaced with the URL indicated by ICANN. o This document uses the term of "Differential" deposit as defined in the Registry Data Escrow Specification (see, [I-D.arias-noguchi-registry-data-escrow]), while the Registrar Data Escrow Specifications [ICANN-RDE-SPEC] refers to the same concept as "Incremental" deposit. 2. Interfaces for Registrar Data Escrow Notifications This section describes the interfaces provided by ICANN to the Registrars and Data Escrow Agents in order to fulfill their reporting requirements related to Registrar Data Escrow Specifications [ICANN-RDE-SPEC]. 2.1. Registrar Reporting To notify that a data escrow deposit has been submitted to a Data Escrow Agent, the ICANN-accredited Registrar sends a object (see, [I-D.lozano-icann-registry-interfaces]) to ICANN. The following considerations apply for a object corresponding to a data escrow deposit for a Registrar repository: o The element in the object (see, [I-D.arias-noguchi-dnrd-objects-mapping]) MUST be present and have a value corresponding to the IANA Registrar ID assigned by ICANN. o A element MUST be included with the corresponding "rcdn" attribute in the object to indicate the total domains in the Registrar repository for each Registry Class Domain Name (e.g. example) with at least one domain Lozano & Alvarez Expires September 27, 2020 [Page 3] Internet-Draft ICANN Registrar Interfaces March 2020 name allocation at a specific point in time (watermark), regardless of the type of deposit: full or differential. * If the "https://www.icann.org/en/system/files/files/rde-specs- 09nov07-en.pdf" specification is being used as the , then the "uri" attribute in the elements for domain names MUST have a value of "urn:ietf:params:xml:ns:rdeDomain-1.0". o To indicate that a Registrar repository has no domain names, one element MUST be included with the "uri" attribute value of "urn:ietf:params:xml:ns:rdeDomain-1.0", no "rcdn" attribute, and a value of 0 (zero). The object for each deposit successfully sent to the Data Escrow Agent is sent using the PUT HTTP verb in the interface provided by ICANN at: /report/registrar-escrow-report// Where: * MUST be substituted with the IANA Registrar ID assigned by ICANN for which the report is being provided. * MUST be substituted with the identifier assigned to this report, which MUST be the same as the "id" attribute from the . Note: The interface supports overwriting the information of a particular report to support asynchronous interfaces between Registrars and Data Escrow Agents. Example of a object for a data escrow deposit corresponding to a Registrar repository: Lozano & Alvarez Expires September 27, 2020 [Page 4] Internet-Draft ICANN Registrar Interfaces March 2020 20170801001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-08-01T00:15:00.0Z FULL 2017-08-01T00:00:00Z 9999 2 8 3 Example of a object for an empty data escrow deposit corresponding to a Registrar repository: 20170801001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-08-01T00:15:00.0Z FULL 2017-08-01T00:00:00Z 9999 0 Lozano & Alvarez Expires September 27, 2020 [Page 5] Internet-Draft ICANN Registrar Interfaces March 2020 2.2. Data Escrow Agent Reporting The Registrar Data Escrow Specification requires that Registrar Data Escrow Agents deliver to ICANN a notification every time a successfully processed deposit is received from the Registrar regardless of the final status of the verification process, in addition to a failure notification if a scheduled deposit is not received from a Registrar. In order to satisfy this requirement, the Data Escrow Agent sends to ICANN a object as defined in Section 2 of [I-D.lozano-icann-registry-interfaces], to ICANN using the POST HTTP verb in the interface provided by ICANN at: /report/registrar-escrow-agent-notification/ Where: * MUST be substituted with the IANA Registrar ID assigned by ICANN for which the notification is being provided. A with DRFN (Deposit Receipt Failure Notice) status is used to notify that a data escrow deposit has not been processed for verification for a past date where a deposit was scheduled to be received from the Registrar. In addition to the considerations listed in Section 2.1 for the object of the notification, if the data escrow deposit does not include an , a unique value MUST be generated by the Data Escrow Agent to reference the deposit and it MUST be provided in the element. In the case of a with DVFN (Deposit Verification Failure Notice) status, the element MUST be present and include a object for each deposit verification error condition and specify in the corresponding "domainCount" attribute the number of domain names with such error conditions. Note: an error condition may be present several times in the the same domain escrow record (e.g. the administrative, technical and billing contact