Internet Engineering Task Force W. Wang Internet-Draft ZDNS Ltd. Intended status: Informational L. Zhou Expires: June 22, 2016 CNNIC D. Ma ZDNS Ltd. N. Kong X. Lee CNNIC J. Galvin Affilias December 20, 2015 Verification Extension for the Extensible Provisioning Protocol (EPP) Domain Name Mapping draft-wang-eppext-domain-verification-00 Abstract This mapping describes an verification extension to EPP domain name mapping [RFC5731]. Specified in Extensible Markup Language (XML), this extended mapping is applied to provide additional features required for the provisioning of domain verification. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on June 22, 2016. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. Wang, et al. Expires June 22, 2016 [Page 1] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions Used in This Document . . . . . . . . . . . . . . 3 3. Object Attributes . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Distinction Type Values . . . . . . . . . . . . . . . . . 4 3.2. Verification Status Values . . . . . . . . . . . . . . . 4 3.3. Dates and Times . . . . . . . . . . . . . . . . . . . . . 4 3.4. Client Identifier . . . . . . . . . . . . . . . . . . . . 5 4. Verification State Diagram . . . . . . . . . . . . . . . . . 5 5. EPP Command Mapping . . . . . . . . . . . . . . . . . . . . . 6 5.1. EPP Query Commands . . . . . . . . . . . . . . . . . . . 6 5.1.1. EPP Command . . . . . . . . . . . . . . . . . 6 5.1.2. EPP Command . . . . . . . . . . . . . . . . . 8 5.1.3. EPP Command . . . . . . . . . . . . . . . 10 5.2. EPP Transform Commands . . . . . . . . . . . . . . . . . 10 5.2.1. EPP Command . . . . . . . . . . . . . . . . 10 5.2.2. EPP Command . . . . . . . . . . . . . . . . 11 5.2.3. EPP Command . . . . . . . . . . . . . . . . . 11 5.2.4. EPP Command . . . . . . . . . . . . . . . 11 5.2.5. EPP Command . . . . . . . . . . . . . . . . 11 6. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 11 7. Internationalization Considerations . . . . . . . . . . . . . 13 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 8.1. XML Namespace . . . . . . . . . . . . . . . . . . . . . . 13 8.2. EPP Extension Registry . . . . . . . . . . . . . . . . . 14 Wang, et al. Expires June 22, 2016 [Page 2] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 9. Security Considerations . . . . . . . . . . . . . . . . . . . 14 10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 14 11. Normative References . . . . . . . . . . . . . . . . . . . . 14 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 1. Introduction The verification of domain name and registrant identity are required in some registries according to local laws and regulations. The registry should ensure the domain registered does not contain any illegal words and the registrants should pass the real-name verification. This document describes an extension mapping for version 1.0 of the Extensible Provisioning Protocol (EPP) [RFC5730]. This mapping, an extension to EPP object mappings like the EPP domain name mapping [RFC5731], can be used to retrieve verification information in query commands. This document is specified using the XML 1.0 as described in [W3C.REC-xml-20040204] and XML Schema notation as described in [W3C.REC-xmlschema-1-20041028] and [W3C.REC-xmlschema-2-20041028]. 2. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. In examples, "C:" represents lines sent by a protocol client and "S:" represents lines returned by a protocol server. Indentation and white space in examples are provided only to illustrate element relationships and are not a REQUIRED feature of this specification. XML is case sensitive. Unless stated otherwise, XML specifications and examples provided in this document MUST be interpreted in the character case presented to develop a conforming implementation. veridomain-1.0 in this document is used as an abbreviation for urn:ietf:params:xml:ns:veridomain-1.0. 3. Object Attributes This extension adds additional elements to the EPP domain name mapping [RFC5731]. Only the new elements are described here. Wang, et al. Expires June 22, 2016 [Page 3] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 3.1. Distinction Type Values A domain may be reserved for a particular entity or be prohibited to be registered. Distinction type value descriptions: o reserved. The value "reserved" indicates that a domain name is available but it is reserved for a specific entity, which is only allowed to be used for a element with the attribute "avail" that equals true. o prohibited. The value "prohibited" indicates that a domain name is not allowed to exist in the namespace under a specific Top Level Domain, which is only allowed to be used for a element with the attribute "avail" that equals false. 3.2. Verification Status Values The domain object MUST always have one associated verification status value. The verification status value can be set only by the server. The verification status of an object MAY change as a result of an action performed by a server operator. Verification status value descriptions: o unverified. No verification materials are received. o pendingVerify. Verification action has not been completed by the server after receiving verification materials. Server operators can delay action completion for a variety of reasons, such as to allow for human review or third-party action. o pass. Successful verification. o failed. Failed verification. Further verification materials may be needed. 