25 Extensible Provisioning Protocol (EPP)

Prototypical answer:

gTLDFull Legal NameE-mail suffixDetail
.uolUBN INTERNET LTDA.registro.brView

1 - Description

Extensible Provisioning Protocol (EPP) is a protocol that provides
means for the provisioning of domain operations between registries and
registrars. The communication is XML (eXtensible Markup Language)
based, which allows for easy integration and automation of the

EPP is a standardized interface and all provisioning operations can be
done over it.

2 - What is supported

Our EPP implementation supports the following object mappings and

* Domain Name Mapping (RFC5731 - Request For Comments)
* Contact Mapping (RFC5733)
* Transport Over TCP (Transmission Control Protocol) Extension (RFC5734)
* Domain Name System (DNS) Security Extensions Mapping (RFC4310)
* EPP Grace Period Mapping (RFC3915)
* Trademark Clearinghouse (TMCH) Mapping (TBD)

Host objects, as described in the Host Mapping (RFC5732), are not
supported as this registry operates name server information as domain
attributes. Coexistence of host objects and hosts as domain attributes
is prohibited by the EPP specifications as described in Section 1.1 of
RFC 5731:

ʺName server hosts for domain delegation can be specified either as
references to existing host objects or as domain attributes that
describe a host machine. A server operator MUST use one name server
specification form consistently. A server operator that announces
support for host objects in an EPP greeting MUST NOT allow domain
attributes to describe a name server host machine. A server operator
that does not announce support for host objects MUST allow domain
attributes to describe a name server host machine.ʺ

TMCH Mapping will be used for the Sunrise and Trademark Claims
periods. Implementation of this mapping is planned to begin as soon as
its EPP specifications are made available by the ICANN staff, the
Implementation Assistance Group (IAG), the selected Clearinghouse
provider or as a result of IETFʹs provreg working group.

There are two main objects that are subject to provisioning: domain
and contact.

3 - Commands

This section describes the commands used to handle the main objects.

3.1 - Contact

All commands described in the Contact Mapping (RFC5733) are

3.2 - Domain

Domain objects support all commands described in the EPP Domain
Mapping (RFC5731).

4 - Security

The transport is secured using TCP over Transport Layer Security (TLS)
(RFC5734). Once a registrar is accredited to operate the system, the
registry issues a certificate that must be used by the registrar in
order to establish a connection. This certificate is valid for a
period of 3 years.

The registrar can only connect from previously informed IP (Internet
Protocol) addresses or ranges. The maximum number of allowed IP
addresses⁄ranges is four.

The system provides password authentication for the registrars. The
password is not stored in plain text in the registry system.

5 - Software

The server application is based on the NIC.br (Núcleo de Informação e
Coordernação do Ponto BR) EPP server that handles registration for .br
domains, handling over 2.8 million domains. It runs on multiple
machines to provide for fail-over redundancy.

This EPP server implementation was written in 2006 from scratch by
NIC.br developers team based on the initial EPP specification (Request
For Comments (RFC) 3730-3735) and has been following the EPP
specification updates ever since.

6 - Registrar technical accreditation

Registrars must pass a technical accreditation procedure to have
access to the EPP production interface. Accreditation procedure
consists of a pre-defined series of EPP commands that the Registrar
candidate must execute successfully.

Successful execution of all EPP Domain, Contact and RGP commands are
checked. In addition, to be approved in the accreditation procedure,
Registrars must be able to at least remove Delegation Signer (DS)
records from a domain name.

The DS removal requirement exists because a domain transfer request
may force the gaining Registrar to change the domain name to an
unsigned state.

7 - Resourcing plan

.UOL back-end registry will be fully outsourced to NIC.br.

The EPP component of the Registry System is built on current NIC.br
infrastructure and acquisition of new server hardware. This combined
hardware system will be used for all NIC.br new gTLDs operations and
is detailed in response to question 32.

Initial hardware and software configuration setup and service
maintenance for all NIC.br new gTLD operations will be trusted to the
personnel who currently run the .br Registry operations: network,
system and software engineer teams composed of 12 engineers, along
with NIC.br 24x7 Network Operations Center (NOC).

These setup and operational costs are distributed among all NIC.br new
gTLDs operations as detailed in each Financial Projections as
Operating (Technical Labor and Operation of SRS) and Capital (Hardware
and Software) Expenditures.

Similar gTLD applications: (4)

gTLDFull Legal NameE-mail suffixzDetail
.globoGlobo Comunicação e Participações S.Aregistro.br-3.31Compare
.rioEmpresa Municipal de Informática SA - IPLANRIOregistro.br-3.29Compare
.bomNúcleo de Informação e Coordenação do Ponto BR - NIC.brregistro.br-3.22Compare
.finalNúcleo de Informação e Coordenação do Ponto BR - NIC.brregistro.br-3.22Compare