idnits 2.17.1 

draft-hollenbeck-rfc4931bis-01.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** The document seems to lack a License Notice according IETF Trust
     Provisions of 28 Dec 2009, Section 6.b.ii or Provisions of 12 Sep 2009
     Section 6.b -- however, there's a paragraph with a matching beginning.
     Boilerplate error?

     (You're using the IETF Trust Provisions' Section 6.b License Notice from
     12 Feb 2009 rather than one of the newer Notices.  See
     https://trustee.ietf.org/license-info/.)


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  == There are 3 instances of lines with non-RFC2606-compliant FQDNs in the
     document.

  -- The draft header indicates that this document obsoletes RFC4931, but the
     abstract doesn't seem to directly say this.  It does mention RFC4931
     though, so this could be OK.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  -- The document date (May 14, 2009) is 5454 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Outdated reference: A later version (-02) exists of
     draft-hollenbeck-rfc4930bis-01

  -- Possible downref: Normative reference to a draft: ref.
     'I-D.hollenbeck-rfc4930bis' 

  -- Possible downref: Normative reference to a draft: ref.
     'I-D.hollenbeck-rfc4932bis' 

  == Outdated reference: A later version (-02) exists of
     draft-hollenbeck-rfc4933bis-01

  -- Possible downref: Normative reference to a draft: ref.
     'I-D.hollenbeck-rfc4933bis' 

  ** Downref: Normative reference to an Unknown state RFC: RFC  952

  -- Obsolete informational reference (is this intentional?): RFC 3490
     (Obsoleted by RFC 5890, RFC 5891)

  -- Obsolete informational reference (is this intentional?): RFC 4931
     (Obsoleted by RFC 5731)


     Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 7 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                      S. Hollenbeck
3	Internet-Draft                                            VeriSign, Inc.
4	Obsoletes: 4931 (if approved)                               May 14, 2009
5	Intended status: Standards Track
6	Expires: November 15, 2009

8	       Extensible Provisioning Protocol (EPP) Domain Name Mapping
9	                     draft-hollenbeck-rfc4931bis-01

11	Status of This Memo

13	   This Internet-Draft is submitted to IETF in full conformance with the
14	   provisions of BCP 78 and BCP 79.

16	   Internet-Drafts are working documents of the Internet Engineering
17	   Task Force (IETF), its areas, and its working groups.  Note that
18	   other groups may also distribute working documents as Internet-
19	   Drafts.

21	   Internet-Drafts are draft documents valid for a maximum of six months
22	   and may be updated, replaced, or obsoleted by other documents at any
23	   time.  It is inappropriate to use Internet-Drafts as reference
24	   material or to cite them other than as "work in progress."

26	   The list of current Internet-Drafts can be accessed at
27	   http://www.ietf.org/ietf/1id-abstracts.txt.

29	   The list of Internet-Draft Shadow Directories can be accessed at
30	   http://www.ietf.org/shadow.html.

32	   This Internet-Draft will expire on November 15, 2009.

34	Copyright Notice

36	   Copyright (c) 2009 IETF Trust and the persons identified as the
37	   document authors.  All rights reserved.

39	   This document is subject to BCP 78 and the IETF Trust's Legal
40	   Provisions Relating to IETF Documents in effect on the date of
41	   publication of this document (http://trustee.ietf.org/license-info).
42	   Please review these documents carefully, as they describe your rights
43	   and restrictions with respect to this document.

45	Abstract

47	   This document describes an Extensible Provisioning Protocol (EPP)
48	   mapping for the provisioning and management of Internet domain names
49	   stored in a shared central repository.  Specified in XML, the mapping
50	   defines EPP command syntax and semantics as applied to domain names.
51	   This document is intended to obsolete RFC 4931.

53	Table of Contents

55	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
56	     1.1.  Relationship of Domain Objects and Host Objects  . . . . .  3
57	     1.2.  Conventions Used in This Document  . . . . . . . . . . . .  5
58	   2.  Object Attributes  . . . . . . . . . . . . . . . . . . . . . .  5
59	     2.1.  Domain and Host Names  . . . . . . . . . . . . . . . . . .  5
60	     2.2.  Contact and Client Identifiers . . . . . . . . . . . . . .  6
61	     2.3.  Status Values  . . . . . . . . . . . . . . . . . . . . . .  6
62	     2.4.  Dates and Times  . . . . . . . . . . . . . . . . . . . . .  8
63	     2.5.  Validity Periods . . . . . . . . . . . . . . . . . . . . .  8
64	     2.6.  Authorization Information  . . . . . . . . . . . . . . . .  8
65	     2.7.  Other DNS Resource Record Attributes . . . . . . . . . . .  8
66	   3.  EPP Command Mapping  . . . . . . . . . . . . . . . . . . . . .  9
67	     3.1.  EPP Query Commands . . . . . . . . . . . . . . . . . . . .  9
68	       3.1.1.  EPP <check> Command  . . . . . . . . . . . . . . . . .  9
69	       3.1.2.  EPP <info> Command . . . . . . . . . . . . . . . . . . 11
70	       3.1.3.  EPP <transfer> Query Command . . . . . . . . . . . . . 16
71	     3.2.  EPP Transform Commands . . . . . . . . . . . . . . . . . . 18
72	       3.2.1.  EPP <create> Command . . . . . . . . . . . . . . . . . 19
73	       3.2.2.  EPP <delete> Command . . . . . . . . . . . . . . . . . 21
74	       3.2.3.  EPP <renew> Command  . . . . . . . . . . . . . . . . . 22
75	       3.2.4.  EPP <transfer> Command . . . . . . . . . . . . . . . . 24
76	       3.2.5.  EPP <update> Command . . . . . . . . . . . . . . . . . 26
77	     3.3.  Offline Review of Requested Actions  . . . . . . . . . . . 29
78	   4.  Formal Syntax  . . . . . . . . . . . . . . . . . . . . . . . . 31
79	   5.  Internationalization Considerations  . . . . . . . . . . . . . 40
80	   6.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 41
81	   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 42
82	   8.  Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 42
83	   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 43
84	     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 43
85	     9.2.  Informative References . . . . . . . . . . . . . . . . . . 44
86	   Appendix A.  Changes from RFC 4931 . . . . . . . . . . . . . . . . 44

88	1.  Introduction

90	   This document describes an Internet domain name mapping for version
91	   1.0 of the Extensible Provisioning Protocol (EPP).  This mapping is
92	   specified using the Extensible Markup Language (XML) 1.0 as described
93	   in [W3C.REC-xml-20040204] and XML Schema notation as described in
94	   [W3C.REC-xmlschema-1-20041028] and [W3C.REC-xmlschema-2-20041028].
95	   This document is intended to obsolete RFC 4931 [RFC4931].

97	   [I-D.hollenbeck-rfc4930bis] provides a complete description of EPP
98	   command and response structures.  A thorough understanding of the
99	   base protocol specification is necessary to understand the mapping
100	   described in this document.

102	   XML is case sensitive.  Unless stated otherwise, XML specifications
103	   and examples provided in this document MUST be interpreted in the
104	   character case presented to develop a conforming implementation.

106	1.1.  Relationship of Domain Objects and Host Objects

108	   The EPP mapping for host objects is described in
109	   [I-D.hollenbeck-rfc4932bis].  This document assumes that domain name
110	   objects have a superordinate relationship to subordinate host name
111	   objects.  For example, domain name "example.com" has a superordinate
112	   relationship to host name "ns1.example.com".  EPP actions (such as
113	   object transfers) that do not preserve this relationship MUST be
114	   explicitly disallowed.

116	   A host name object can be created in a repository for which no
117	   superordinate domain name object exists.  For example, host name
118	   "ns1.example.com" can be created in the ".example" repository so that
119	   DNS domains in ".example" can be delegated to the host.  Such hosts
120	   are described as "external" hosts in this specification since the
121	   name of the host does not belong to the name space of the repository
122	   in which the host is being used for delegation purposes.

124	   Whether a host is external or internal relates to the repository in
125	   which the host is being used for delegation purposes.  Whether or not
126	   an internal host is subordinate relates to a domain within the
127	   repository.  For example, host ns1.example1.com is a subordinate host
128	   of domain example1.com, but it is not a subordinate host of domain
129	   example2.com. ns1.example1.com can be used as a name server for
130	   example2.com.  In this case, ns1.example1.com MUST be treated as an
131	   internal host, subject to the rules governing operations on
132	   subordinate hosts within the same repository.

134	   Name server hosts for domain delegation can be specified as either
135	   references to existing host objects or as domain attributes that
136	   describe a host machine.  A server operator MUST use one name server
137	   specification form consistently.  A server operator that announces
138	   support for host objects in an EPP greeting MUST NOT allow domain
139	   attributes to describe a name server host machine.  A server operator
140	   that does not announce support for host objects MUST allow domain
141	   attributes to describe a name server host machine.  When domain
142	   attributes are used to describe a name server host machine, IP
143	   addresses SHOULD be required only as needed to generate DNS glue
144	   records.

146	   Name servers are specified within a <domain:ns> element.  This
147	   element MUST contain one or more <domain:hostObj> elements or one or
148	   more <domain:hostAttr> elements.  A <domain:hostObj> element contains
149	   the fully qualified name of a known name server host object.  A
150	   <domain:hostAttr> element contains the following child elements:

152	   -  A <domain:hostName> element that contains the fully qualified name
153	      of a host.

155	   -  Zero or more OPTIONAL <domain:hostAddr> element that contain the
156	      IP addresses to be associated with the host.  Each element MAY
157	      contain an "ip" attribute to identify the IP address format.
158	      Attribute value "v4" is used to note IPv4 address format.
159	      Attribute value "v6" is used to note IPv6 address format.  If the
160	      "ip" attribute is not specified, "v4" is the default attribute
161	      value.  IP address syntax requirements are described in Section
162	      2.5 of the EPP host mapping [I-D.hollenbeck-rfc4932bis].

