| Internet-Draft | RPP Data Objects | October 2025 |
| Kowalik & Wullink | Expires 23 April 2026 | [Page] |
This document defines data objects for the Registry Provisioning Protocol (RPP) and sets up IANA RPP Data Object Registry to describe and catalogue them. Specifically, it details the logical structure, constraints, and protocol operations (including their inputs and outputs) for foundational resources: domain names, contacts, and hosts. In accordance with the RPP architecture [I-D.kowalik-rpp-architecture], these definitions focus entirely on the semantics, remaining independent of any specific data representation or media type (e.g., JSON or XML).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 23 April 2026.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The Registry Provisioning Protocol (RPP) defines a set of data objects used to represent and manage foundational registry resources, including domain names, contacts, and hosts. This initial list is not exhaustive; additional resource and component objects MAY be defined in future revisions or introduced via IANA registration to support new features and operational needs.¶
In accordance with the RPP architecture [I-D.kowalik-rpp-architecture], a core architectural principle is the clear distinction between the abstract data model and its concrete data representation. The data model defines the logical structure, relationships, and constraints of the objects, independent of formatting. The data representation defines how these abstract concepts are expressed in specific formats (e.g., JSON, XML, or YAML).¶
This document focuses on the data model of RPP objects and operations on them, including the data model of operation inputs and outputs. This separation of concerns ensures the protocol maintains a stable semantic foundation that can be consistently implemented across different media types and easily adapted to new representation formats. For instance, the model defines a contact's name as a required string type, but it remains agnostic as to whether that string is ultimately encoded as a JSON property or an XML element.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
Each data object is composed of logical data elements. A data element is a logical unit of information identified by a stable name, independent of its representation in any given media type. The definition for each element specifies its logical name, purpose, cardinality, data type, and constraints.¶
The set of data elements for a given data object is extensible. New data elements, associations or operations MAY be defined and registered with IANA in order for the data object to support new features.¶
The definition of each data element within an object consists of the following attributes:¶
Cardinality: Specifies the number of times an element may appear. The notation is as follows:¶
Mutability: Defines the lifecycle of the data element's value. It MUST be one of the following:¶
For each data object a set of possible operations is defined together with their respective input and output data.¶
For the typical set of Create, Read, Update and Delete operations the following set of input and output data model is specified on top of additional transient input data, unless an operation for the specific object tells otherwise.¶
The output representation MAY vary depending on the identity of the querying client, use of object authorisation information, and server policy towards unauthorized clients. If the querying client is the sponsoring client, all available information MUST be returned. If the querying client is not the sponsoring client but the client provides valid object authorisation information, all available information SHOULD be returned, however some optional elements MAY be reserved to the sponsoring client only. If the querying client is not the sponsoring client and the client does not provide valid object authorisation information, server policy determines which OPTIONAL elements are returned, if any, or whether the entire request is rejected.¶
For all other operations both input and output representation have to be fully specified.¶
RPP is designed to coexist with the Extensible Provisioning Protocol (EPP), often operating in parallel against a common backend provisioning system. While RPP is not inherently constrained by all of EPP's requirements, a specific set of rules is necessary to ensure seamless interoperability in such mixed environments.¶
To address this, this document defines an "EPP Compatibility Profile". This profile specifies a set of additional constraints on RPP data objects and operations that a server MUST adhere to when supporting both RPP and EPP concurrently.¶