contain invalid email syntax). In this case only one domain name is affected by the error condition, therefore the "domainCount" attribute value must be increased by one in the corresponding object. The following table defines the result codes and messages that a Data Escrow Agent could use to report verification issues found in a Lozano & Alvarez Expires September 27, 2020 [Page 6] Internet-Draft ICANN Registrar Interfaces March 2020 Registrar data escrow deposit. When using result codes 2102, 2103, 2104, 2105, 2106, 2107, 2108, 2109, or 2110, the "domainCount" attribute MUST be present. +-----------+-------------------------------------------------------+ | Result | Message | | Code | | +-----------+-------------------------------------------------------+ | 2001 | No corresponding hash file found for deposit file. | | 2002 | Hash does not match corresponding deposit file. | | 2003 | Invalid hash file format. | | 2004 | Data escrow deposit PGP signature verification error. | | 2005 | Archive includes unrecognized files. | | 2006 | Invalid encoding for data escrow deposit file. | | 2007 | Data escrow deposit file size exceeds maximum allowed | | | size. | | 2008 | Data escrow deposit file exceeds maximum allowed | | | number of lines. | | 2101 | Unrecognized data escrow deposit file CSV header. | | 2102 | Escrow Record structure does not conform with CSV | | | header definition. | | 2103 | Escrow Record found missing data in required | | | field(s). | | 2104 | Invalid domain name syntax in Escrow Record. | | 2105 | Invalid email syntax in Escrow Record. | | 2106 | Invalid hostname syntax in Escrow Record. | | 2107 | Invalid date syntax in Escrow Record. | | 2108 | Invalid phone syntax in Escrow Record. | | 2109 | Duplicate domain or handle Escrow Record found in | | | deposit. | | 2110 | Handle reference by Escrow Record not found. | | 2201 | "Full" data escrow deposit expected but received | | | "Differential" instead. | | 2202 | Data Escrow deposit date is in the future. | | 2203 | A data escrow deposit has been already successfully | | | verified for that date. | +-----------+-------------------------------------------------------+ Registrar Data Escrow Deposit Verification Result Codes Example of a object of a Data Escrow Agent notification corresponding to a Registrar Data Escrow deposit that was not received or could not be processed for verification: Lozano & Alvarez Expires September 27, 2020 [Page 7] Internet-Draft ICANN Registrar Interfaces March 2020 Escrow Agent Inc. 1 2017-06-17 DRFN 2017-06-10 Example of a object of a Data Escrow Agent notification corresponding to a Registrar repository Data Escrow deposit that has passed the verification process: Lozano & Alvarez Expires September 27, 2020 [Page 8] Internet-Draft ICANN Registrar Interfaces March 2020 Escrow Agent Inc. 1 2017-06-17 DVPN 2017-06-17T03:15:00.0Z 2017-06-17T05:15:00.0Z 2017-06-17 20170617001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-06-17T00:15:00.0Z FULL 2017-06-17T00:00:00Z 9999 2 6 1 Example of a object of a Data Escrow Agent notification corresponding to a Registrar repository Data Escrow deposit that has failed the verification process: Escrow Agent Inc. 1 2017-06-17 DVFN Invalid domain name syntax in Escrow Record. Handle reference by Escrow Record not found. 2017-06-17T03:15:00.0Z 2017-06-17T05:15:00.0Z 2017-06-14 20170617001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-06-17T00:15:00.0Z FULL 2017-06-17T00:00:00Z 9999 2 8 3 Lozano & Alvarez Expires September 27, 2020 [Page 10] Internet-Draft ICANN Registrar Interfaces March 2020 3. Technical details of the interfaces Content-type value in the HTTP header: o The client MUST set "text/xml" in the HTTP header Content-type when using the Data Escrow Agent Reporting and Registrar Reporting interfaces described in Section 2. After successfully receiving and processing an input, the interfaces return any of the HTTP status codes described in Section 4 of [I-D.lozano-icann-registry-interfaces]. The following sections provide the IIRDEA Result Codes that can be expected in the object from each interface: Lozano & Alvarez Expires September 27, 2020 [Page 11] Internet-Draft ICANN Registrar Interfaces March 2020 3.1. Registrar Reporting The following table lists the result codes of the interface: +---------+---------------------------------------------------------+ | Result | Message | | Code | | +---------+---------------------------------------------------------+ | 1000 | No ERRORs were found and the report has been accepted | | | by ICANN. | | 2001 | The request did not validate against the schema. | | 2004 | Report for a date in the future. The and | | | date should not be in the future. | | 2005 | Version is not supported. | | 2006 | The in the element and the in the | | | URL path do not match. | | 2301 | Interface is disabled for this Registrar. | | 2302 | The and date should not be before | | | the creation date of the Registrar in the system. | | 2303 | The in the