164	   Example host object name server elements for domain example.com:

166	   <domain:ns>
167	     <domain:hostObj>ns1.example.net</domain:hostObj>
168	     <domain:hostObj>ns2.example.net</domain:hostObj>
169	   </domain:ns>
170	   Example host attribute name server elements for domain example.com:

172	   <domain:ns>
173	     <domain:hostAttr>
174	       <domain:hostName>ns1.example.net</domain:hostName>
175	       <domain:hostAddr
176	        ip="v4">192.0.2.2</domain:hostAddr>
177	       <domain:hostAddr
178	        ip="v6">1080:0:0:0:8:800:200C:417A</domain:hostAddr>
179	     </domain:hostAttr>
180	     <domain:hostAttr>
181	       <domain:hostName>ns2.example.net</domain:hostName>
182	     </domain:hostAttr>
183	   </domain:ns>

185	1.2.  Conventions Used in This Document

187	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
188	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
189	   document are to be interpreted as described in [RFC2119].

191	   In examples, "C:" represents lines sent by a protocol client and "S:"
192	   represents lines returned by a protocol server.  Indentation and
193	   white space in examples are provided only to illustrate element
194	   relationships and are not a REQUIRED feature of this protocol.

196	2.  Object Attributes

198	   An EPP domain object has attributes and associated values that can be
199	   viewed and modified by the sponsoring client or the server.  This
200	   section describes each attribute type in detail.  The formal syntax
201	   for the attribute values described here can be found in the "Formal
202	   Syntax" section of this document and in the appropriate normative
203	   references.

205	2.1.  Domain and Host Names

207	   The syntax for domain and host names described in this document MUST
208	   conform to [RFC0952] as updated by [RFC1123].  At the time of this
209	   writing, RFC 3490 [RFC3490] describes a standard to use certain ASCII
210	   name labels to represent non-ASCII name labels.  These conformance
211	   requirements might change as a result of progressing work in
212	   developing standards for internationalized domain names.  A server
213	   MAY restrict allowable domain names to a particular top-level domain,
214	   second-level domain, or other domain for which the server is
215	   authoritative.  The trailing dot required when these names are stored
216	   in a DNS zone is implicit and MUST NOT be provided when exchanging
217	   host and domain names.

219	2.2.  Contact and Client Identifiers

221	   All EPP contacts are identified by a server-unique identifier.
222	   Contact identifiers are character strings with a specified minimum
223	   length, a specified maximum length, and a specified format.  Contact
224	   identifiers use the "clIDType" client identifier syntax described in
225	   [I-D.hollenbeck-rfc4930bis].

227	2.3.  Status Values

229	   A domain object MUST always have at least one associated status
230	   value.  Status values can be set only by the client that sponsors a
231	   domain object and by the server on which the object resides.  A
232	   client can change the status of a domain object using the EPP
233	   <update> command.  Each status value MAY be accompanied by a string
234	   of human-readable text that describes the rationale for the status
235	   applied to the object.

237	   A client MUST NOT alter status values set by the server.  A server
238	   MAY alter or override status values set by a client subject to local
239	   server policies.  The status of an object MAY change as a result of
240	   either a client-initiated transform command or an action performed by
241	   a server operator.

243	   Status values that can be added or removed by a client are prefixed
244	   with "client".  Corresponding status values that can be added or
245	   removed by a server are prefixed with "server".  Status values that
246	   do not begin with either "client" or "server" are server-managed.

248	   Status Value Descriptions:

250	   -  clientDeleteProhibited, serverDeleteProhibited

252	      Requests to delete the object MUST be rejected.

254	   -  clientHold, serverHold

256	      DNS delegation information MUST NOT be published for the object.

258	   -  clientRenewProhibited, serverRenewProhibited

260	      Requests to renew the object MUST be rejected.

262	   -  clientTransferProhibited, serverTransferProhibited

264	      Requests to transfer the object MUST be rejected.

266	   -  clientUpdateProhibited, serverUpdateProhibited

268	      Requests to update the object (other than to remove this status)
269	      MUST be rejected.

271	   -  inactive

273	      Delegation information has not been associated with the object.
274	      This is the default status when a domain object is first created
275	      and there are no associated host objects for the DNS delegation.
276	      This status can also be set by the server when all host object
277	      associations are removed.

279	   -  ok

281	      This is the normal status value for an object that has no pending
282	      operations or prohibitions.  This value is set and removed by the
283	      server as other status values are added or removed.

285	   -  pendingCreate, pendingDelete, pendingRenew, pendingTransfer,
286	      pendingUpdate

288	      A transform command has been processed for the object, but the
289	      action has not been completed by the server.  Server operators can
290	      delay action completion for a variety of reasons, such as to allow
291	      for human review or third-party action.  A transform command that
292	      is processed, but whose requested action is pending, is noted with
293	      response code 1001.

295	   When the requested action has been completed, the pendingCreate,
296	   pendingDelete, pendingRenew, pendingTransfer, or pendingUpdate status
297	   value MUST be removed.  All clients involved in the transaction MUST
298	   be notified using a service message that the action has been
299	   completed and that the status of the object has changed.

301	   "ok" status MUST NOT be combined with any other status.

303	   "pendingDelete" status MUST NOT be combined with either
304	   "clientDeleteProhibited" or "serverDeleteProhibited" status.

306	   "pendingRenew" status MUST NOT be combined with either
307	   "clientRenewProhibited" or "serverRenewProhibited" status.

309	   "pendingTransfer" status MUST NOT be combined with either
310	   "clientTransferProhibited" or "serverTransferProhibited" status.

312	   "pendingUpdate" status MUST NOT be combined with either
313	   "clientUpdateProhibited" or "serverUpdateProhibited" status.

315	   The pendingCreate, pendingDelete, pendingRenew, pendingTransfer, and
316	   pendingUpdate status values MUST NOT be combined with each other.

318	   Other status combinations not expressly prohibited MAY be used.

320	2.4.  Dates and Times

322	   Date and time attribute values MUST be represented in Universal
323	   Coordinated Time (UTC) using the Gregorian calendar.  The extended
324	   date-time form using upper case "T" and "Z" characters defined in
325	   [W3C.REC-xmlschema-2-20041028] MUST be used to represent date-time
326	   values as XML Schema does not support truncated date-time forms or
327	   lower case "T" and "Z" characters.

329	2.5.  Validity Periods

331	   A domain name object MAY have a specified validity period.  If server
332	   policy supports domain object validity periods, the validity period
333	   is defined when a domain object is created, and it MAY be extended by
334	   the EPP <renew> or <transfer> commands.  As a matter of server
335	   policy, this specification does not define actions to be taken upon
336	   expiration of a domain object's validity period.

338	   Validity periods are measured in years or months with the appropriate
339	   units specified using the "unit" attribute.  Valid values for the
340	   "unit" attribute are "y" for years and "m" for months.  The minimum
341	   allowable period value is one (1).  The maximum allowable value is
342	   ninety-nine decimal (99).  A server MAY support a lower maximum
343	   value.

345	2.6.  Authorization Information

347	   Authorization information is associated with domain objects to
348	   facilitate transfer operations.  Authorization information is
349	   assigned when a domain object is created, and it might be updated in
350	   the future.  This specification describes password-based
351	   authorization information, though other mechanisms are possible.

353	2.7.  Other DNS Resource Record Attributes

355	   While the DNS allows many resource record types to be associated with
356	   a domain, this mapping only explicitly specifies elements that
357	   describe resource records used for domain delegation and resolution.
358	   Facilities to provision other domain-related resource record types
359	   can be developed by extending this mapping.

361	   The provisioning method described in this mapping separates discrete
362	   data elements by data type.  This method of data definition allows
363	   XML Schema processors to perform basic syntax validation tasks,
364	   reducing ambiguity and the amount of parsing and syntax-checking work
365	   required of protocol processors.  Provisioning and extension methods
366	   that aggregate data into opaque strings are possible, but such
367	   methods should not be used because they impose additional parsing,
368	   interpretation, and validation requirements on protocol processors.

370	3.  EPP Command Mapping

372	   A detailed description of the EPP syntax and semantics can be found
373	   in [I-D.hollenbeck-rfc4930bis].  The command mappings described here
374	   are specifically for use in provisioning and managing Internet domain
375	   names via EPP.

377	3.1.  EPP Query Commands

379	   EPP provides three commands to retrieve domain information: <check>
380	   to determine if a domain object can be provisioned within a
381	   repository, <info> to retrieve detailed information associated with a
382	   domain object, and <transfer> to retrieve domain object transfer
383	   status information.

385	3.1.1.  EPP <check> Command

387	   The EPP <check> command is used to determine if an object can be
388	   provisioned within a repository.  It provides a hint that allows a
389	   client to anticipate the success or failure of provisioning an object
390	   using the <create> command as object provisioning requirements are
391	   ultimately a matter of server policy.

393	   In addition to the standard EPP command elements, the <check> command
394	   MUST contain a <domain:check> element that identifies the domain
395	   namespace.  The <domain:check> element contains the following child
396	   elements:

398	   -  One or more <domain:name> elements that contain the fully
399	      qualified names of the domain objects to be queried.

401	   Example <check> command:

403	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
404	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
405	   C:  <command>
406	   C:    <check>
407	   C:      <domain:check
408	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
409	   C:        <domain:name>example.com</domain:name>
410	   C:        <domain:name>example.net</domain:name>
411	   C:        <domain:name>example.org</domain:name>
412	   C:      </domain:check>
413	   C:    </check>
414	   C:    <clTRID>ABC-12345</clTRID>
415	   C:  </command>
416	   C:</epp>

418	   When a <check> command has been processed successfully, the EPP
419	   <resData> element MUST contain a child <domain:chkData> element that
420	   identifies the domain namespace.  The <domain:chkData> element
421	   contains one or more <domain:cd> elements that contain the following
422	   child elements:

424	   -  A <domain:name> element that contains the fully qualified name of
425	      the queried domain object.  This element MUST contain an "avail"
426	      attribute whose value indicates object availability (can it be
427	      provisioned or not) at the moment the <check> command was
428	      completed.  A value of "1" or "true" means that the object can be
429	      provisioned.  A value of "0" or "false" means that the object can
430	      not be provisioned.

