Skip to main content

EPP Registrant Security Problem Statement

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Patrik Wallstrom
Last updated 2014-07-24 (Latest revision 2014-01-20)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document collects a number of requirements on securing the provisioning of DNS data between a Registrant and a Registry. The most common attack in the chain of Registrant-Registrar-Registry is to inject false information into the Registrar system, which in turn forwards the injected data to the Registry using EPP, the Extensible Provisioning Protocol.


Patrik Wallstrom

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)