Throughout this document, all constraints that are part of this profile are explicitly marked with a reference to "EPP Compatibility Profile". Implementers of systems in a mixed EPP/RPP environment MUST follow these specific constraints in addition to the base RPP requirements.¶
This section defines data types and structures that are re-used across multiple data object definitions.¶
Identifiers are character strings with a specified minimum length, a specified maximum length, and a specified format outlined in Section 2.8 of [RFC5730]. Identifiers for certain object types MAY have additional constraints imposed either by server policy, object specific specifications or both.¶
Date and time attribute values MUST be represented in Universal Coordinated Time (UTC) using the Gregorian calendar using date-time form as defined in [RFC3339]. In EPP Compatibility Profile upper case "T" and "Z" characters MUST be used.¶
Client identifiers are character strings with a specified minimum length, a specified maximum length, and a specified format. Contact identifiers use the "clIDType" client identifier syntax described in [RFC5730].¶
Telephone number syntax is derived from structures defined in [ITU.E164.2005]. Telephone numbers described in this specification are character strings that MUST begin with a plus sign ("+", ASCII value 0x002B), followed by a country code defined in [ITU.E164.2005], followed by a dot (".", ASCII value 0x002E), followed by a sequence of digits representing the telephone number. An optional "x" (ASCII value 0x0078) separator with additional digits representing extension information can be appended to the end of the value.¶
RPP allows for different types of associations (relationship) between the objects. The association may be added between 2 objects with own indpendent lifecycle (UML aggregation) or in the relation when one object's existance and lifecycle is bound to the other parent/owner object (UML composition). In both cases, especially if the relation allows for cardinality higher than one on either side, the association may be assigned additional attributes, not being part of an object on either side of relation. In many cases such relation would be attributed with a single text string label, describing a role or a type of relation. Depending on the context this value might be unique, which allows using such label as a key in a dictionary.¶
The following generic Association Types are defined for RPP:¶
Notation: Aggregation[Type]¶
A relation between two independent objects.¶
If the cardinality of target object is more than 1, this represents an ordered array. It MUST assured that the same unchanged data is always inserted in the same order in order to allow stable reference by position to data elements. In case of data insertions, deletions or updates the remaining of the data SHALL preserve its order.¶
Notation: Composition[Type] or Type¶
A relation between an independent parent object and 1 or more dependent child object(s).¶
If the cardinality of target object is more than 1, this represents an ordered array. It MUST assured that the same unchanged data is always inserted in the same order in order to allow stable reference by position to data elements. In case of data insertions, deletions or updates the remaining of the data SHALL preserve its order.¶
Notation: LabelledAggregation[Type]¶
A relation between two independent object with single text string attribute. Multiple associations with the same label are allowed.¶
A type defining such association MUST define Label Description with semantics of the label and Label Constraints with constraints related to the label.¶
Notation: AggregationDictionary[Type]¶
A relation between two independent object with single text string attribute. Only single association with the same label is allowed allowing it to be used as dictionary key.¶
A type defining such association MUST define Label Description with semantics of the label and Label Constraints with constraints related to the label.¶
Notation: LabelledComposition[Type]¶
A relation between an independent parent object and a dependent child object with single text string attribute. Multiple associations with the same label are allowed.¶
A type defining such association MUST define Label Description with semantics of the label and Label Constraints with constraints related to the label.¶
Notation: CompositionDictionary[Type]¶
A relation between an independent parent object and a dependent child object with single text string attribute. Only single association with the same label is allowed allowing it to be used as dictionary key.¶
A type defining such association MUST define Label Description with semantics of the label and Label Constraints with constraints related to the label.¶