432	   -  An OPTIONAL <domain:reason> element that MAY be provided when an
433	      object cannot be provisioned.  If present, this element contains
434	      server-specific text to help explain why the object cannot be
435	      provisioned.  This text MUST be represented in the response
436	      language previously negotiated with the client; an OPTIONAL "lang"
437	      attribute MAY be present to identify the language if the
438	      negotiated value is something other than the default value of "en"
439	      (English).

441	   Example <check> response:

443	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
444	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
445	   S:  <response>
446	   S:    <result code="1000">
447	   S:      <msg>Command completed successfully</msg>
448	   S:    </result>
449	   S:    <resData>
450	   S:      <domain:chkData
451	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
452	   S:        <domain:cd>
453	   S:          <domain:name avail="1">example.com</domain:name>
454	   S:        </domain:cd>
455	   S:        <domain:cd>
456	   S:          <domain:name avail="0">example.net</domain:name>
457	   S:          <domain:reason>In use</domain:reason>
458	   S:        </domain:cd>
459	   S:        <domain:cd>
460	   S:          <domain:name avail="1">example.org</domain:name>
461	   S:        </domain:cd>
462	   S:      </domain:chkData>
463	   S:    </resData>
464	   S:    <trID>
465	   S:      <clTRID>ABC-12345</clTRID>
466	   S:      <svTRID>54322-XYZ</svTRID>
467	   S:    </trID>
468	   S:  </response>
469	   S:</epp>

471	   An EPP error response MUST be returned if a <check> command cannot be
472	   processed for any reason.

474	3.1.2.  EPP <info> Command

476	   The EPP <info> command is used to retrieve information associated
477	   with a domain object.  The response to this command MAY vary
478	   depending on the identity of the querying client, use of
479	   authorization information, and server policy towards unauthorized
480	   clients.  If the querying client is the sponsoring client, all
481	   available information MUST be returned.  If the querying client is
482	   not the sponsoring client, but the client provides valid
483	   authorization information, all available information MUST be
484	   returned.  If the querying client is not the sponsoring client, and
485	   the client does not provide valid authorization information, server
486	   policy determines which OPTIONAL elements are returned.

488	   In addition to the standard EPP command elements, the <info> command
489	   MUST contain a <domain:info> element that identifies the domain
490	   namespace.  The <domain:info> element contains the following child
491	   elements:

493	   -  A <domain:name> element that contains the fully qualified name of
494	      the domain object to be queried.  An OPTIONAL "hosts" attribute is
495	      available to control return of information describing hosts
496	      related to the domain object.  A value of "all" (the default,
497	      which MAY be absent) returns information describing both
498	      subordinate and delegated hosts.  A value of "del" returns
499	      information describing only delegated hosts.  A value of "sub"
500	      returns information describing only subordinate hosts.  A value of
501	      "none" returns no information describing delegated or subordinate
502	      hosts.

504	   -  An OPTIONAL <domain:authInfo> element that contains authorization
505	      information associated with the domain object or authorization
506	      information associated with the domain object's registrant or
507	      associated contacts.  An OPTIONAL "roid" attribute MUST be used to
508	      identify the registrant or contact object if and only if the given
509	      authInfo is associated with a registrant or contact object, and
510	      not the domain object itself.  If this element is not provided or
511	      if the authorization information is invalid, server policy
512	      determines if the command is rejected or if response information
513	      will be returned to the client.

515	   Example <info> command without authorization information:

517	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
518	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
519	   C:  <command>
520	   C:    <info>
521	   C:      <domain:info
522	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
523	   C:        <domain:name hosts="all">example.com</domain:name>
524	   C:      </domain:info>
525	   C:    </info>
526	   C:    <clTRID>ABC-12345</clTRID>
527	   C:  </command>
528	   C:</epp>
529	   Example <info> command with authorization information:

531	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
532	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
533	   C:  <command>
534	   C:    <info>
535	   C:      <domain:info
536	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
537	   C:        <domain:name hosts="all">example.com</domain:name>
538	   C:        <domain:authInfo>
539	   C:          <domain:pw>2fooBAR</domain:pw>
540	   C:        </domain:authInfo>
541	   C:      </domain:info>
542	   C:    </info>
543	   C:    <clTRID>ABC-12345</clTRID>
544	   C:  </command>
545	   C:</epp>

547	   When an <info> command has been processed successfully, the EPP
548	   <resData> element MUST contain a child <domain:infData> element that
549	   identifies the domain namespace.  Elements that are not OPTIONAL MUST
550	   be returned; OPTIONAL elements are returned based on client
551	   authorization and server policy.  The <domain:infData> element
552	   contains the following child elements:

554	   -  A <domain:name> element that contains the fully qualified name of
555	      the domain object.

557	   -  A <domain:roid> element that contains the Repository Object
558	      IDentifier assigned to the domain object when the object was
559	      created.

561	   -  Zero or more OPTIONAL <domain:status> elements that contain the
562	      current status descriptors associated with the domain.

564	   -  If supported by the server, one OPTIONAL <domain:registrant>
565	      element and one or more OPTIONAL <domain:contact> elements that
566	      contain identifiers for the human or organizational social
567	      information objects associated with the domain object.

569	   -  An OPTIONAL <domain:ns> element that contains the fully qualified
570	      names of the delegated host objects or host attributes (name
571	      servers) associated with the domain object.  See Section 1.1 for a
572	      description of the elements used to specify host objects or host
573	      attributes.

575	   -  Zero or more OPTIONAL <domain:host> elements that contain the
576	      fully qualified names of the subordinate host objects that exist
577	      under this superordinate domain object.

579	   -  A <domain:clID> element that contains the identifier of the
580	      sponsoring client.

582	   -  An OPTIONAL <domain:crID> element that contains the identifier of
583	      the client that created the domain object.

585	   -  An OPTIONAL <domain:crDate> element that contains the date and
586	      time of domain object creation.

588	   -  An OPTIONAL <domain:exDate> element that contains the date and
589	      time identifying the end of the domain object's registration
590	      period.

592	   -  An OPTIONAL <domain:upID> element that contains the identifier of
593	      the client that last updated the domain object.  This element MUST
594	      NOT be present if the domain has never been modified.

596	   -  An OPTIONAL <domain:upDate> element that contains the date and
597	      time of the most recent domain object modification.  This element
598	      MUST NOT be present if the domain object has never been modified.

600	   -  An OPTIONAL <domain:trDate> elements that contains the date and
601	      time of the most recent successful domain object transfer.  This
602	      element MUST NOT be provided if the domain object has never been
603	      transferred.

605	   -  An OPTIONAL <domain:authInfo> element that contains authorization
606	      information associated with the domain object.  This element MUST
607	      only be returned if the querying client is the current sponsoring
608	      client, or if the client supplied valid authorization information
609	      with the command.

611	   Example <info> response for an authorized client:

613	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
614	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
615	   S:  <response>
616	   S:    <result code="1000">
617	   S:      <msg>Command completed successfully</msg>
618	   S:    </result>
619	   S:    <resData>
620	   S:      <domain:infData
621	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
622	   S:        <domain:name>example.com</domain:name>
623	   S:        <domain:roid>EXAMPLE1-REP</domain:roid>
624	   S:        <domain:status s="ok"/>
625	   S:        <domain:registrant>jd1234</domain:registrant>
626	   S:        <domain:contact type="admin">sh8013</domain:contact>
627	   S:        <domain:contact type="tech">sh8013</domain:contact>
628	   S:        <domain:ns>
629	   S:          <domain:hostObj>ns1.example.com</domain:hostObj>
630	   S:          <domain:hostObj>ns1.example.net</domain:hostObj>
631	   S:        </domain:ns>
632	   S:        <domain:host>ns1.example.com</domain:host>
633	   S:        <domain:host>ns2.example.com</domain:host>
634	   S:        <domain:clID>ClientX</domain:clID>
635	   S:        <domain:crID>ClientY</domain:crID>
636	   S:        <domain:crDate>1999-04-03T22:00:00.0Z</domain:crDate>
637	   S:        <domain:upID>ClientX</domain:upID>
638	   S:        <domain:upDate>1999-12-03T09:00:00.0Z</domain:upDate>
639	   S:        <domain:exDate>2005-04-03T22:00:00.0Z</domain:exDate>
640	   S:        <domain:trDate>2000-04-08T09:00:00.0Z</domain:trDate>
641	   S:        <domain:authInfo>
642	   S:          <domain:pw>2fooBAR</domain:pw>
643	   S:        </domain:authInfo>
644	   S:      </domain:infData>
645	   S:    </resData>
646	   S:    <trID>
647	   S:      <clTRID>ABC-12345</clTRID>
648	   S:      <svTRID>54322-XYZ</svTRID>
649	   S:    </trID>
650	   S:  </response>
651	   S:</epp>

653	   A server with a different information return policy MAY provide less
654	   information in a response.

656	   Example <info> response for an unauthorized client:

658	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
659	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
660	   S:  <response>
661	   S:    <result code="1000">
662	   S:      <msg>Command completed successfully</msg>
663	   S:    </result>
664	   S:    <resData>
665	   S:      <domain:infData
666	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
667	   S:        <domain:name>example.com</domain:name>
668	   S:        <domain:roid>EXAMPLE1-REP</domain:roid>
669	   S:        <domain:clID>ClientX</domain:clID>
670	   S:      </domain:infData>
671	   S:    </resData>
672	   S:    <trID>
673	   S:      <clTRID>ABC-12345</clTRID>
674	   S:      <svTRID>54322-XYZ</svTRID>
675	   S:    </trID>
676	   S:  </response>
677	   S:</epp>

679	   An EPP error response MUST be returned if an <info> command cannot be
680	   processed for any reason.

682	3.1.3.  EPP <transfer> Query Command

684	   The EPP <transfer> command provides a query operation that allows a
685	   client to determine real-time status of pending and completed
686	   transfer requests.  In addition to the standard EPP command elements,
687	   the <transfer> command MUST contain an "op" attribute with value
688	   "query", and a <domain:transfer> element that identifies the domain
689	   namespace.  The <domain:transfer> element contains the following
690	   child elements:

692	   -  A <domain:name> element that contains the fully qualified name of
693	      the domain object to be queried.