and the in | | | the URL path do not match. | | 2304 | Report regarding an differential deposit received when | | | a full deposit was expected (). | | 2305 | attribute missing in count element provided in | | | the
. | | 2306 | Multiple count elements with the same and | | | attribute values provided in the
. | | 2307 | Missing required element in the
. | | 2312 | An invalid NR-LDH label or A-label was found or the | | | domain name syntax is invalid in the attribute. | | 2313 | INCR is not supported. | +---------+---------------------------------------------------------+ Registrar Data Escrow Reporting Result Codes Lozano & Alvarez Expires September 27, 2020 [Page 12] Internet-Draft ICANN Registrar Interfaces March 2020 3.2. Data Escrow Agent Reporting The following table lists the result codes of the interface: +--------+----------------------------------------------------------+ | Result | Message | | Code | | +--------+----------------------------------------------------------+ | 1000 | No ERRORs were found and the notification has been | | | accepted by ICANN. | | 2001 | The request did not validate against the schema. | | 2002 | A DVPN notification exists for that date (). | | 2004 | Notification for a date in the future. The , | | | , and date should | | | not be in the future. | | 2005 | Version is not supported. | | 2201 | The and in the notification do not | | | match. | | 2203 | A Deposit Verification Pass Notice (DVPN) notification | | | was received, but the Domain Name count is missing in | | | the
. | | 2204 | The notification for the report "id" already exists. | | 2207 | A DVPN or DVFN was received, but the element is | | | missing in the notification. | | 2208 | A DRFN was received, but a element exists in | | | the notification. | | 2209 | and elements must not be present in a | | | DRFN. | | 2301 | Interface is disabled for this Registrar. | | 2302 | The and and date should | | | not be before the creation date of the Registrar in the | | | system. | | 2303 | The in the
and the in | | | the URL path do not match. | | 2304 | Notification regarding an differential deposit received | | | when a full deposit was expected (). | | 2305 | attribute missing in count element provided in | | | the
. | | 2306 | Multiple count elements with the same and | | | attribute values provided in the
. | | 2307 | Missing required element in the
. | | 2309 | A DVFN was received, but the element is | | | missing in the notification. | | 2310 | The specified result code in the element | | | requires the "domainCount" attribute to be present. | | 2311 | Unrecognized value in the "code" attribute of the | | | element. | | 2312 | An invalid NR-LDH label or A-label was found or the | Lozano & Alvarez Expires September 27, 2020 [Page 13] Internet-Draft ICANN Registrar Interfaces March 2020 | | domain name syntax is invalid in the attribute. | | 2313 | INCR is not supported. | +--------+----------------------------------------------------------+ Data Escrow Agent Reporting Result Codes Lozano & Alvarez Expires September 27, 2020 [Page 14] Internet-Draft ICANN Registrar Interfaces March 2020 4. Monitoring Registrar reporting Registrars MAY monitor the status of the data escrow reporting notifications requirement using the following interfaces that support the GET HTTP verb. 4.1. Monitoring the reporting status of a Registrar Registrars MAY monitor the general reporting status and obtain a list of any outstanding issues using the following interface: /info/status/registrar/ Where: * MUST be substituted with the IANA ID assigned by ICANN to the Registrar being queried. This interface provides a element as defined in Section 2 of [I-D.lozano-icann-registry-interfaces] that uses the element and includes the following values: o "Registrar_Escrow_Report" : For Registrar Data Escrow Reporting as defined in Section 2.1. The "date" attribute for any reporting issue is provided in "YYYY-MM-DD" format. o "DEA_Notification" : For Data Escrow Agent Notifications as defined in Section 2.2. The "date" attribute for any reporting issue is provided in "YYYY-MM-DD" format. Example of response for a Registrar status check with no reporting issues: Lozano & Alvarez Expires September 27, 2020 [Page 15] Internet-Draft ICANN Registrar Interfaces March 2020 HTTP/1.1 200 OK Content-Type: application/xml Content-Length: 1125 9999 2017-06-10T12:00:30.101Z Daily 2017-10-15 Registrar_Escrow_Report false ok DEA_Notification true ok 2017-10-20T02:22:14.148Z Example of response for a Registrar status check with reporting issues: Lozano & Alvarez Expires September 27, 2020 [Page 16] Internet-Draft ICANN Registrar