3.3. Dates and Times Date and time attribute values MUST be represented in Universal Coordinated Time (UTC) using the Gregorian calendar. The extended date-time form using upper case "T" and "Z" characters defined in [W3C.REC-xmlschema-2-20041028] MUST be used to represent date-time values, as XML Schema does not support truncated date-time forms or lower case "T" and "Z" characters. Wang, et al. Expires June 22, 2016 [Page 4] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 3.4. Client Identifier The client identifier represents the unique identifier assigned to the client by the server. 4. Verification State Diagram Following is a general verification state transition process: 1. The initial verification status of a contact is "unverified". 2. The registrant submits the proof materials to the registry. 3. After receiving the proof materials, the verification status of the contact is changed to "pendingVerify". 4. The proof materials pass the human review or third-party verification. 5. The verification status is changed to "pass". 6. The proof materials are not approved. 7. The verification status is changed to "failed". 8. If the registrant resubmits the proof materials, the status will be set to "pendingVerify" again. Figure 1: Verification State Diagram | v (2) (4) +----------------+ Material +-----------------+ Approved +----------------+ |unverified (1)| submitted |pendingVerify (3)| |pass (5)| | |---------->| |--------->| | +----------------+ +-----------------+ +----------------+ ^ | | | (6) | | Unapproved +----------------+ | | |failed (7)| | +-------------->| | | +----------------+ | (8) Resubmit | +--------------------------------+ Wang, et al. Expires June 22, 2016 [Page 5] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 5. EPP Command Mapping A detailed description of the EPP syntax and semantics can be found in the EPP core protocol specification [RFC5730]. The command mappings described here are specifically for use in provisioning and managing verification information via EPP. 5.1. EPP Query Commands EPP provides three commands to retrieve domain information: to determine if a domain object can be provisioned within a repository, to retrieve detailed information associated with a domain object, and to retrieve domain-object transfer status information. 5.1.1. EPP Command This extension does not add any elements to the EPP command described in the EPP domain name mapping [RFC5731]. However, additional elements are defined for the response. Example command: C: C: C: C: C: C: example.com C: example.net C: C: C: ABC-12345 C: C: When an command has been processed successfully, the EPP element MUST contain child elements as described in the EPP domain mapping [RFC5731]. In addition, the EPP element SHOULD contain a child element that identifies the extension namespace if the domain object has data associated with this extension and based on its service policy. The element contains the following child elements: Wang, et al. Expires June 22, 2016 [Page 6] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 o An OPTIONAL element is designed to indicate whether a domain is allowed to be registered with respect to the verification rules of a specific registry. The element contains the following attributes: * A "name" attribute associates with a specific domain name checked. * A "type" attribute specifies whether a domain is reserved or prohibited as described in section 3.1. Example response: S: S: S: S: S: Command completed successfully S: S: S: S: S: example.com S: S: S: example.net S: S: S: S: S: S: S: S: S: S: S: ABC-12345 S: 54322-XYZ S: S: S: Wang, et al. Expires June 22, 2016 [Page 7] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 5.1.2. EPP Command This extension does not add any element to the EPP command described in the EPP domain mapping [RFC5731]. However, additional elements are defined for the response. Example command: C: C: C: C: C: C: example.com C: C: fooBAR C: C: C: C: ngcl-mIFICBNP C: C: When an command has been processed successfully, the EPP element MUST contain child elements as described in the EPP domain mapping [RFC5731]. In addition, the EPP element SHOULD contain a child element that identifies the extension namespace if the domain object has data associated with this extension and based on its service policy. The element contains the following child elements: o A element that contains the current verification status defined in section 3.2. o An OPTIONAL element contains the o An OPTIONAL element that contains records with history verification process information. The element MUST contain following elements: * element contains a single history record for the verification process. The element MUST contain following elements: + A element contains the date and time when the operation has been executed. Wang, et al. Expires June 22, 2016 [Page 8] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 + A element contains the name of an operation that has been executed. + A element contains the identifier of an sponsoring client. Example response for an authorized client: S: S: S: S: S: Command completed successfully S: S: S: S: example.com S: EXAMPLE1-REP S: S: jd1234 S: sh8013 S: sh8013 S: sh8013 S: S: ns1.example.com S: S: ClientX S: ClientY S: 2015-02-06T04:01:21.0Z S: 2018-02-06T04:01:21.0Z S: S: 2fooBAR S: S: S: S: S: S: pass S: S: S: 2015-2-6T12:00:00.0Z S: PASS S: ClientX S: S: S: 2001-2-3T15:00:00.0Z S: PENDINGVERIFY Wang, et al. Expires June 22, 2016 [Page 9] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 S: ClientX S: S: S: 2015-2-3T12:00:00.0Z S: UNVERIFIED S: ClientX S: S: S: S: S: S: ngcl-IvJjzMZc S: test142AWQONJZ S: S: S: response for the unauthorized client has not been changed, see [RFC5731] for detail. An EPP error response MUST be returned if an command cannot be processed for any reason. 5.1.3. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain name mapping [RFC5731]. 