695	   -  An OPTIONAL <domain:authInfo> element that contains authorization
696	      information associated with the domain object or authorization
697	      information associated with the domain object's registrant or
698	      associated contacts.  An OPTIONAL "roid" attribute MUST be used to
699	      identify the registrant or contact object if and only if the given
700	      authInfo is associated with a registrant or contact object, and
701	      not the domain object itself.  If this element is not provided or
702	      if the authorization information is invalid, server policy
703	      determines if the command is rejected or if response information
704	      will be returned to the client.

706	   Example <transfer> query command:

708	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
709	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
710	   C:  <command>
711	   C:    <transfer op="query">
712	   C:      <domain:transfer
713	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
714	   C:        <domain:name>example.com</domain:name>
715	   C:        <domain:authInfo>
716	   C:          <domain:pw roid="JD1234-REP">2fooBAR</domain:pw>
717	   C:        </domain:authInfo>
718	   C:      </domain:transfer>
719	   C:    </transfer>
720	   C:    <clTRID>ABC-12345</clTRID>
721	   C:  </command>
722	   C:</epp>

724	   When a <transfer> query command has been processed successfully, the
725	   EPP <resData> element MUST contain a child <domain:trnData> element
726	   that identifies the domain namespace.  The <domain:trnData> element
727	   contains the following child elements:

729	   -  A <domain:name> element that contains the fully qualified name of
730	      the domain object.

732	   -  A <domain:trStatus> element that contains the state of the most
733	      recent transfer request.

735	   -  A <domain:reID> element that contains the identifier of the client
736	      that requested the object transfer.

738	   -  A <domain:reDate> element that contains the date and time that the
739	      transfer was requested.

741	   -  A <domain:acID> element that contains the identifier of the client
742	      that SHOULD act upon a PENDING transfer request.  For all other
743	      status types, the value identifies the client that took the
744	      indicated action.

746	   -  A <domain:acDate> element that contains the date and time of a
747	      required or completed response.  For a PENDING request, the value
748	      identifies the date and time by which a response is required
749	      before an automated response action will be taken by the server.
750	      For all other status types, the value identifies the date and time
751	      when the request was completed.

753	   -  An OPTIONAL <domain:exDate> element that contains the end of the
754	      domain object's validity period if the <transfer> command caused
755	      or causes a change in the validity period.

757	   Example <transfer> query response:

759	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
760	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
761	   S:  <response>
762	   S:    <result code="1000">
763	   S:      <msg>Command completed successfully</msg>
764	   S:    </result>
765	   S:    <resData>
766	   S:      <domain:trnData
767	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
768	   S:        <domain:name>example.com</domain:name>
769	   S:        <domain:trStatus>pending</domain:trStatus>
770	   S:        <domain:reID>ClientX</domain:reID>
771	   S:        <domain:reDate>2000-06-06T22:00:00.0Z</domain:reDate>
772	   S:        <domain:acID>ClientY</domain:acID>
773	   S:        <domain:acDate>2000-06-11T22:00:00.0Z</domain:acDate>
774	   S:        <domain:exDate>2002-09-08T22:00:00.0Z</domain:exDate>
775	   S:      </domain:trnData>
776	   S:    </resData>
777	   S:    <trID>
778	   S:      <clTRID>ABC-12345</clTRID>
779	   S:      <svTRID>54322-XYZ</svTRID>
780	   S:    </trID>
781	   S:  </response>
782	   S:</epp>

784	   An EPP error response MUST be returned if a <transfer> query command
785	   cannot be processed for any reason.

787	3.2.  EPP Transform Commands

789	   EPP provides five commands to transform domain objects: <create> to
790	   create an instance of a domain object, <delete> to delete an instance
791	   of a domain object, <renew> to extend the validity period of a domain
792	   object, <transfer> to manage domain object sponsorship changes, and
793	   <update> to change information associated with a domain object.

795	   Transform commands are typically processed and completed in real
796	   time.  Server operators MAY receive and process transform commands,
797	   but defer completing the requested action if human or third-party
798	   review is required before the requested action can be completed.  In
799	   such situations the server MUST return a 1001 response code to the
800	   client to note that the command has been received and processed, but
801	   the requested action is pending.  The server MUST also manage the
802	   status of the object that is the subject of the command to reflect
803	   the initiation and completion of the requested action.  Once the
804	   action has been completed, all clients involved in the transaction
805	   MUST be notified using a service message that the action has been
806	   completed and that the status of the object has changed.  Other
807	   notification methods MAY be used in addition to the required service
808	   message.

810	   Server operators SHOULD confirm that a client is authorized to
811	   perform a transform command on a given object.  Any attempt to
812	   transform an object by an unauthorized client MUST be rejected, and
813	   the server MUST return a 2201 response code to the client to note
814	   that the client lacks privileges to execute the requested command.

816	3.2.1.  EPP <create> Command

818	   The EPP <create> command provides a transform operation that allows a
819	   client to create a domain object.  In addition to the standard EPP
820	   command elements, the <create> command MUST contain a <domain:create>
821	   element that identifies the domain namespace.  The <domain:create>
822	   element contains the following child elements:

824	   -  A <domain:name> element that contains the fully qualified name of
825	      the domain object to be created.

827	   -  An OPTIONAL <domain:period> element that contains the initial
828	      registration period of the domain object.  A server MAY define a
829	      default initial registration period if not specified by the
830	      client.

832	   -  An OPTIONAL <domain:ns> element that contains the fully qualified
833	      names of the delegated host objects or host attributes (name
834	      servers) associated with the domain object to provide resolution
835	      services for the domain; see Section 1.1 for a description of the
836	      elements used to specify host objects or host attributes.  A host
837	      object MUST be known to the server before the host object can be
838	      associated with a domain object.

840	   -  An OPTIONAL <domain:registrant> element that contains the
841	      identifier for the human or organizational social information
842	      (contact) object to be associated with the domain object as the
843	      object registrant.  This object identifier MUST be known to the
844	      server before the contact object can be associated with the domain
845	      object.  The EPP mapping for contact objects is described in
846	      [I-D.hollenbeck-rfc4933bis].

848	   -  Zero or more OPTIONAL <domain:contact> elements that contain the
849	      identifiers for other contact objects to be associated with the
850	      domain object.  Contact object identifiers MUST be known to the
851	      server before the contact object can be associated with the domain
852	      object.

854	   -  A <domain:authInfo> element that contains authorization
855	      information to be associated with the domain object.  This mapping
856	      includes a password-based authentication mechanism, but the schema
857	      allows new mechanisms to be defined in new schemas.

859	   Example <create> command:

861	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
862	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
863	   C:  <command>
864	   C:    <create>
865	   C:      <domain:create
866	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
867	   C:        <domain:name>example.com</domain:name>
868	   C:        <domain:period unit="y">2</domain:period>
869	   C:        <domain:ns>
870	   C:          <domain:hostObj>ns1.example.net</domain:hostObj>
871	   C:          <domain:hostObj>ns2.example.net</domain:hostObj>
872	   C:        </domain:ns>
873	   C:        <domain:registrant>jd1234</domain:registrant>
874	   C:        <domain:contact type="admin">sh8013</domain:contact>
875	   C:        <domain:contact type="tech">sh8013</domain:contact>
876	   C:        <domain:authInfo>
877	   C:          <domain:pw>2fooBAR</domain:pw>
878	   C:        </domain:authInfo>
879	   C:      </domain:create>
880	   C:    </create>
881	   C:    <clTRID>ABC-12345</clTRID>
882	   C:  </command>
883	   C:</epp>

885	   When a <create> command has been processed successfully, the EPP
886	   <resData> element MUST contain a child <domain:creData> element that
887	   identifies the domain namespace.  The <domain:creData> element
888	   contains the following child elements:

890	   -  A <domain:name> element that contains the fully qualified name of
891	      the domain object.

893	   -  A <domain:crDate> element that contains the date and time of
894	      domain object creation.

896	   -  An OPTIONAL <domain:exDate> element that contains the date and
897	      time identifying the end of the domain object's registration
898	      period.

900	   Example <create> response:

902	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
903	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
904	   S:  <response>
905	   S:    <result code="1000">
906	   S:      <msg>Command completed successfully</msg>
907	   S:    </result>
908	   S:    <resData>
909	   S:      <domain:creData
910	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
911	   S:        <domain:name>example.com</domain:name>
912	   S:        <domain:crDate>1999-04-03T22:00:00.0Z</domain:crDate>
913	   S:        <domain:exDate>2001-04-03T22:00:00.0Z</domain:exDate>
914	   S:      </domain:creData>
915	   S:    </resData>
916	   S:    <trID>
917	   S:      <clTRID>ABC-12345</clTRID>
918	   S:      <svTRID>54321-XYZ</svTRID>
919	   S:    </trID>
920	   S:  </response>
921	   S:</epp>

923	   An EPP error response MUST be returned if a <create> command cannot
924	   be processed for any reason.

926	3.2.2.  EPP <delete> Command

928	   The EPP <delete> command provides a transform operation that allows a
929	   client to delete a domain object.  In addition to the standard EPP
930	   command elements, the <delete> command MUST contain a <domain:delete>
931	   element that identifies the domain namespace.  The <domain:delete>
932	   element contains the following child elements:

934	   -  A <domain:name> element that contains the fully qualified name of
935	      the domain object to be deleted.

937	   A domain object SHOULD NOT be deleted if subordinate host objects are
938	   associated with the domain object.  For example, if domain
939	   "example.com" exists, and host object "ns1.example.com" also exists,
940	   then domain "example.com" SHOULD NOT be deleted until host
941	   "ns1.example.com" has been either deleted or renamed to exist in a
942	   different superordinate domain.  A server SHOULD notify clients that
943	   object relationships exist by sending a 2305 error response code when
944	   a <delete> command is attempted and fails due to existing object
945	   relationships.  Delegated and subordinate host objects associated
946	   with a domain object can be determined using the <info> query command
947	   for the domain object.

