Internet-Draft | Abbreviated Title | July 2021 |
Yee & Galvin | Expires 13 January 2022 | [Page] |
Domain name registries (the producer) and registrars (the consumer) report to each other by sharing bulk information through files. This document creates two IANA registries to establish a standard reporting mechanism between domain name registries and registrars. The first IANA registry lists standard data elements and their syntax for inclusion in the files. The second IANA registry lists standard reports based on the standard data elements. Each report is a file formatted as a CSV file. The advantage of this reporting mechanism is that a report, each file, can be imported by recipients without any prior knowledge of their contents, although reporting is enhanced with a minimum of knowledge about the files. The mechanism for the distribution of and access of the files is a matter of local policy.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 13 January 2022.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
Currently, domain name registry operators (the producer) create and set their own domain name registration reports for use by their registrars (the consumer). Among the distinctions that vary by producer is the syntax of the data provided, e.g., date formats, and the format of the collection of the data provided, e.g., the report may be a CSV file that tends to allow for straightforward importation or a PDF file that can be problematic to import. In addition, although there are a number of best practice reports that have evolved, these are not currently documented as such, which results in a fair amount of customization on the part of the consumers to import data.¶
This document standardizes the name and syntax of the data elements to be used across all existing domain name registration reports and creates an IANA registry of them to facilitate their evolution, including adding additional data elements as needed. In addition, a known set of existing standard reports using the aforementioned data elements is specified in another IANA registry to facilitate the evolution of the reports and adding additional report definitions as needed.¶
Each report definition MUST use only the data elements defined in the data element aforementioned data element registry, including all future reports. Note that a produced report MAY include data elements that are not registered, as specified below. Future reports and future data elements may be specified in their own individual documents, updating the IANA registries as needed.¶
The mechanism for the distribution aof and access to the files is a matter of local policy.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
Data elements are grouped into categories for convenience. There is no other significance to the groupings.¶
Each data element conceptually represents the column heading in a printed report. It is a single unit of information that can be passed from the producer to the consumer. The primary purposes of the IANA registry of data elements are to ensure that each data element is assigned a unique name and that the syntax of each data element is specified.¶
The name of the data element MUST be unique and this characteristic MUST be enforced by the registry. The name is used in the report definition (in the next section) to alert the consumer as to what to expect in the file and how to import the data element. Character encoding recommendation for data elements is specified in Section 7.¶
The subsections below comprise an initial list of known data elements commonly being used between producers and consumers as of the date of publication of this document. The title of the subsection is the data element name for the data element. Data element names in the IANA registry MUST be unique and MUST be processed as case insensitive.¶
The string of the top level domain involved that MUST be in A-label format as defined by RFC 5890 [RFC5890].¶
The transaction identifier issued by an EPP Server. The format MUST conform to "type:trIDStringType" as specified in RFC 5730 [RFC5730].¶
This is the domain name in an EPP RFC 5731 [RFC5731] domain object and it MUST be in A-Label format.¶
The type of transform action made to the domain object (create, delete, update, transfer, renew) as specified in RFC 5730 [RFC5730] Section 2.9.3.¶
The object type involved in the report. In the EPP environment, an object could be domain RFC 5731 [RFC5731], contact RFC 5733 [RFC5733], or host RFC 5732 [RFC5732].¶
The timestamp of the transaction recorded in the system. Dates and Times MUST be expressed as defined in RFC 5731 [RFC5731] Section 2.4.¶
The number of units added to the domain registration period in <domain:period> RFC 5731 [RFC5731] in create, renew or transfer transforms. If there is no <domain:period>, the default value set out-of-band by the registry should be used.¶
The amount of money charged or returned (shown as a negative value) to the registrar. The numeric format MUST conform to the currency specified below in Section 2.1.9. The format must conform to "balanceType" as defined in RFC 8748 [RFC8748].¶
The currency used in the money charged as documented above in Section 2.1.8. The currency code should follow the ISO 4217 [ISO4217] standard.¶
The status of the domain object. It MUST be one of the values specified in RFC 5731 [RFC5731] Section 2.3.¶
The name of the registrar. This data element is text/string with no naming convention enforced.¶
The type of time (year, month) in 'Term' described above in Section 2.1.7. The value of 'year' and 'month' are referenced to pUnitType value 'y' and 'm' respectively. pUnitType is specified in RFC 5731 [RFC5731].¶
Additional information regarding the current entry in the report. It is provided by the producer and its actual value is a matter of local policy. This data element is text/string with no naming convention enforced.¶
The fee charged to create the domain. The format must conform to "balanceType" as defined in RFC 8748 [RFC8748].¶
The fee charged to renew the domain. The format must conform to "balanceType" as defined in RFC 8748 [RFC8748].¶
