25 Extensible Provisioning Protocol (EPP)

Prototypical answer:

1 Introduction

Xiamen 35.com Technology Co., Ltd deploys real time Interface between registry and registrar based on EPP implementation. EPP implements a thick model registry where WHOIS information is stored in registry main database as contact set. Every registration requires a set of contacts to be submitted to registry system. The EPP commands and responses are compliance to RFC 5730 to RFC 5734. The EPP supports all Login Commands (login, logout), Query Commands (check, info, poll, transfer) and Object Transform Commands (create, delete, renew, transfer, update). The full set of commands and responses are in a 30 pages document which can be furnished on demand.

1.1 EPP Status

The system utilizes all EPP statuses stated in the RFC as follows:

- clientDeleteProhibited: Requests to delete the object must be rejected.
- serverDeleteProhibited: Requests to delete the object must be rejected.
- clientHold: Delegation information must be withheld from publication in the objectʹs nominal zone.
- serverHold: Delegation information must be withheld from publication in the objectʹs nominal zone.
- clientRenewProhibited: Requests to renew the object must be rejected.
- serverRenewProhibited: Requests to renew the object must be rejected.
- serverTransferProhibited: Requests to transfer the object must be rejected.
- clientUpdateProhibited: Requests to update the object (other than to remove this status) must be rejected.
- serverUpdateProhibited: Requests to update the object (other than to remove this status) must be rejected.
- ok: This is the nominal status value for a domain object at all times, whether or not the domain has pending operations or prohibitions.
- pendingRestore: A restore reequest has been received for the object, and completion of the request is pending.
- pendingDelete: A delete request has been received for the object, but the object has not yet been purged from the server database.
- pendingTransfer: A transfer request has been received for the object, and completion of the request is pending.
- redemptionPeriod: The object has expired and can be still be renewed.
- registryHold: Delegation information must be withheld from publication in the objectʹs nominal zone.
- registryLock: The object cannot be modified through any action. Hierarchical and associated objects also cannot be added or removed.

1.2 EPP Connection

Registrar will be required to download the EPP SDK (bundle with documentation) to establish connection to EPP Server. Procedure of TCP connection:

a. Post SSL request
b. SSL Handshaking
c. SSL session established
d. Send Greeting command
e. Greeting acknowledgment
f. Send login information
g. Authentication process
h. TCP over SSL connection established
i. Send command for operation such as Domain check command
j. Send Poll command to keep connection alive
k. Session will be closed automatically after 20 minutes if Poll command is not issued
l. Send logout command
m. Session closed

XML parser will be used against request and response to ensure integrity of the data and detect corruption of data. Once data is found to be loss or corrupted, EPP command fail response will be sent to the requestor.

1.3 Registration Tools

a. EPP 1.0 client SDK and documentation (no proxy required); and
b. Tools are downloadable from registrar interface.

1.4 EPP Extensions Schemas

The EPP shall implement extensions for DNSSEC according to RFC 5910 and IDN according to RFC 3735. The extensions are applied to the following commands only:

a. Domain Info
b. Domain Create
c. Domain Update

The XML for the commands and responses is provided in attachment (25-1.pdf)
 
2 Resource and Operation Plan

Xiamen 35.com Technology Co., Ltd will deploy the Registry Service using its existing system and infrastructure. During the implementation of .life Registry, new server hardware will be provisioned for EPP services. Our Data Center Engineer will perform the server provisioning and installation of OS. Once the hardware is provisioned, System Administrator shall continue to install the required software and perform security configurations. The assigned Software Engineer will configure the rules and policies into the EPP system. Once done, our Test Engineer will perform rigorous testing procedures to ensure the system performs according to specifications. Upon the testing is fully completed, the EPP system shall be hand-over to System Administrator to perform deployment to production environment. Throughout the process, a Project Manager is assigned to perform project management and overall control on the implementation. The Project Manager will conduct training to the registry users on the functionalities of the system. The EPP setup shall be completed within a month.
The system will be in maintenance mode after the System is deployed. The EPP will be supported by general helpdesk support for enquiries. Any support issue related to EPP will be escalated to the Software Engineer for trouble shooting. System Administrator is tasked to monitor the EPP availability. Whenever there is a support ticket, Software Engineer and System Administrator will further escalate the support request base on severity. The emergency response team will be triggered whenever there is a catastrophe scenario at the highest severity.

Once a remedy is identified, Test Engineer will perform testing on the fixes before deployment by System Administrator. During maintenance, Xiamen 35.com Technology Co., Ltd will commit the following resources for the 24 x 7 helpdesk, 2 data center engineers, 2 software engineers, 1 support manager, 1 test engineer and 1 system administrator. As part of on going policy changes, a team of software developer is available for any standards upgrade to the EPP and the changes will trigger the change request procedure in accordance to CMMI standards.

Please further refer to the detailed resource plan in question 31 for the human resource policy, job description and skills-required for the above-mentioned resources.

Similar gTLD applications: (0)