949	   Example <delete> command:

951	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
952	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
953	   C:  <command>
954	   C:    <delete>
955	   C:      <domain:delete
956	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
957	   C:        <domain:name>example.com</domain:name>
958	   C:      </domain:delete>
959	   C:    </delete>
960	   C:    <clTRID>ABC-12345</clTRID>
961	   C:  </command>
962	   C:</epp>

964	   When a <delete> command has been processed successfully, a server
965	   MUST respond with an EPP response with no <resData> element.

967	   Example <delete> response:

969	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
970	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
971	   S:  <response>
972	   S:    <result code="1000">
973	   S:      <msg>Command completed successfully</msg>
974	   S:    </result>
975	   S:    <trID>
976	   S:      <clTRID>ABC-12345</clTRID>
977	   S:      <svTRID>54321-XYZ</svTRID>
978	   S:    </trID>
979	   S:  </response>
980	   S:</epp>

982	   An EPP error response MUST be returned if a <delete> command cannot
983	   be processed for any reason.

985	3.2.3.  EPP <renew> Command

987	   The EPP <renew> command provides a transform operation that allows a
988	   client to extend the validity period of a domain object.  In addition
989	   to the standard EPP command elements, the <renew> command MUST
990	   contain a <domain:renew> element that identifies the domain
991	   namespace.  The <domain:renew> element contains the following child
992	   elements:

994	   -  A <domain:name> element that contains the fully qualified name of
995	      the domain object whose validity period is to be extended.

997	   -  A <domain:curExpDate> element that contains the date on which the
998	      current validity period ends.  This value ensures that repeated
999	      <renew> commands do not result in multiple unanticipated
1000	      successful renewals.

1002	   -  An OPTIONAL <domain:period> element that contains the number of
1003	      units to be added to the registration period of the domain object.
1004	      The number of units available MAY be subject to limits imposed by
1005	      the server.

1007	   Example <renew> command:

1009	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1010	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1011	   C:  <command>
1012	   C:    <renew>
1013	   C:      <domain:renew
1014	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1015	   C:        <domain:name>example.com</domain:name>
1016	   C:        <domain:curExpDate>2000-04-03</domain:curExpDate>
1017	   C:        <domain:period unit="y">5</domain:period>
1018	   C:      </domain:renew>
1019	   C:    </renew>
1020	   C:    <clTRID>ABC-12345</clTRID>
1021	   C:  </command>
1022	   C:</epp>

1024	   When a <renew> command has been processed successfully, the EPP
1025	   <resData> element MUST contain a child <domain:renData> element that
1026	   identifies the domain namespace.  The <domain:renData> element
1027	   contains the following child elements:

1029	   -  A <domain:name> element that contains the fully qualified name of
1030	      the domain object.

1032	   -  An OPTIONAL <domain:exDate> element that contains the date and
1033	      time identifying the end of the domain object's registration
1034	      period.

1036	   Example <renew> response:

1038	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1039	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1040	   S:  <response>
1041	   S:    <result code="1000">
1042	   S:      <msg>Command completed successfully</msg>
1043	   S:    </result>
1044	   S:    <resData>
1045	   S:      <domain:renData
1046	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1047	   S:        <domain:name>example.com</domain:name>
1048	   S:        <domain:exDate>2005-04-03T22:00:00.0Z</domain:exDate>
1049	   S:      </domain:renData>
1050	   S:    </resData>
1051	   S:    <trID>
1052	   S:      <clTRID>ABC-12345</clTRID>
1053	   S:      <svTRID>54322-XYZ</svTRID>
1054	   S:    </trID>
1055	   S:  </response>
1056	   S:</epp>

1058	   An EPP error response MUST be returned if a <renew> command cannot be
1059	   processed for any reason.

1061	3.2.4.  EPP <transfer> Command

1063	   The EPP <transfer> command provides a transform operation that allows
1064	   a client to manage requests to transfer the sponsorship of a domain
1065	   object.  In addition to the standard EPP command elements, the
1066	   <transfer> command MUST contain a <domain:transfer> element that
1067	   identifies the domain namespace.  The <domain:transfer> element
1068	   contains the following child elements:

1070	   -  A <domain:name> element that contains the fully qualified name of
1071	      the domain object for which a transfer request is to be created,
1072	      approved, rejected, or cancelled.

1074	   -  An OPTIONAL <domain:period> element that contains the number of
1075	      units to be added to the registration period of the domain object
1076	      at completion of the transfer process.  This element can only be
1077	      used when a transfer is requested, and it MUST be ignored if used
1078	      otherwise.  The number of units available MAY be subject to limits
1079	      imposed by the server.

1081	   -  A <domain:authInfo> element that contains authorization
1082	      information associated with the domain object or authorization
1083	      information associated with the domain object's registrant or
1084	      associated contacts.  An OPTIONAL "roid" attribute MUST be used to
1085	      identify the registrant or contact object if and only if the given
1086	      authInfo is associated with a registrant or contact object, and
1087	      not the domain object itself.

1089	   Every EPP <transfer> command MUST contain an "op" attribute that
1090	   identifies the transfer operation to be performed.  Valid values,
1091	   definitions, and authorizations for all attribute values are defined
1092	   in [I-D.hollenbeck-rfc4930bis].

1094	   Transfer of a domain object MUST implicitly transfer all host objects
1095	   that are subordinate to the domain object.  For example, if domain
1096	   object "example.com" is transferred and host object "ns1.example.com"
1097	   exists, the host object MUST be transferred as part of the
1098	   "example.com" transfer process.  Host objects that are subject to
1099	   transfer when transferring a domain object are listed in the response
1100	   to an EPP <info> command performed on the domain object.

1102	   Example <transfer> request command:

1104	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1105	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1106	   C:  <command>
1107	   C:    <transfer op="request">
1108	   C:      <domain:transfer
1109	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1110	   C:        <domain:name>example.com</domain:name>
1111	   C:        <domain:period unit="y">1</domain:period>
1112	   C:        <domain:authInfo>
1113	   C:          <domain:pw roid="JD1234-REP">2fooBAR</domain:pw>
1114	   C:        </domain:authInfo>
1115	   C:      </domain:transfer>
1116	   C:    </transfer>
1117	   C:    <clTRID>ABC-12345</clTRID>
1118	   C:  </command>
1119	   C:</epp>

1121	   When a <transfer> command has been processed successfully, the EPP
1122	   <resData> element MUST contain a child <domain:trnData> element that
1123	   identifies the domain namespace.  The <domain:trnData> element
1124	   contains the same child elements defined for a transfer query
1125	   response.

1127	   Example <transfer> response:

1129	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1130	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1131	   S:  <response>
1132	   S:    <result code="1001">
1133	   S:      <msg>Command completed successfully; action pending</msg>
1134	   S:    </result>
1135	   S:    <resData>
1136	   S:      <domain:trnData
1137	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1138	   S:        <domain:name>example.com</domain:name>
1139	   S:        <domain:trStatus>pending</domain:trStatus>
1140	   S:        <domain:reID>ClientX</domain:reID>
1141	   S:        <domain:reDate>2000-06-08T22:00:00.0Z</domain:reDate>
1142	   S:        <domain:acID>ClientY</domain:acID>
1143	   S:        <domain:acDate>2000-06-13T22:00:00.0Z</domain:acDate>
1144	   S:        <domain:exDate>2002-09-08T22:00:00.0Z</domain:exDate>
1145	   S:      </domain:trnData>
1146	   S:    </resData>
1147	   S:    <trID>
1148	   S:      <clTRID>ABC-12345</clTRID>
1149	   S:      <svTRID>54322-XYZ</svTRID>
1150	   S:    </trID>
1151	   S:  </response>
1152	   S:</epp>

1154	   An EPP error response MUST be returned if a <transfer> command can
1155	   not be processed for any reason.

1157	3.2.5.  EPP <update> Command

1159	   The EPP <update> command provides a transform operation that allows a
1160	   client to modify the attributes of a domain object.  In addition to
1161	   the standard EPP command elements, the <update> command MUST contain
1162	   a <domain:update> element that identifies the domain namespace.  The
1163	   <domain:update> element contains the following child elements:

1165	   -  A <domain:name> element that contains the fully qualified name of
1166	      the domain object to be updated.

1168	   -  An OPTIONAL <domain:add> element that contains attribute values to
1169	      be added to the object.

1171	   -  An OPTIONAL <domain:rem> element that contains attribute values to
1172	      be removed from the object.

1174	   -  An OPTIONAL <domain:chg> element that contains object attribute
1175	      values to be changed.

1177	   At least one <domain:add>, <domain:rem>, or <domain:chg> element MUST
1178	   be provided if the command is not being extended.  All of these
1179	   elements MAY be omitted if an <update> extension is present.  The
1180	   <domain:add> and <domain:rem> elements contain the following child
1181	   elements:

1183	   -  An OPTIONAL <domain:ns> element that contains the fully qualified
1184	      names of the delegated host objects or host attributes (name
1185	      servers) associated with the domain object to provide resolution
1186	      services for the domain; see Section 1.1 for a description of the
1187	      elements used to specify host objects or host attributes.  A host
1188	      object MUST be known to the server before the host object can be
1189	      associated with a domain object.  If host attributes are used to
1190	      specify name servers, note that IP address elements are not needed
1191	      to identify a name server that is being removed.  IP address
1192	      elements can safely be absent or ignored in this situation.

1194	   -  Zero or more <domain:contact> elements that contain the
1195	      identifiers for contact objects to be associated with or removed
1196	      from the domain object.  Contact object identifiers MUST be known
1197	      to the server before the contact object can be associated with the
1198	      domain object.

1200	   -  Zero or more <domain:status> elements that contain status values
1201	      to be applied to or removed from the object.  When specifying a
1202	      value to be removed, only the attribute value is significant;
1203	      element text is not required to match a value for removal.

1205	   A <domain:chg> element contains the following child elements:

1207	   -  A <domain:registrant> element that contains the identifier for the
1208	      human or organizational social information (contact) object to be
1209	      associated with the domain object as the object registrant.  This
1210	      object identifier MUST be known to the server before the contact
1211	      object can be associated with the domain object.  An empty element
1212	      can be used to remove registrant information.