5.2. EPP Transform Commands EPP provides five commands to transform domain objects: to create an instance of a domain object, to delete an instance of a domain object, to extend the validity period of a domain object, to manage domain object sponsorship changes, and to change information associated with a domain object. 5.2.1. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain name mapping [RFC5731] Wang, et al. Expires June 22, 2016 [Page 10] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 5.2.2. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain mapping [RFC5731]. 5.2.3. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain mapping [RFC5731]. 5.2.4. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain mapping [RFC5731]. 5.2.5. EPP Command This extension does not add any elements to the EPP command or response described in the EPP domain mapping [RFC5731]. 6. Formal Syntax An EPP object mapping is specified in XML Schema notation. The formal syntax presented here is a complete schema representation of the object mapping suitable for automated validation of EPP XML instances. The BEGIN and END tags are not part of the schema; they are used to note the beginning and ending of the schema for URI registration purposes. BEGIN Wang, et al. Expires June 22, 2016 [Page 11] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 Extensible Provisioning Protocol v1.0 Domain Verification Extension Schema v1.0 Wang, et al. Expires June 22, 2016 [Page 12] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 END 7. Internationalization Considerations EPP is represented in XML, which provides native support for encoding information using the Unicode character set and its more compact representations including UTF-8. Conformant XML processors recognize both UTF-8 and UTF-16. Though XML includes provisions to identify and use other character encodings through use of an "encoding" attribute in an declaration, use of UTF-8 is RECOMMENDED. As an extension of the EPP domain name mapping, the elements, element content described in this document MUST inherit the internationalization conventions used to represent higher-layer domain and core protocol structures present in an XML instance that includes this extension. 8. IANA Considerations 8.1. XML Namespace This document uses URNs to describe XML namespaces and XML schemas conforming to a registry mechanism described in [RFC3688]. IANA is requested to assignment the following URI. Wang, et al. Expires June 22, 2016 [Page 13] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 Registration request for the domain verification namespace: o URI: urn:ietf:params:xml:ns:veridomain-1.0 o Registrant Contact: See the "Author's Address" section of this document. o XML: See the "Formal Syntax" section of this document. 8.2. EPP Extension Registry The EPP extension described in this document should be registered by the IANA in the EPP Extension Registry described in [RFC7451]. The details of the registration are as follows: Name of Extension: Domain Verification Extension Document status: Informational Reference: (insert reference to RFC version of this document) Registrant Name and Email Address: See the "Author's Address" section of this document. TLDs: any IPR Disclosure: none Status: active Notes: none 9. Security Considerations The object mapping extension described in this document does not provide any other security services or introduce any additional considerations beyond those described by [RFC5730], [RFC5731] or those caused by the protocol layers used by EPP. 10. Acknowledgement The author of this document would like to especially thank TBD. 11. Normative References Wang, et al. Expires June 22, 2016 [Page 14] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, January 2004, . [RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)", STD 69, RFC 5730, DOI 10.17487/RFC5730, August 2009, . [RFC5731] Hollenbeck, S., "Extensible Provisioning Protocol (EPP) Domain Name Mapping", STD 69, RFC 5731, DOI 10.17487/RFC5731, August 2009, . [RFC7451] Hollenbeck, S., "Extension Registry for the Extensible Provisioning Protocol", RFC 7451, DOI 10.17487/RFC7451, February 2015, . [W3C.REC-xml-20040204] Bray, T., Paoli, J., Sperberg-McQueen, C., Maler, E., and F. Yergeau, ""Extensible Markup Language (XML) 1.0 (Third Edition)", World Wide Web Consortium FirstEdition REC-xml- 20040204", February 2004, . [W3C.REC-xmlschema-1-20041028] Thompson, H., Beech, D., Maloney, M., and N. Mendelsohn, ""XML Schema Part 1: Structures Second Edition", World Wide Web Consortium Recommendation REC-xmlschema- 1-20041028", October 2004, . [W3C.REC-xmlschema-2-20041028] Biron, P. and A. Malhotra, ""XML Schema Part 2: Datatypes Second Edition", World Wide Web Consortium Recommendation REC-xmlschema-2-20041028", October 2004, . Authors' Addresses Wang, et al. Expires June 22, 2016 [Page 15] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 Wei Wang ZDNS Ltd. 4 South 4th Street, Zhongguancun, Haidian District Beijing, Beijing 100190 China Email: wangwei@zdns.cn Linlin Zhou CNNIC 4 South 4th Street, Zhongguancun, Haidian District Beijing, Beijing 100190 China Phone: +86 10 5881 2677 Email: zhoulinlin@cnnic.cn Di Ma ZDNS Ltd. 4 South 4th Street, Zhongguancun, Haidian District Beijing, Beijing 100190 China Email: madi@zdns.cn Ning Kong CNNIC 4 South 4th Street, Zhongguancun, Haidian District Beijing, Beijing 100190 China Phone: +86 10 5881 3147 Email: nkong@cnnic.cn Xiaodong Lee CNNIC 4 South 4th Street, Zhongguancun, Haidian District Beijing, Beijing 100190 China Phone: +86 10 5881 3020 Email: xl@cnnic.cn Wang, et al. Expires June 22, 2016 [Page 16] Internet-DraftVerification Extension for the EPP Domain MapDecember 2015 James Galvin Affilias Afilias USA, Inc. Building 3, Suite 105 300 Welsh Road Horsham, PA 19044 US Email: jgalvin@afilias.info Wang, et al. Expires June 22, 2016 [Page 17]