Interfaces March 2020 HTTP/1.1 200 OK Content-Type: application/xml Content-Length: 1604 9999 2017-06-10T12:00:30.101Z Daily 2017-10-08 Registrar_Escrow_Report true ok DEA_Notification true unsatisfactory 2017-10-20T02:22:14.148Z 4.2. Monitoring Registrar Data Escrow Reports Registrars MAY monitor the status of their Data Escrow reports using the following interface: /info/report/registrar-escrow-report// Where: Lozano & Alvarez Expires September 27, 2020 [Page 17] Internet-Draft ICANN Registrar Interfaces March 2020 * MUST be substituted with the IANA ID assigned by ICANN to the Registrar being queried. * MUST be substituted with the date being queried in "YYYY-MM-DD" format. For example: 2017-08-01 Possible results are: o The interface provides a HTTP/200 status code with a element in the response content as defined in Section 2 of [I-D.lozano-icann-registry-interfaces], listing each successfully received with watermark value that matches the queried date. Example of response for a Registrar Data Escrow Reporting status check: Lozano & Alvarez Expires September 27, 2020 [Page 18] Internet-Draft ICANN Registrar Interfaces March 2020 HTTP/1.1 200 OK Content-Type: application/xml Content-Length: 1194 2017-10-13T00:30:13.741Z 20171013001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-10-13T00:01:11.000Z FULL 2017-10-13T00:00:00.00Z 9999 10 1 4.3. Monitoring Registrar Data Escrow Agent Notifications Registrars and Data Escrow Agents MAY monitor the status of Data Escrow Agent Notifications using the following interface: /info/report/registrar-escrow-agent-notification// Where: * MUST be substituted with the IANA ID assigned by ICANN to the Registrar being queried. * MUST be substituted with the date being queried in "YYYY-MM-DD" format. For example: 2017-08-01 Lozano & Alvarez Expires September 27, 2020 [Page 19] Internet-Draft ICANN Registrar Interfaces March 2020 Possible results are: o The interface provides a HTTP/200 status code with a element in the response content as defined in Section 2 of [I-D.lozano-icann-registry-interfaces], listing each successfully received with a watermark value that matches the queried date. Example of a response of a Registrar Data Escrow Agent Notification status check for a date with 2 received notifications: HTTP/1.1 200 OK Content-Type: application/xml Content-Length: 2578 2017-10-17T23:59:59.0Z Escrow Agent Inc. 1 2017-10-17 DRFN 2017-10-14 2017-10-18T06:00:00.0Z Escrow Agent Inc. 1 2017-10-17 DVPN 2017-10-18T03:15:00.0Z 2017-10-18T05:15:00.0Z Lozano & Alvarez Expires September 27, 2020 [Page 20] Internet-Draft ICANN Registrar Interfaces March 2020 2017-10-17 20171017001 1 https://www.icann.org/en/system/files/files/rde-specs-09nov07-en.pdf 0 2017-10-17T00:15:00.0Z FULL 2017-10-17T00:00:00Z 9999 10 1 5. IANA Considerations TODO 6. Security Considerations TODO 7. Change History [[RFC Editor: Please remove this section.]] 7.1. Version 00 Initial version. 7.2. Version 01 o Added clarifications, list of result codes that require the "domainCount" attribute to be present, and additional examples of objects in Section 2.2. Lozano & Alvarez Expires September 27, 2020 [Page 21] Internet-Draft ICANN Registrar Interfaces March 2020 o Removed HTTP/404 from the possible results of interfaces to monitor data escrow notifications and registrar reports. 7.3. Version 02 1. Ping update. 7.4. Version 03 1. Ping update. 7.5. Version 04 1. Ping update. 8. References 8.1. Normative References [I-D.arias-noguchi-dnrd-objects-mapping] Lozano, G., Gould, J., and C. Thippeswamy, "Domain Name Registration Data (DNRD) Objects Mapping", draft-arias- noguchi-dnrd-objects-mapping-10 (work in progress), January 2019. [I-D.arias-noguchi-registry-data-escrow] Lozano, G., "Registry Data Escrow Specification", draft- arias-noguchi-registry-data-escrow-11 (work in progress), January 2019. [I-D.lozano-icann-registry-interfaces] Lozano, G. and E. Alvarez, "ICANN Registry Interfaces", draft-lozano-icann-registry-interfaces-11 (work in progress), September 2019. [ICANN-RDE-SPEC] ICANN, "Registrar Data Escrow specifications", Nov 2007, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet: Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002, . Lozano & Alvarez Expires September 27, 2020 [Page 22] Internet-Draft ICANN Registrar Interfaces March 2020 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, . 8.2. Informative References [ICANN-RAA-2013] ICANN, "2013 Registrar Accreditation Agreement", Jun 2013, . Authors' Addresses Gustavo Lozano ICANN 12025 Waterfront Drive, Suite 300 Los Angeles 90292 US Phone: +1.3103015800 Email: gustavo.lozano@icann.org Eduardo Alvarez ICANN 12025 Waterfront Drive, Suite 300 Los Angeles 90292 US Phone: +1.3103015800 Email: eduardo.alvarez@icann.org Lozano & Alvarez Expires September 27, 2020 [Page 23]