The fee charged to transfer the domain. The format must conform to "balanceType" as defined in RFC 8748 [RFC8748].¶
The fee charged to restore the domain. The format must conform to "balanceType" as defined in RFC 8748 [RFC8748].¶
The timestamp of when the domain object becomes available. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of when the domain was deleted. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of when the domain will complete its redemption grace period. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of when the domain will be purged and become available again. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of the last time the domain object was updated. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of when the domain object was allocated. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The timestamp of when the domain object will expire. The date and time format follows the "type=dateTime" specification as defined in RFC 5731 [RFC5731].¶
The identifier assigned to the registrar. If the registrar is accredited under ICANN, it MUST be the registrar's IANA ID [IANA_Registrar_IDs]. Otherwise it is a value known between the producer and the consumer, set via an out-of-band mechanism and unique within all reports of the producer.¶
The identifier, issued by EPP server, assigned to the contact object that is associated as registrant of the domain name that MUST conform to "clIDType" specified in RFC 5730 [RFC5730].¶
The value MUST be either 'YES' or 'NO' to indicate whether the domain is DNSSEC signed.¶
The identifier of the contact object assigned by the registry system and MUST conform to "clIDType" specified in RFC 5730 [RFC5730].¶
The value MUST be one of value as defined by "contactAttrType" in RFC 5731 [RFC5731].¶
The name of the contact object. Usually it is the name of an individual or an organization as described in RFC 5733 [RFC5733] Section 2.3.¶
The value MUST be either "YES" or "NO" to indicate whether the contact object is associated with a domain object.¶
The full domain name of the host object as defined in RFC 5732 [RFC5732] Section 2.1. The name MUST be in A-label format as defined by RFC5890 [RFC5890].¶
The IP address of the host object. The syntax of the IPv4 address MUST conform to RFC 791 [RFC0791]. The syntax of the IPv6 address MUST conform to RFC 4291 [RFC4291].¶
The identifier of the contact object assigned by the registrar and MUST conform to "clIDType" specified in RFC 5730 [RFC5730].¶
Each report specification conceptually represents a file of comma separated values [RFC4180] (commonly called a CSV file) where the values are selected from the data elements specified above. The first row of the file is a comma separated list of data element names as specified in the data element registry. The remaining rows of the file are the unordered sets of data elements, one set per row, where each row is one transaction in the report.¶
Each data element in a set conceptually represents the column heading in a printed report.¶
A consumer MUST be able to receive data elements that are not recognized and MAY skip them accordingly, both in the header row and in the transaction rows.¶
A report is specified in the report registry with two pieces of information. First is the name of the report. This can be whatever is appropriate as defined by the producer of the report. The name of the report MUST be unique and this characteristic MUST be enforced by registry.¶
Second is the ordered list of data element names of what is included in the report. The data element names MUST be listed in the data element registry specified above. The data element names and the data MUST appear in the report in the order listed in the report registry.¶
The subsections below comprise an initial list of standard reports commonly being used between producers and consumers as of the date of publication of this document. The title of the subsection is the report name. The report name in the IANA registry MUST be unique and MUST be processed as case insensitive.¶
Name of report: domain_transaction¶
Data Element | Reference |
---|---|
TLD | RFC XXXX Section 2.1.1 |
Server_TRID | Section 2.1.2 |
Domain | Section 2.1.3 |
DateTime | Section 2.1.6 |
Registrar_ID | Section 2.4.1 |
Registrar | Section 2.1.11 |
Transaction_Type | Section 2.1.4 |
Period | Section 2.1.12 |
Term | Section 2.1.7 |
Fee | Section 2.1.8 |
Currency | Section 2.1.9 |
Description | Section 2.1.13 |
Name of report: domain_rgp¶
Data Element | Reference |
---|---|
TLD | RFC XXXX Section 2.1.1 |
Domain | Section 2.1.3 |
Deleted_Date | Section 2.3.2 |
RGP_Date | Section 2.3.3 |
Purge_Date | Section 2.3.4 |
Name of report: reserved_domain¶
Data Element | Reference |
---|---|
TLD | RFC XXXX Section 2.1.1 |
Domain | Section 2.1.3 |
Status | Section 2.1.10 |
Name of report: domain_inventory¶
Data Element | Reference |
---|---|
TLD | RFC XXXX Section 2.1.1 |
Domain | Section 2.1.3 |
Updated_Date | Section 2.3.5 |
Registrar_ID | Section 2.4.1 |
Create_Date | Section 2.3.6 |
Expiry_Date | Section 2.3.7 |
Server_Registrant_ID | Section 2.4.2 |
DNSSEC | Section 2.4.3 |
Status | Section 2.1.10 |
Name of report: contact_inventory¶
Data Element | Reference |
---|---|
Server_Contact_ID | Section 2.4.4 |
Client_Contact_ID | Section 2.4.10 |
TLD | Section 2.1.1 |
Domain | Section 2.1.3 |
Contact_Type | Section 2.4.5 |
Contact_Name | Section 2.4.6 |
Updated_Date | Section 2.3.5 |
INUSE | Section 2.4.7 |
Registrar_ID | Section 2.4.1 |
Name of report: host_inventory¶
Data Element | Reference |
---|---|
TLD | RFCXXXX Section 2.1.1 |
Nameserver_Host | Section 2.4.8 |
Nameserver_IP | Section 2.4.9 |
This section describes the format of the IANA Registration Report Registry, which has two tables described below, and the procedures used to populate and manage the registry entries.¶
This registry uses the "Specification Required" policy described in RFC 8126 [RFC8126]. An English language version of the extension specification is required in the registry, though non-English versions of the specification may also be provided.¶