This section defines common objects that are re-used in the definitions of top-level data objects. Component objects carry only data but do not define any operations.¶
Data Elements:¶
Label¶
Constraints:
¶
Reason¶
Due¶
The following data elements are defined for the Domain Name Data Object.¶
Name¶
Constraints:¶
Repository ID¶
Status¶
Registrant¶
Contacts¶
Nameservers¶
DNS¶
Constraints:¶
Subordinate Hosts¶
Sponsoring Client ID¶
Creating Client ID¶
Creation Date¶
Updating Client ID¶
Update Date¶
Expiry Date¶
Transfer Date¶
Authorisation Information¶
The Create operation allows a client to provision a new Domain Name resource. The operation accepts as input all create-only and read-write data elements defined for the Domain Name Data Object.¶
Authorisation:¶
In addition, the following transient data element is defined for this operation:¶
The Read operation allows a client to retrieve the data elements of a Domain Name resource. The server's response MAY vary depending on client authorisation and server policy.¶
The following transient data elements are defined for this operation:¶
The Delete operation allows a client to remove an existing Domain Name resource. The operation targets a specific data object identified by its name.¶
The server SHOULD reject a delete request if subordinate host objects are associated with the domain name.¶
The error response SHOULD indicate the related subordinate host objects.¶
The Renew operation allows a client to extend the validity period of an existing Domain Name resource. The operation targets a specific data object identified by its name.¶
Authorisation:¶
The following transient data elements are defined for this operation:¶
Current Expiry Date¶
Renewal Period¶
expiryDate. The default value MAY be defined by server policy. The number of units available MAY be subject to limits imposed by the server.¶
The following data elements are defined for the Domain Name Data Object.¶
Handle ID¶
Repository ID¶
Postal Information¶
Voice Phone Number¶
Fax Phone Number¶
E-mail¶
Status¶
Constraints:¶
Constraints: Possible combinations of Domain Status Labels is specified in Section 2.2 of [RFC5733]¶
The value MUST be one of the status tokens defined in the IANA registry for domain statuses.¶
The initial value list MAY be as defined in [RFC5733]. In this case the values MUST have the same semantics.¶
Sponsoring Client ID¶
Creating Client ID¶
Creation Date¶
Updating Client ID¶
Update Date¶
Transfer Date¶
Authorisation Information¶
Disclose¶
A Host Data Object represents a name server that provides DNS services for a a domain name.¶
The following data elements are defined for the Host Data Object.¶
Host Name¶
DNS Resource Records¶
Status¶
This document establishes the "Registry Provisioning Protocol (RPP) Data Object Registry". This registry serves as a definitive, hierarchical catalogue of all data objects, component objects, data elements, and operations used within RPP.¶
The policy for adding new objects, data elements, or operations to this registry is "Specification Required" [RFC8126].¶
The registry is organised as a collection of Object definitions. Each Object definition MUST include:¶
A header containing the Object Identifier, Object Name, Object Type (Resource or Component), a brief description, and a reference to its defining specification.¶
A "Data Elements" table listing all persisted data elements associated with the object. Each entry MUST specify the element's Identifier, Name, Cardinality, Mutability, Data Type, and description.¶
If applicable, an "Operations" section. For each operation, the registry MUST provide:¶
The initial contents of the RPP Data Object Registry are defined below.¶
Object: period¶
Object Name: Period Object¶
Object Type: Component¶
Description: Represents a duration of time.¶
Reference: [This-ID]¶
Data Elements¶
| Element Identifier | Element Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| value | Value | 1 | read-write | Integer | The numeric value of the period. |
| unit | Unit | 1 | read-write | String | The unit of the period. |
Object: nameserver¶
Object Name: Nameserver Object¶
Object Type: Component¶
Description: Represents a single nameserver.¶
Reference: [This-ID]¶
Data Elements¶
| Element Identifier | Element Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| hostName | Host Name | 1 | read-write | String | The name of the host. |
| dns | DNS Resource Records | 0+ | read-write | Composition[DNS Resource Record] | DNS Resource Records related to the host. |
Object: dnsrr¶
Object Name: DNS Resource Record¶
Object Type: Component¶
Description: Represents a DNS Entry.¶
Reference: [This-ID]¶
Data Elements¶
| Element Identifier | Element Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| hostNamelabel | Label | 1 | read-write | String | DNS entry label. |
