Internet Engineering Task Force                            S. Hollenbeck
Internet-Draft                                            VeriSign, Inc.
June 14, 2001                                 Expires: December 14, 2001

          Extensible Provisioning Protocol Transport Over TCP
                  <draft-ietf-provreg-epp-tcp-01.txt>

Status of this Memo

  This document is an Internet-Draft and is in full conformance with all
  provisions of Section 10 of RFC2026.

  Internet-Drafts are working documents of the Internet Engineering Task
  Force (IETF), its areas, and its working groups.  Note that other
  groups may also distribute working documents as Internet-Drafts.

  Internet-Drafts are draft documents valid for a maximum of six months
  and may be updated, replaced, or obsoleted by other documents at any
  time.  It is inappropriate to use Internet-Drafts as reference
  material or to cite them other than as "work in progress".

  The list of current Internet-Drafts can be accessed at
  http://www.ietf.org/ietf/1id-abstracts.txt

  The list of Internet-Draft Shadow Directories can be accessed at
  http://www.ietf.org/shadow.html.

Abstract

  This document describes how an Extensible Provisioning Protocol (EPP)
  session is mapped onto a single Transmission Control Protocol (TCP)
  connection.  This mapping requires use of the Transport Layer Security
  (TLS) Protocol to protect information exchanged between an EPP client
  and an EPP server.

Conventions Used In This Document

  The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
  "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
  document are to be interpreted as described in [RFC2119].











Hollenbeck             Expires December 14, 2001                [Page 1]


Internet-Draft             EPP TCP Transport               June 14, 2001


Table of Contents

  1. Introduction .................................................    3
  2. Session Management ...........................................    4
  3. Message Exchange .............................................    5
  4. Internationalization Considerations ..........................    6
  5. IANA Considerations ..........................................    6
  6. Security Considerations ......................................    6
  7. References ...................................................    7
  8. Author's Address .............................................    7
  A. Revisions From Previous Version ..............................    8
  B. Full Copyright Statement .....................................    9







































Hollenbeck             Expires December 14, 2001                [Page 2]


Internet-Draft             EPP TCP Transport               June 14, 2001


1. Introduction

  This document describes how the Extensible Provisioning Protocol (EPP)
  is mapped onto a single client-server TCP connection.  Security
  services beyond those defined in EPP are provided by the Transport
  Layer Security (TLS) Protocol [RFC2246].  EPP is described in [EPP].
  TCP is described in [RFC793].

  This document is being discussed on the "ietf-provreg" mailing list.
  To join the list, send a message to <majordomo@cafax.se> with the
  words "subscribe ietf-provreg" in the body of the message.  There is a
  web site for the list archives at http://www.cafax.se/ietf-provreg.







































Hollenbeck             Expires December 14, 2001                [Page 3]


Internet-Draft             EPP TCP Transport               June 14, 2001


2. Session Management

  Mapping EPP session management facilities onto the TCP service is
  straight forward.  An EPP session first requires creation of a TCP
  connection between two peers, one that initiates the connection
  request and one that responds to the connection request.  The
  initiating peer is called the "client", and the responding peer is
  called the "server".  An EPP server MUST listen for TCP connection
  requests on a standard TCP port.  TCP port 65000 should be used for
  development and testing purposes in the absence of a port assignment
  from IANA.

  The client MUST issue an active OPEN call, specifying the TCP port
  number on which the server is listening for EPP connection attempts.
  The server MUST respond with a passive OPEN call, which the client
  MUST acknowledge to establish the connection.  The EPP server MUST
  return an EPP <greeting> to the client after the TCP session has been
  established.

  An EPP session is nominally ended by the client issuing an EPP
  <logout> command.  A server receiving an EPP <logout> command MUST end
  the EPP session and close the TCP connection through an active CLOSE
  call.  The client MUST respond with a passive CLOSE call.

  A client MAY end an EPP session by issuing an active CLOSE call.  A
  server SHOULD respond with a passive CLOSE call.

  A server MAY limit the life span of an established TCP connection.
  EPP sessions that are inactive for more than a server-defined period
  MAY be ended by a server issuing an active CLOSE call.  A server MAY
  also close TCP connections that have been open and active for more
  than a server-defined period.

  Peers SHOULD respond to an active CLOSE call with a passive CLOSE
  call.  The closing peer MAY issue an ABORT call if the responding peer
  does not respond to the active CLOSE call.















Hollenbeck             Expires December 14, 2001                [Page 4]


Internet-Draft             EPP TCP Transport               June 14, 2001


3. Message Exchange

  With the exception of the EPP server greeting, EPP messages are
  initiated by the EPP client in the form of EPP commands.  An EPP
  server MUST return an EPP response to an EPP command on the same TCP
  connection that carried the command.  If the TCP connection is closed
  after a server receives and successfully processes a command but
  before the response can be returned to the client, the server MUST
  undo the effects of the command to ensure a consistent state between
  the client and the server.

