Extensible Provisioning Protocol (EPP) Secure Authorization Information for Transfer
RFC 9154

Received changes through RFC Editor sync (created alias RFC 9154, changed abstract to 'The Extensible Provisioning Protocol (EPP) (RFC 5730) defines the use of authorization information to authorize a transfer of an EPP object, such as a domain name, between clients that are referred to as "registrars".  Object-specific, password-based authorization information (see RFCs 5731 and 5733) is commonly used but raises issues related to the security, complexity, storage, and lifetime of authentication information.  This document defines an operational practice, using the EPP RFCs, that leverages the use of strong random authorization information values that are short lived, not stored by the client, and stored by the server using a cryptographic hash that provides for secure authorization information that can safely be used for object transfers.', changed pages to 22, changed standardization level to Proposed Standard, changed state to RFC, added RFC published event at 2021-12-30, changed IESG state to RFC Published)