1214	   -  A <domain:authInfo> element that contains authorization
1215	      information associated with the domain object.  This mapping
1216	      includes a password-based authentication mechanism, but the schema
1217	      allows new mechanisms to be defined in new schemas.  A <domain:
1218	      null> element can be used within the <domain:authInfo> element to
1219	      remove authorization information.

1221	   Example <update> command:

1223	   C:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1224	   C:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1225	   C:  <command>
1226	   C:    <update>
1227	   C:      <domain:update
1228	   C:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1229	   C:        <domain:name>example.com</domain:name>
1230	   C:        <domain:add>
1231	   C:          <domain:ns>
1232	   C:            <domain:hostObj>ns2.example.com</domain:hostObj>
1233	   C:          </domain:ns>
1234	   C:          <domain:contact type="tech">mak21</domain:contact>
1235	   C:          <domain:status s="clientHold"
1236	   C:           lang="en">Payment overdue.</domain:status>
1237	   C:        </domain:add>
1238	   C:        <domain:rem>
1239	   C:          <domain:ns>
1240	   C:            <domain:hostObj>ns1.example.com</domain:hostObj>
1241	   C:          </domain:ns>
1242	   C:          <domain:contact type="tech">sh8013</domain:contact>
1243	   C:          <domain:status s="clientUpdateProhibited"/>
1244	   C:        </domain:rem>
1245	   C:        <domain:chg>
1246	   C:          <domain:registrant>sh8013</domain:registrant>
1247	   C:          <domain:authInfo>
1248	   C:            <domain:pw>2BARfoo</domain:pw>
1249	   C:          </domain:authInfo>
1250	   C:        </domain:chg>
1251	   C:      </domain:update>
1252	   C:    </update>
1253	   C:    <clTRID>ABC-12345</clTRID>
1254	   C:  </command>
1255	   C:</epp>

1257	   When an <update> command has been processed successfully, a server
1258	   MUST respond with an EPP response with no <resData> element.

1260	   Example <update> response:

1262	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1263	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1264	   S:  <response>
1265	   S:    <result code="1000">
1266	   S:      <msg>Command completed successfully</msg>
1267	   S:    </result>
1268	   S:    <trID>
1269	   S:      <clTRID>ABC-12345</clTRID>
1270	   S:      <svTRID>54321-XYZ</svTRID>
1271	   S:    </trID>
1272	   S:  </response>
1273	   S:</epp>

1275	   An EPP error response MUST be returned if an <update> command cannot
1276	   be processed for any reason.

1278	3.3.  Offline Review of Requested Actions

1280	   Commands are processed by a server in the order they are received
1281	   from a client.  Though an immediate response confirming receipt and
1282	   processing of the command is produced by the server, a server
1283	   operator MAY perform an offline review of requested transform
1284	   commands before completing the requested action.  In such situations,
1285	   the response from the server MUST clearly note that the transform
1286	   command has been received and processed, but the requested action is
1287	   pending.  The status of the corresponding object MUST clearly reflect
1288	   processing of the pending action.  The server MUST notify the client
1289	   when offline processing of the action has been completed.

1291	   Examples describing a <create> command that requires offline review
1292	   are included here.  Note the result code and message returned in
1293	   response to the <create> command.

1295	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1296	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1297	   S:  <response>
1298	   S:    <result code="1001">
1299	   S:      <msg>Command completed successfully; action pending</msg>
1300	   S:    </result>
1301	   S:    <resData>
1302	   S:      <domain:creData
1303	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1304	   S:        <domain:name>example.com</domain:name>
1305	   S:        <domain:crDate>1999-04-03T22:00:00.0Z</domain:crDate>
1306	   S:        <domain:exDate>2001-04-03T22:00:00.0Z</domain:exDate>
1307	   S:      </domain:creData>
1308	   S:    </resData>
1309	   S:    <trID>
1310	   S:      <clTRID>ABC-12345</clTRID>
1311	   S:      <svTRID>54321-XYZ</svTRID>
1312	   S:    </trID>
1313	   S:  </response>
1314	   S:</epp>

1316	   The status of the domain object after returning this response MUST
1317	   include "pendingCreate".  The server operator reviews the request
1318	   offline, and informs the client of the outcome of the review either
1319	   by queuing a service message for retrieval via the <poll> command or
1320	   by using an out-of-band mechanism to inform the client of the
1321	   request.

1323	   The service message MUST contain text in the <response>, <msgQ>,
1324	   <msg> element that describes the notification.  In addition, the EPP
1325	   <resData> element MUST contain a child <domain:panData> element that
1326	   identifies the domain namespace.  The <domain:panData> element
1327	   contains the following child elements:

1329	   -  A <domain:name> element that contains the fully qualified name of
1330	      the domain object.  The <domain:name> element contains a REQUIRED
1331	      "paResult" attribute.  A positive boolean value indicates that the
1332	      request has been approved and completed.  A negative boolean value
1333	      indicates that the request has been denied and the requested
1334	      action has not been taken.

1336	   -  A <domain:paTRID> element that contains the client transaction
1337	      identifier and server transaction identifier returned with the
1338	      original response to process the command.  The client transaction
1339	      identifier is OPTIONAL and will only be returned if the client
1340	      provided an identifier with the original <create> command.

1342	   -  A <domain:paDate> element that contains the date and time
1343	      describing when review of the requested action was completed.

1345	   Example "review completed" service message:

1347	   S:<?xml version="1.0" encoding="UTF-8" standalone="no"?>
1348	   S:<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
1349	   S:  <response>
1350	   S:    <result code="1301">
1351	   S:      <msg>Command completed successfully; ack to dequeue</msg>
1352	   S:    </result>
1353	   S:    <msgQ count="5" id="12345">
1354	   S:      <qDate>1999-04-04T22:01:00.0Z</qDate>
1355	   S:      <msg>Pending action completed successfully.</msg>
1356	   S:    </msgQ>
1357	   S:    <resData>
1358	   S:      <domain:panData
1359	   S:       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
1360	   S:        <domain:name paResult="1">example.com</domain:name>
1361	   S:        <domain:paTRID>
1362	   S:          <clTRID>ABC-12345</clTRID>
1363	   S:          <svTRID>54321-XYZ</svTRID>
1364	   S:        </domain:paTRID>
1365	   S:        <domain:paDate>1999-04-04T22:00:00.0Z</domain:paDate>
1366	   S:      </domain:panData>
1367	   S:    </resData>
1368	   S:    <trID>
1369	   S:      <clTRID>BCD-23456</clTRID>
1370	   S:      <svTRID>65432-WXY</svTRID>
1371	   S:    </trID>
1372	   S:  </response>
1373	   S:</epp>

1375	4.  Formal Syntax

1377	   An EPP object mapping is specified in XML Schema notation.  The
1378	   formal syntax presented here is a complete schema representation of
1379	   the object mapping suitable for automated validation of EPP XML
1380	   instances.  The BEGIN and END tags are not part of the schema; they
1381	   are used to note the beginning and ending of the schema for URI
1382	   registration purposes.

1384	   BEGIN
1385	   <?xml version="1.0" encoding="UTF-8"?>

1387	   <schema targetNamespace="urn:ietf:params:xml:ns:domain-1.0"
1388	        xmlns:domain="urn:ietf:params:xml:ns:domain-1.0"
1389	        xmlns:host="urn:ietf:params:xml:ns:host-1.0"
1390	        xmlns:epp="urn:ietf:params:xml:ns:epp-1.0"
1391	        xmlns:eppcom="urn:ietf:params:xml:ns:eppcom-1.0"
1392	        xmlns="http://www.w3.org/2001/XMLSchema"
1393	        elementFormDefault="qualified">

1395	   <!--
1396	   Import common element types.
1397	   -->
1398	   <import namespace="urn:ietf:params:xml:ns:eppcom-1.0"/>
1399	   <import namespace="urn:ietf:params:xml:ns:epp-1.0"/>
1400	   <import namespace="urn:ietf:params:xml:ns:host-1.0"/>

1402	   <annotation>
1403	    <documentation>
1404	      Extensible Provisioning Protocol v1.0
1405	      domain provisioning schema.
1406	    </documentation>
1407	   </annotation>

1409	   <!--
1410	   Child elements found in EPP commands.
1411	   -->
1412	   <element name="check" type="domain:mNameType"/>
1413	   <element name="create" type="domain:createType"/>
1414	   <element name="delete" type="domain:sNameType"/>
1415	   <element name="info" type="domain:infoType"/>
1416	   <element name="renew" type="domain:renewType"/>
1417	   <element name="transfer" type="domain:transferType"/>
1418	   <element name="update" type="domain:updateType"/>
1419	   <!--
1420	   Child elements of the <create> command.
1421	   -->
1422	   <complexType name="createType">
1423	    <sequence>
1424	      <element name="name" type="eppcom:labelType"/>
1425	      <element name="period" type="domain:periodType"
1426	       minOccurs="0"/>
1427	      <element name="ns" type="domain:nsType"
1428	       minOccurs="0"/>
1429	      <element name="registrant" type="eppcom:clIDType"
1430	       minOccurs="0"/>
1431	      <element name="contact" type="domain:contactType"
1432	       minOccurs="0" maxOccurs="unbounded"/>
1433	      <element name="authInfo" type="domain:authInfoType"/>
1434	    </sequence>
1435	   </complexType>

1437	   <complexType name="periodType">
1438	    <simpleContent>
1439	      <extension base="domain:pLimitType">
1440	        <attribute name="unit" type="domain:pUnitType"
1441	         use="required"/>
1442	      </extension>
1443	    </simpleContent>
1444	   </complexType>

1446	   <simpleType name="pLimitType">
1447	    <restriction base="unsignedShort">
1448	      <minInclusive value="1"/>
1449	      <maxInclusive value="99"/>
1450	    </restriction>
1451	   </simpleType>

1453	   <simpleType name="pUnitType">
1454	    <restriction base="token">
1455	      <enumeration value="y"/>
1456	      <enumeration value="m"/>
1457	    </restriction>
1458	   </simpleType>