  An EPP client streams EPP commands to an EPP server on an established
  TCP connection.  A client MAY establish multiple TCP connections to
  facilitate multiple command exchange channels.  A server MAY limit a
  client to a maximum number of TCP connections based on server
  capabilities and operational load.

  An EPP command MUST be a well-formed XML instance.  An EPP command
  begins with a RECOMMENDED XML declaration, followed by an <epp>
  element, EPP child elements, and ending with an </epp> element.  A
  server MUST receive data from a client until an </epp> element is
  received, signaling the end of a potentially well-formed XML instance.
  XML parsing and command processing begins after the server has
  received a complete XML instance.

  A server SHOULD impose a limit on the amount of time required for a
  client to issue a well-formed EPP command.  A server SHOULD end an EPP
  session and close an open TCP connection if a well-formed command is
  not received within the time limit.






















Hollenbeck             Expires December 14, 2001                [Page 5]


Internet-Draft             EPP TCP Transport               June 14, 2001


4. Internationalization Considerations

  This mapping does not introduce or present any internationalization
  issues.

5. IANA Considerations

  Mapping EPP onto TCP requires a TCP port assignment from IANA for
  public operation.  TCP port 3121 (a port number in the user port
  range) has been assigned by IANA for development and test purposes.  A
  system port will need to be assigned, and this user port assignment
  will need to be reclaimed, if this document advances to RFC status.

  System Port number XXX - TBA by IANA.

6. Security Considerations

  EPP as-is provides only simple client authentication services using
  identifiers and plain text passwords.  A passive attack is sufficient
  to recover client identifiers and passwords, allowing trivial command
  forgery.  Protection against most other common attacks must be
  provided by other layered protocols.

  EPP provides protection against replay attacks through command
  idempotency.  A replayed or repeated command will not change the state
  of any object in any way, though denial of service through consumption
  of connection resources is a possibility.

  When layered over TCP, the Transport Layer Security (TLS) Protocol
  described in [RFC2246] MUST be used to prevent eavesdropping,
  tampering, and command forgery attacks.  Implementations of TLS often
  contain a US-exportable cryptographic mode that SHOULD NOT be used to
  protect EPP.  Clients and servers desiring high security SHOULD
  instead use TLS with cryptographic algorithms that are less
  susceptible to compromise.

  Mutual client and server authentication using the TLS Handshake
  Protocol is REQUIRED.  EPP service MUST NOT be granted until
  successful completion of a TLS handshake, ensuring that both client
  and server have been authenticated and cryptographic protections are
  in place.

  EPP TCP servers are vulnerable to common TCP denial of service attacks
  including TCP SYN flooding.  Servers SHOULD take steps to minimize the
  impact of a denial of service attack using combinations of easily
  implemented solutions, such as deployment of firewall technology and
  border router filters to restrict inbound server access to known,
  trusted clients.



Hollenbeck             Expires December 14, 2001                [Page 6]


Internet-Draft             EPP TCP Transport               June 14, 2001


7. References

  [EPP] S. Hollenbeck: "Extensible Provisioning Protocol", work in
  progress.

  [RFC793] J. Postel: "Transmission Control Protocol", STD 7, RFC 793,
  September 1981.

  [RFC2119] S. Bradner: "Key Words for Use in RFCs to Indicate
  Requirement Levels", BCP 14, RFC 2119, March 1997.

  [RFC2246] T. Dierks and C. Allen: "The TLS Protocol Version 1.0", RFC
  2246, January 1999.

8. Author's Address

  Scott Hollenbeck
  VeriSign Global Registry Services
  21345 Ridgetop Circle
  Dulles, VA 20166-6503
  USA
  shollenbeck@verisign.com





























Hollenbeck             Expires December 14, 2001                [Page 7]


Internet-Draft             EPP TCP Transport               June 14, 2001


A. Revisions From Previous Version

  -00 to -01:

  Modified the IANA Considerations section to note temporary TCP user
  port assignment.













































Hollenbeck             Expires December 14, 2001                [Page 8]


Internet-Draft             EPP TCP Transport               June 14, 2001


B. Full Copyright Statement

  Copyright (C) The Internet Society 2001.  All Rights Reserved.

  This document and translations of it may be copied and furnished to
  others, and derivative works that comment on or otherwise explain it
  or assist in its implementation may be prepared, copied, published and
  distributed, in whole or in part, without restriction of any kind,
  provided that the above copyright notice and this paragraph are
  included on all such copies and derivative works.  However, this
  document itself may not be modified in any way, such as by removing
  the copyright notice or references to the Internet Society or other
  Internet organizations, except as needed for the purpose of developing
  Internet standards in which case the procedures for copyrights defined
  in the Internet Standards process must be followed, or as required to
  translate it into languages other than English.

  The limited permissions granted above are perpetual and will not be
  revoked by the Internet Society or its successors or assigns.

  This document and the information contained herein is provided on an
  "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
  TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
  NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN
  WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
  MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

  Funding for the RFC Editor function is currently provided by the
  Internet Society.




















Hollenbeck             Expires December 14, 2001                [Page 9]