| type | Type | 1 | read-write | String | DNS entry type. |
| data | Data | 1 | read-write | String | DNS entry value. |
| ttl | TTL | 1 | read-write | Number | TTL value for a reource record. |
Object: authInfo¶
Object Name: Authorisation Information¶
Object Type: Component¶
Description: Contains authorisation credentials for an operation.¶
Reference: [This-ID]¶
Data Elements¶
| Element Identifier | Element Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| method | Method | 1 | create-only | String | The identifier of the RPP authorisation method. |
| authdata | Authorisation Information | 1 | create-only | String | The value of the authorisation information. It might be as simple as password string, but also more complex values like public key certificates or tokens encoded as string are possible. |
Object: domainStatus¶
Object Name: Status Object¶
Object Type: Component¶
Description: Represents one of the status values associated with the provisioning object.¶
Reference: [This-ID]¶
Data Elements¶
| Element Identifier | Element Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| label | Label | 1 | create-only | String | machine-reasible enum label of a status |
| reason | Reason | 0-1 | create-only | String | a human-readable text that describes the rationale for the status applied to the object. |
| due | Due | 0-1 | read-write | Timestamp | a timestamp, when this status is going to be removed automatically, or changed to other status. This field can be used to expresse lifecycle related information |
Object: domainName¶
Object Name: Domain Name Data Object¶
Object Type: Resource¶
Description: Represents a domain name and its associated data.¶
Reference: [This-ID]¶
Data Elements¶
| Identifier | Name | Card. | Mutability | Data Type | Description |
|---|---|---|---|---|---|
| name | Name | 1 | create-only | String | The fully qualified name of the domain object. |
| repositoryId | Repository ID | 0-1 | read-only | Identifier | A server-assigned unique identifier for the object. |
| status | Status | 0+ | read-only | Status Object | The current status descriptors for the domain. |
| registrant | Registrant | 0-1 | read-write | Contact Object | The registrant contact ID. |
| contacts | Contacts | 0+ | read-write | LabelledAggregation [Contact Object] | Associated contact objects. |
| nameservers | Nameservers | 0+ | read-write | Composition[Host Data Object] or Aggregation[Host Data Object] | A collection of nameservers associated with the domain. |
| dns | DNS | 0+ | read-write | Composition[DNS Resource Record] | A collection of DNS entries related to the domain name. |
| subordinateHosts | Subordinate Hosts | 0+ | read-only | Aggregation [Host Object] | Subordinate host names. |
| sponsoringClientId | Sponsoring Client ID | 1 | read-only | Client Identifier | The current sponsoring client ID. |
| creatingClientId | Creating Client ID | 0-1 | read-only | Client Identifier | The client ID that created the object. |
| creationDate | Creation Date | 0-1 | read-only | Timestamp | Creation timestamp. |
| updatingClientId | Updating Client ID | 0-1 | read-only | Client Identifier | The client ID that last updated the object. |
| updateDate | Update Date | 0-1 | read-only | Timestamp | The timestamp of the last update. |
| expiryDate | Expiry Date | 0-1 | read-only | Timestamp | Expiry timestamp. |
| transferDate | Transfer Date | 0-1 | read-only | Timestamp | The timestamp of the last successful transfer. |
| authInfo | Authorisation Info | 0-1 | read-write | authInfo | Authorisation information for the object. |
Operations¶
Operation: Create¶
Description: Provisions a new Domain Name resource.¶
Parameters¶
| Identifier | Name | Card. | Data Type | Description |
|---|---|---|---|---|
| period | Registration Period | 0-1 | period | The initial registration period for the domain name. |
Operation: Read¶
Description: Retrieves the data elements of a Domain Name resource.¶
Parameters¶
| Identifier | Name | Card. | Data Type | Description |
|---|---|---|---|---|
| hostsFilter | Hosts Filter | 0-1 | String | Controls which host information is returned. |
| queryAuthInfo | Query Authorisation Information | 0-1 | authInfo | Credentials to authorise access to full object data. |
Operation: Delete¶
Description: Removes an existing Domain Name resource.¶
Parameters: (None)¶
Operation: Renew¶
Description: Extends the validity period of a Domain Name resource.¶
Parameters¶
| Identifier | Name | Card. | Data Type | Description |
|---|---|---|---|---|
| currentExpiryDate | Current Expiry Date | 1 | Timestamp | The expected current expiry date, for validation. |
| renewalPeriod | Renewal Period | 0-1 | period | The duration to add to the registration period. |
Security Considerations¶