1460	   <complexType name="nsType">
1461	    <choice>
1462	      <element name="hostObj" type="eppcom:labelType"
1463	       maxOccurs="unbounded"/>
1464	      <element name="hostAttr" type="domain:hostAttrType"
1465	       maxOccurs="unbounded"/>
1466	    </choice>
1467	   </complexType>
1468	   <!--
1469	   Name servers are either host objects or attributes.
1470	   -->

1472	   <complexType name="hostAttrType">
1473	    <sequence>
1474	      <element name="hostName" type="eppcom:labelType"/>
1475	      <element name="hostAddr" type="host:addrType"
1476	       minOccurs="0" maxOccurs="unbounded"/>
1477	    </sequence>
1478	   </complexType>
1479	   <!--
1480	   If attributes, addresses are optional and follow the
1481	   structure defined in the host mapping.
1482	   -->

1484	   <complexType name="contactType">
1485	    <simpleContent>
1486	      <extension base="eppcom:clIDType">
1487	        <attribute name="type" type="domain:contactAttrType"/>
1488	      </extension>
1489	    </simpleContent>
1490	   </complexType>

1492	   <simpleType name="contactAttrType">
1493	    <restriction base="token">
1494	      <enumeration value="admin"/>
1495	      <enumeration value="billing"/>
1496	      <enumeration value="tech"/>
1497	    </restriction>
1498	   </simpleType>

1500	   <complexType name="authInfoType">
1501	    <choice>
1502	      <element name="pw" type="eppcom:pwAuthInfoType"/>
1503	      <element name="ext" type="eppcom:extAuthInfoType"/>
1504	    </choice>
1505	   </complexType>

1507	   <!--
1508	   Child element of commands that require a single name.
1509	   -->
1510	   <complexType name="sNameType">
1511	    <sequence>
1512	      <element name="name" type="eppcom:labelType"/>
1513	    </sequence>
1514	   </complexType>
1515	   <!--
1516	   Child element of commands that accept multiple names.
1517	   -->
1518	   <complexType name="mNameType">
1519	    <sequence>
1520	      <element name="name" type="eppcom:labelType"
1521	       maxOccurs="unbounded"/>
1522	    </sequence>
1523	   </complexType>

1525	   <!--
1526	   Child elements of the <info> command.
1527	   -->
1528	   <complexType name="infoType">
1529	    <sequence>
1530	      <element name="name" type="domain:infoNameType"/>
1531	      <element name="authInfo" type="domain:authInfoType"
1532	       minOccurs="0"/>
1533	    </sequence>

1535	   </complexType>

1537	   <complexType name="infoNameType">
1538	    <simpleContent>
1539	      <extension base = "eppcom:labelType">
1540	        <attribute name="hosts" type="domain:hostsType"
1541	         default="all"/>
1542	      </extension>
1543	    </simpleContent>
1544	   </complexType>

1546	   <simpleType name="hostsType">
1547	    <restriction base="token">
1548	      <enumeration value="all"/>
1549	      <enumeration value="del"/>
1550	      <enumeration value="none"/>
1551	      <enumeration value="sub"/>
1552	    </restriction>
1553	   </simpleType>

1555	   <!--
1556	   Child elements of the <renew> command.
1557	   -->
1558	   <complexType name="renewType">
1559	    <sequence>
1560	      <element name="name" type="eppcom:labelType"/>
1561	      <element name="curExpDate" type="date"/>
1562	      <element name="period" type="domain:periodType"
1563	       minOccurs="0"/>
1564	    </sequence>
1565	   </complexType>

1567	   <!--
1568	   Child elements of the <transfer> command.
1569	   -->
1570	   <complexType name="transferType">
1571	    <sequence>
1572	      <element name="name" type="eppcom:labelType"/>
1573	      <element name="period" type="domain:periodType"
1574	       minOccurs="0"/>
1575	      <element name="authInfo" type="domain:authInfoType"
1576	       minOccurs="0"/>
1577	    </sequence>
1578	   </complexType>

1580	   <!--
1581	   Child elements of the <update> command.
1582	   -->
1583	   <complexType name="updateType">
1584	    <sequence>
1585	      <element name="name" type="eppcom:labelType"/>
1586	      <element name="add" type="domain:addRemType"
1587	       minOccurs="0"/>
1588	      <element name="rem" type="domain:addRemType"
1589	       minOccurs="0"/>
1590	      <element name="chg" type="domain:chgType"
1591	       minOccurs="0"/>
1592	    </sequence>
1593	   </complexType>

1595	   <!--
1596	   Data elements that can be added or removed.
1597	   -->
1598	   <complexType name="addRemType">
1599	    <sequence>
1600	      <element name="ns" type="domain:nsType"
1601	       minOccurs="0"/>
1602	      <element name="contact" type="domain:contactType"
1603	       minOccurs="0" maxOccurs="unbounded"/>
1604	      <element name="status" type="domain:statusType"
1605	       minOccurs="0" maxOccurs="11"/>
1606	    </sequence>
1607	   </complexType>

1609	   <!--
1610	   Data elements that can be changed.
1611	   -->
1612	   <complexType name="chgType">
1613	    <sequence>
1614	      <element name="registrant" type="domain:clIDChgType"
1615	       minOccurs="0"/>
1616	      <element name="authInfo" type="domain:authInfoChgType"
1617	       minOccurs="0"/>
1618	    </sequence>
1619	   </complexType>

1621	   <!--
1622	   Allow the registrant value to be nullified by changing the
1623	   minLength restriction to "0".
1624	   -->
1625	   <simpleType name="clIDChgType">
1626	    <restriction base="token">
1627	      <minLength value="0"/>
1628	      <maxLength value="16"/>
1629	    </restriction>
1630	   </simpleType>
1631	   <!--
1632	   Allow the authInfo value to be nullified by including an
1633	   empty element within the choice.
1634	   -->
1635	   <complexType name="authInfoChgType">
1636	    <choice>
1637	      <element name="pw" type="eppcom:pwAuthInfoType"/>
1638	      <element name="ext" type="eppcom:extAuthInfoType"/>
1639	      <element name="null"/>
1640	    </choice>
1641	   </complexType>

1643	   <!--
1644	   Child response elements.
1645	   -->
1646	   <element name="chkData" type="domain:chkDataType"/>
1647	   <element name="creData" type="domain:creDataType"/>
1648	   <element name="infData" type="domain:infDataType"/>
1649	   <element name="panData" type="domain:panDataType"/>
1650	   <element name="renData" type="domain:renDataType"/>
1651	   <element name="trnData" type="domain:trnDataType"/>

1653	   <!--
1654	   <check> response elements.
1655	   -->
1656	   <complexType name="chkDataType">
1657	    <sequence>
1658	      <element name="cd" type="domain:checkType"
1659	       maxOccurs="unbounded"/>
1660	    </sequence>
1661	   </complexType>

1663	   <complexType name="checkType">
1664	    <sequence>
1665	      <element name="name" type="domain:checkNameType"/>
1666	      <element name="reason" type="eppcom:reasonType"
1667	       minOccurs="0"/>
1668	    </sequence>
1669	   </complexType>

1671	   <complexType name="checkNameType">
1672	    <simpleContent>
1673	      <extension base="eppcom:labelType">
1674	        <attribute name="avail" type="boolean"
1675	         use="required"/>
1676	      </extension>
1677	    </simpleContent>
1678	   </complexType>
1679	   <!--
1680	   <create> response elements.
1681	   -->
1682	   <complexType name="creDataType">
1683	    <sequence>
1684	      <element name="name" type="eppcom:labelType"/>
1685	      <element name="crDate" type="dateTime"/>
1686	      <element name="exDate" type="dateTime"
1687	       minOccurs="0"/>
1688	    </sequence>
1689	   </complexType>

1691	   <!--
1692	   <info> response elements.
1693	   -->
1694	   <complexType name="infDataType">
1695	    <sequence>
1696	      <element name="name" type="eppcom:labelType"/>
1697	      <element name="roid" type="eppcom:roidType"/>
1698	      <element name="status" type="domain:statusType"
1699	       minOccurs="0" maxOccurs="11"/>
1700	      <element name="registrant" type="eppcom:clIDType"
1701	       minOccurs="0"/>
1702	      <element name="contact" type="domain:contactType"
1703	       minOccurs="0" maxOccurs="unbounded"/>
1704	      <element name="ns" type="domain:nsType"
1705	       minOccurs="0"/>
1706	      <element name="host" type="eppcom:labelType"
1707	       minOccurs="0" maxOccurs="unbounded"/>
1708	      <element name="clID" type="eppcom:clIDType"/>
1709	      <element name="crID" type="eppcom:clIDType"
1710	       minOccurs="0"/>
1711	      <element name="crDate" type="dateTime"
1712	       minOccurs="0"/>
1713	      <element name="upID" type="eppcom:clIDType"
1714	       minOccurs="0"/>
1715	      <element name="upDate" type="dateTime"
1716	       minOccurs="0"/>
1717	      <element name="exDate" type="dateTime"
1718	       minOccurs="0"/>
1719	      <element name="trDate" type="dateTime"
1720	       minOccurs="0"/>
1721	      <element name="authInfo" type="domain:authInfoType"
1722	       minOccurs="0"/>
1723	    </sequence>
1724	   </complexType>

1726	   <!--
1727	   Status is a combination of attributes and an optional
1728	   human-readable message that may be expressed in languages other
1729	   than English.
1730	   -->
1731	   <complexType name="statusType">
1732	    <simpleContent>
1733	      <extension base="normalizedString">
1734	        <attribute name="s" type="domain:statusValueType"
1735	         use="required"/>
1736	        <attribute name="lang" type="language"
1737	         default="en"/>
1738	      </extension>
1739	    </simpleContent>
1740	   </complexType>

