Below we outline the constants and explain some system limitations that exist in the EPP system.
EPP interface and EPP sessions
| System constants | Notes |
|---|---|
| 1200, 900, 300 | Maximum number of commands in a single EPP session. A session will be disconnected by the EPP server if the number of EPP operations within a single session reaches 1200. This is due to considerations of resources and robustness. In practice, the situation is a little bit more complicated, because a session may also be disconnected at 900 operations. An EPP session is processed in an apache thread. The system is designed so that a thread may be reused if it has processed less than 300 operations. Therefore, a new session may get a reused thread that has already performed up to 300 requests, and therefore only has 900 left before it hits the maximum limit of 1200. |
| 120 | Timeout period for inactive session (in seconds). A session will be disconnected by the EPP server if it is inactive for 120 seconds. This is due to considerations of resources and robustness. |
| 0, 9 | 0: Minimum number of active EPP sessions per registrar account 9: Maximum number of active EPP sessions per registrar account The standard value is 1. |
EPP interface and EPP system
| System constants | Notes |
|---|---|
| 21 | Timeout period (days) for service messages in EPP message queue. A registrar is expected to poll their message queue regularly. Messages not polled within 21 days are automatically signed out of the system. We then assume the registrar does not need the message, and it is signed out automatically to prevent the queues from becoming too long. |
| 4 | Maximum number of IP addresses for a name server. |
| 1 | Maximum number of technical contacts for a name server. |
| 2, 8 | 2: Minimum number of name servers for a delegation. 8: Maximum number of name servers for a delegation |
| 24 | Reservation period (hours) for a delegation attempt that is rejected due to some transient name server check errors. In the reservation period, only the registrar that tried and failed is allowed to apply for the delegation. This feature exists because a name server error can occur due to network problems, in addition to any errors made by the subscriber, registrar or name server operator. The purpose of the reservation is to ensure that the first registrar to apply for a registration is also the one succeeding, as there may be errors beyond their control causing the application to fail. This requires that new attempts are made and the name server check is successful during the reservation period. |
| 0 | Maximum number of legal contacts (legal/admin) for a delegation. |
| 20 | Maximum number of technical contacts for a delegation. |
| 0 | Maximum number of contacts associated with a role object. |
| 0 | Maximum number of organizations a person or role contact can be associated with. |
| 8 | Maximum number of additional (secondary) e-mail addresses that can be added to a contact object. |
| 30 | Number of days a one-time code is valid. A one-time code (token) can be requested by a new registrar if the holder requests a transfer of the domain name, but does not have the transfer code (AuthInfo). |
| 31, 12 | Renewal of delegations: 31: Maximum number of dates before the expiration date when a renewal of a delegation can be performed. 12: Standard value for renewal (months). Used if the renewal period is not explicitly specified in the EPP renew command. See how to renew for more information. |
| 60, 90, 30 | Standard values for ordered-delete delete processes. An ordered-delete process is initiated when a regular EPP delete is received. Standard values are used if deletion periods are not specified using the EPP delete command. Time in days: 60: Time in days from the delete command is received until the domain name is quarantined, i.e. removed from DNS. 90: Time in days from the delete command is received until the domain name is deleted from the database. 30: Block time for the domain name. Applies from the time the domain name was quarantined until it can be re-registered. See how to delete for more information. |
| 0, 14, 30, 60, 90 | Standard values for expiry delete processes. An expiry process is automatically initiated by the EPP system if a delegation is not renewed before it expires. Time in days: 0 : Time in days from the expiry process is initiated before an e-mail notification of deletion is sent. 14: Time in days from the expiry process is initiated before a second e-mail notification of deletion is sent. 30: Time in days from the expiry process is initiated before a letter notification of deletion is sent. 60: Time in days from the expiry process is initiated before the domain name is quarantined, i.e. removed from DNS. 90: Time in days from the expiry process is initiated before the domain name is deleted from the database. See how to renew for more information. |
| 0, 30, 60, 90 | Standard values for invalid-registrant deletion processes. An invalid-registrant process can be initiated by the EPP system if the holder organization is no longer registered in the Central Coordinating Register for Legal Entities. This means the subscription requirement is no longer met. Time in days: 0 : Time in days from an invalid-registrant process is initiated before an e-mail notification of deletion is sent. 30: Time in days from an invalid-registrant process is initiated before a letter notification of deletion is sent. 60: Time in days from an invalid-registrant process is initiated before the domain name is quarantine, i.e. removed from DNS. 90: Time in days from an invalid-registrant process is initiated before the domain name is deleted from the database. |
| 3.2, 2021-08-24, 90 | Standard values for applicant declaration. 3.2: Valid version for applicant declaration. 2021-08-24: Version 3.2 is valid from this date. 90: Maximum age in days on acceptDate for a applicant declaration. An applicant declaration must be submitted no later than 90 days after the holder signed it. If the accept date is older, the registration system will reject the EPP transaction. A new applicant declaration must be signed. |
| 6 | Maximum number of DNSSEC DS records. |
| 5: RSA/SHA1 7: RSASHA1-NSEC3-SHA1 8: RSA/SHA256 10: RSA/SHA512 13: ECDSAP256SHA256 14: ECDSAP384SHA384 15: ED25519 16: ED448 | Permitted DNSSEC-algorithms |
| 2: SHA-256 4: SHA-384 | Permitted DNSSEC DS digest types |
EPP system, syntax rules
| System constants | Notes |
|---|---|
| 16 | Maximum number of characters in a contact ID (handle). |
| 2, 20, 64, 255, 255 | Limits on names and address fields for contacts: 2 : Country code 20: Postcode 64: Postal area 255: Address 255: Name |
| 9, 15 | Limits on identity length for contacts: 9: Organization number in Central Coordinating Register for Legal Entities 15 : Local ID (N.xxx.123456789 , where xxx is LEG, ORG, REG or PRI) |
| 8, 16, 64 | Number of characters in EPP passwords, transfer code (AuthInfo) and user passwords: 8: Minimum number of characters 16: Maximum number of EPP password 64: Maximum number of characters in transfer code (AuthInfo) and user password. Permitted characters and more information, see: Requirements for the transfer code, EPP passwords and user passwords |
| 2, 20 | Username limits: 2 : Minimum number of characters 20: Maximum number of characters Usernames may only include characters a–z and 0–9. |