The "Specification Required" policy implies review by a "designated expert". Section 5.2 of RFC 8126 [RFC8126] describes the role of designated experts and the function they perform.¶
A high-level description of the role of the designated expert is described in Section 5.2 of RFC 8126 [RFC8126]. Specific guidelines for the appointment of designated experts and the evaluation of a Registration Report is provided here.¶
The IESG SHOULD appoint a small pool of individuals (perhaps 3 - 5) to serve as designated experts, as described in Section 5.2 of RFC 8126 [RFC8126]. The pool should have a single administrative chair who is appointed by the IESG. The designated experts should use the existing regext mailing list (regext@ietf.org) for public discussion of registration requests. This implies that the mailing list should remain open after the work of the REGEXT working group has concluded.¶
The results of the evaluation should be shared via email with the registrant and the regext mailing list. Issues discovered during the evaluation can be corrected by the registrant, and those corrections can be submitted to the designated experts until the designated experts explicitly decide to accept or reject the registration request. The designated experts must make an explicit decision and that decision must be shared via email with the registrant and the regext mailing list. If the specification for a data element or report is an IETF Standards Track document, no review is required by the designated expert.¶
Designated experts should be permissive in their evaluation of requests for data elements and reports that have been implemented and deployed by at least one registry. This implies that it may indeed be possible to register multiple data elements or reports that provide the same functionality. Requests to register data elements or reports that have not been deployed should be evaluated with a goal of reducing duplication. A potential registrant who submits a request to register a new data element or report that includes similar functionality to existing data elements or reports should be made aware of the existing data elements and reports. The registrant should be asked to reconsider their request given the existence of similar data elements or reports. Should they decline to do so, perceived similarity should not be a sufficient reason for rejection as long as all other requirements are met.¶
The registry contains information describing each registered data element or report. Registry entries are created and managed by sending forms to IANA that describe the data element or report for the registry entry.¶
The required information must be formatted consistently using the following registration form. Form field names and values may appear on the same line.¶
Registrants should send each registration form to IANA with a single record for incorporation into the registry. Send the form via email to iana@iana.org or complete the online form found on the IANA web site. The subject line should indicate whether the enclosed form represents an insertion of a new record (indicated by the word "INSERT" in the subject line) or a replacement of an existing record (indicated by the word "MODIFY" in the subject line). At no time can a record be deleted from the registry. On receipt of the registration request, IANA will initiate review by the designated expert(s) if appropriate, who will evaluate the request using the criteria in Section 4.1.1 in consultation with the regext mailing list.¶
When submitting changes to existing registry entries, include text in the "Notes" field of the registration form describing the change. Under normal circumstances, registry entries are only to be updated by the registrant. If the registrant becomes unavailable or otherwise unresponsive, the designated expert can submit a registration form to IANA to update the registrant information. Entries can change state from "Active" to "Inactive" and back again as long as state-change requests conform to the processing requirements identified in this document. In addition to entries that become "Inactive" due to a lack of implementation, entries for which a specification becomes consistently unavailable over time should be marked "Inactive" by the designated expert until the specification again becomes reliably available.¶
This specification does not consider the issues of distribution or access to the reports that are created and thus does not introduce any new security security concerns that are not already present in the local environment in which the report is created.¶
A security principle to keep in mind as new reports are developed is that it is considered a bad practice to report or disclose security information. In the case of the registration system upon which this reporting mechanism is based, the authInfo code is a specific example of a data element that SHOULD NOT be included in a report.¶
This specification defines a mechanism for creating reports based on data in a registration system. Some of that data is likely to be considered personally identifiable information (PII) and thus would be subject to privacy protection according to an applicable privacy regulation. It is outside the scope of this specification to address those specific concerns. Implementors are urged to consider these issues with their local legal authority and develop appropriate requirements for their work.¶
As expressly noted in the Introduction, distribution of and access to the reports created by this specification is expressly outside the scope of this specification. However, to the extent a report contains PII, implementors are urged to consider these issues with their local legal authority and develop appropriate requirements for their work.¶
The character encoding for the file contents MUST use UTF-8.¶
Throughout this document A-LABEL is indicated as a SHOULD and that MUST be interpreted as follows. All domain name labels MUST be in A-LABEL format if it is possible to represent it as an A-LABEL, otherwise U-LABEL MAY be used.¶
The authors would like to thank Roger Carney, Jody Kolker, and bestpractice.domains for their reviews and suggestions.¶
TBD on file naming convention suggestion¶