1742	   <simpleType name="statusValueType">
1743	    <restriction base="token">
1744	      <enumeration value="clientDeleteProhibited"/>
1745	      <enumeration value="clientHold"/>
1746	      <enumeration value="clientRenewProhibited"/>
1747	      <enumeration value="clientTransferProhibited"/>
1748	      <enumeration value="clientUpdateProhibited"/>
1749	      <enumeration value="inactive"/>
1750	      <enumeration value="ok"/>
1751	      <enumeration value="pendingCreate"/>
1752	      <enumeration value="pendingDelete"/>
1753	      <enumeration value="pendingRenew"/>
1754	      <enumeration value="pendingTransfer"/>
1755	      <enumeration value="pendingUpdate"/>
1756	      <enumeration value="serverDeleteProhibited"/>
1757	      <enumeration value="serverHold"/>
1758	      <enumeration value="serverRenewProhibited"/>
1759	      <enumeration value="serverTransferProhibited"/>
1760	      <enumeration value="serverUpdateProhibited"/>
1761	    </restriction>
1762	   </simpleType>

1764	   <!--
1765	   Pending action notification response elements.
1766	   -->
1767	   <complexType name="panDataType">
1768	    <sequence>
1769	      <element name="name" type="domain:paNameType"/>
1770	      <element name="paTRID" type="epp:trIDType"/>
1771	      <element name="paDate" type="dateTime"/>
1772	    </sequence>
1773	   </complexType>
1774	   <complexType name="paNameType">
1775	    <simpleContent>
1776	      <extension base="eppcom:labelType">
1777	        <attribute name="paResult" type="boolean"
1778	         use="required"/>
1779	      </extension>
1780	    </simpleContent>
1781	   </complexType>

1783	   <!--
1784	   <renew> response elements.
1785	   -->
1786	   <complexType name="renDataType">
1787	   <sequence>
1788	    <element name="name" type="eppcom:labelType"/>
1789	    <element name="exDate" type="dateTime"
1790	     minOccurs="0"/>
1791	   </sequence>
1792	   </complexType>

1794	   <!--
1795	   <transfer> response elements.
1796	   -->
1797	   <complexType name="trnDataType">
1798	   <sequence>
1799	    <element name="name" type="eppcom:labelType"/>
1800	    <element name="trStatus" type="eppcom:trStatusType"/>
1801	    <element name="reID" type="eppcom:clIDType"/>
1802	    <element name="reDate" type="dateTime"/>
1803	    <element name="acID" type="eppcom:clIDType"/>
1804	    <element name="acDate" type="dateTime"/>
1805	    <element name="exDate" type="dateTime"
1806	     minOccurs="0"/>
1807	   </sequence>
1808	   </complexType>

1810	   <!--
1811	   End of schema.
1812	   -->
1813	   </schema>
1814	   END

1816	5.  Internationalization Considerations

1818	   EPP is represented in XML, which provides native support for encoding
1819	   information using the Unicode character set and its more compact
1820	   representations including UTF-8.  Conformant XML processors recognize
1821	   both UTF-8 and UTF-16 [RFC2781].  Though XML includes provisions to
1822	   identify and use other character encodings through use of an
1823	   "encoding" attribute in an <?xml?> declaration, use of UTF-8 is
1824	   RECOMMENDED in environments where parser encoding support
1825	   incompatibility exists.

1827	   All date-time values presented via EPP MUST be expressed in Universal
1828	   Coordinated Time using the Gregorian calendar.  XML Schema allows use
1829	   of time zone identifiers to indicate offsets from the zero meridian,
1830	   but this option MUST NOT be used with EPP.  The extended date-time
1831	   form using upper case "T" and "Z" characters defined in
1832	   [W3C.REC-xmlschema-2-20041028] MUST be used to represent date-time
1833	   values as XML Schema does not support truncated date-time forms or
1834	   lower case "T" and "Z" characters.

1836	   This document requires domain and host name syntax as specified in
1837	   [RFC0952] as updated by [RFC1123].  At the time of this writing, RFC
1838	   3490 [RFC3490] describes a standard to use certain ASCII name labels
1839	   to represent non-ASCII name labels.  These conformance requirements
1840	   might change as a result of progressing work in developing standards
1841	   for internationalized domain names.

1843	6.  IANA Considerations

1845	   This document uses URNs to describe XML namespaces and XML schemas
1846	   conforming to a registry mechanism described in [RFC3688].  Two URI
1847	   assignments have been registered by the IANA.

1849	   Registration request for the domain namespace:

1851	   URI: urn:ietf:params:xml:ns:domain-1.0

1853	   Registrant Contact: See the "Author's Address" section of this
1854	   document.

1856	   XML: None.  Namespace URIs do not represent an XML specification.

1858	   Registration request for the domain XML schema:

1860	   URI: urn:ietf:params:xml:schema:domain-1.0

1862	   Registrant Contact: See the "Author's Address" section of this
1863	   document.

1865	   XML: See the "Formal Syntax" section of this document.

1867	7.  Security Considerations

1869	   Authorization information as described in section 2.6 is REQUIRED to
1870	   create a domain object.  This information is used in some query and
1871	   transfer operations as an additional means of determining client
1872	   authorization to perform the command.  Failure to protect
1873	   authorization information from inadvertent disclosure can result in
1874	   unauthorized transfer operations and unauthorized information
1875	   release.  Both client and server MUST ensure that authorization
1876	   information is stored and exchanged with high-grade encryption
1877	   mechanisms to provide privacy services.

1879	   The object mapping described in this document does not provide any
1880	   other security services or introduce any additional considerations
1881	   beyond those described by [I-D.hollenbeck-rfc4930bis] and protocol
1882	   layers used by EPP.

1884	8.  Acknowledgements

1886	   This document was originally written as an individual submission
1887	   Internet-Draft.  The PROVREG working group later adopted it as a
1888	   working group document and provided many invaluable comments and
1889	   suggested improvements.  The author wishes to acknowledge the efforts
1890	   of WG chairs Edward Lewis and Jaap Akkerhuis for their process and
1891	   editorial contributions.

1893	   Specific suggestions that have been incorporated into this document
1894	   were provided by Joe Abley, Chris Bason, Eric Brunner-Williams,
1895	   Jordyn Buchanan, Dave Crocker, Ayesha Damaraju, Anthony Eden, Sheer
1896	   El-Showk, Klaus Malorny, Dan Manley, Michael Mealling, Patrick
1897	   Mevzek, Asbjorn Steira, Bruce Tonkin, and Rick Wesson.

1899	9.  References

1901	9.1.  Normative References

1903	   [I-D.hollenbeck-rfc4930bis]
1904	              Hollenbeck, S., "Extensible Provisioning Protocol (EPP)",
1905	              draft-hollenbeck-rfc4930bis-01 (work in progress),
1906	              May 2009.

1908	   [I-D.hollenbeck-rfc4932bis]
1909	              Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
1910	              Host Mapping", draft-hollenbeck-rfc4932bis-01 (work in
1911	              progress), May 2009.

1913	   [I-D.hollenbeck-rfc4933bis]
1914	              Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
1915	              Contact Mapping", draft-hollenbeck-rfc4933bis-01 (work in
1916	              progress), May 2009.

1918	   [RFC0952]  Harrenstien, K., Stahl, M., and E. Feinler, "DoD Internet
1919	              host table specification", RFC 952, October 1985.

1921	   [RFC1123]  Braden, R., "Requirements for Internet Hosts - Application
1922	              and Support", STD 3, RFC 1123, October 1989.

1924	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
1925	              Requirement Levels", BCP 14, RFC 2119, March 1997.

1927	   [RFC3688]  Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
1928	              January 2004.

1930	   [W3C.REC-xml-20040204]
1931	              Sperberg-McQueen, C., Maler, E., Yergeau, F., Paoli, J.,
1932	              and T. Bray, "Extensible Markup Language (XML) 1.0 (Third
1933	              Edition)", World Wide Web Consortium FirstEdition REC-xml-
1934	              20040204, February 2004,
1935	              <http://www.w3.org/TR/2004/REC-xml-20040204>.

1937	   [W3C.REC-xmlschema-1-20041028]
1938	              Beech, D., Thompson, H., Mendelsohn, N., and M. Maloney,
1939	              "XML Schema Part 1: Structures Second Edition", World Wide
1940	              Web Consortium Recommendation REC-xmlschema-1-20041028,
1941	              October 2004,
1942	              <http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>.

1944	   [W3C.REC-xmlschema-2-20041028]
1945	              Malhotra, A. and P. Biron, "XML Schema Part 2: Datatypes
1946	              Second Edition", World Wide Web Consortium
1947	              Recommendation REC-xmlschema-2-20041028, October 2004,
1948	              <http://www.w3.org/TR/2004/REC-xmlschema-2-20041028>.

1950	9.2.  Informative References

1952	   [RFC2781]  Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO
1953	              10646", RFC 2781, February 2000.

1955	   [RFC3490]  Faltstrom, P., Hoffman, P., and A. Costello,
1956	              "Internationalizing Domain Names in Applications (IDNA)",
1957	              RFC 3490, March 2003.

1959	   [RFC4931]  Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
1960	              Domain Name Mapping", RFC 4931, May 2007.

1962	Appendix A.  Changes from RFC 4931

1964	   1.   Changed "This document obsoletes RFC 3731" to "This document is
1965	        intended to obsolete RFC 4931".
1966	   2.   Replaced references to RFC 3731 with references to 4931.
1967	   3.   Replaced references to RFC 4930 with references to 4930bis.
1968	   4.   Replaced references to RFC 4932 with references to 4932bis.
1969	   5.   Replaced references to RFC 4933 with references to 4933bis.
1970	   6.   Updated description of inactive status in Section 2.3.
1971	   7.   Fixed example host names in the Section 1.1 and Section 3.2.1
1972	        examples.
1973	   8.   Changed "but such methods SHOULD NOT be used" to "but such
1974	        methods should not be used" in Section 2.7.
1975	   9.   Added "Other notification methods MAY be used in addition to the
1976	        required service message" in Section 3.2.
1977	   10.  Added 2201 response code text in Section 3.2.

1979	Author's Address

1981	   Scott Hollenbeck
1982	   VeriSign, Inc.
1983	   21345 Ridgetop Circle
1984	   Dulles, VA  20166-6503
1985	   US

1987	   EMail: shollenbeck@verisign.com