IbrokerFaq

From I-names Development Wiki

Contents 1 How does one become an ibroker? 2 What are the minimum requirements for interfacing with the GRS? 3 What is EPP? 4 What are the key EPP objects and operations? 5 What is an Authority? 6 What is an i-name? 7 what is an i-number? 8 what is a service end point? 9 what is an i-service? 10 How are authorities transfered? 11 How are i-names transfered? 12 What is a gaining i-broker? 13 What is a losing i-broker? 14 What is a transfer token? 15 What is EPP Poll used for? 16 What is a gaining authority? 17 What is a losing authority? 18 How do I get Accredited? 19 What is the GRS? 20 Where do I get password to access the registries? 21 SRS MajorCode and SRS Minor Code. What are they? 22 What is the meaning of "Creating Authority with Max length" 23 What are "Authority Trustees"? 24 What is a contact agent? 25 What is a contact data custodian or escrow agent? 26 PLEASE CONTRIBUTE

How does one become an ibroker?

To become an ibroker of the GRS the first step is to become XDI.org accredited. See gss.xdi.org for instructions and forms that need to be filed. Once accredited the second step is technical certification. The necessary instructions and forms are also at gss.xdi.org.

What are the minimum requirements for interfacing with the GRS?

Accreditation (working EPP client), approved SSL cert, username and password. To start the process see gss.xdi.org to become accredited. You will be given a package that includes toolkits, certification instructions as well as credentials all of which start you down the road of certification. This may make it sounds a bit daunting but trust me it is very easy. As long as you understand XML it is a piece of cake.

What is EPP?

An XML based protocol for interacting with the GRS. EPP (Extensible Provisioning Protocol) is defined to allow the creation and management of the core objects in the GRS. Those objects defined below are an authority, i-name and i-number. The specification may be seen on soourceforge.

What are the key EPP objects and operations?

All of the operations and objects that are allowed in the GRS are defined within the [GSS and the EPP specification. In summary the objects and actions are:

• Authority - Create, Delete, Transfer, Update
• I-Name - Create, Delete, transfer, Update, Renew
• I-Number - Create, Terminate, Update, Renew

The i-broker accreditation manual, which can be obtained via the above discussed accreditation process, for a list with lots of good examples.

What is an Authority?

At a very high level an authority is the identity defined by any given i-name. The authority is object represents the complete set of meta data that describes the XRI or identity. In practical terms it is hte object that contains all of the data that makes up the XRD for a given XRI. The important parts of the authority are:

• When an authority is created it will be assigned two internal identifiers.
  • An authorityId which is system generated.
  • A ClientAuthorityId which is i-broker created. This internal i-broker defined id is an important concept within EPP. A client defined unique identifier allows the i-broker to recover from transient transaction failure. For example, if an i-broker creates an authority EPP message, sends it to the GRS, the GRS prcesses it and sends a response back but the i-broker. What happens if the i-broker never receives the response and therefore does not know if the previous transaction was a success or failure. The i-broker is able to verify by using the same clientAuthorityId on the next attempt to create the authority. If the next response is that the clientAuthorityId already exists you know that the previous transaction was successful.
• Authority contains an i-number, the public facing persistent canonical identifier of the authority.
• I-names: An authority may contain any number of i-names that are all synonymous. Synonymous means that they are all names or nicknames for the same person. The i-name is also synonymous with it's persistent i-number.
• SEPs: Service Endpoints (SEP) are the attributes in an authority that bring behavior to your authority (identity). The thre most common SEPs are for the contact, forwarding and authentication services. Services may be set by service providers, such as the i-broker, but can also be set by a registrant. They may point to anything that is URI compliant. For example, You may want to set a SEP to point to initiate a skype call, Or point to an important web page such as a blog, or to start a chat session in AOL, or anything else you can imagine.

What is an i-name?

a human-readable reassignable XRI - for example: =cnd

what is an i-number?

The persistent primary key of an identity. It provides a mechanism to allow applications such as wiki's to associate a persistent identity for a user. This is extremely important as one identity may have multiple synonym i-names or an i-name may be associated to different people over time.

For example =cnd's i-number is =!dd94.f799.8743.1d3d

what is a service end point?

A service endpoints (SEPs) are a series of services that an authority (i-names and i-numbers) advertises. A service may be something that allows other folks on the internet to reach out to the i-name owner. For example you may want to advertise services to provide a secure and safe way for people unknown to you to contact you. Or you may want to advertise your blog or other website. Or you may want to enable a way for someone to call you via a VOIP service. A service may also be tools that you the authority use to interact with various web based tools. For example authentication provide a single signon capability. Another example may be a custom authorization service endpoint that some web sites may need to prove that you have permission to use a resource.

what is an i-service?

An i-service object are services that the GRS provides on an application service provider model. These services translate into service endpoints.

How are authorities transfered?

the transferring of an authority moves it from one i-broker to another. Everything contained within the authority will be moved with it. The basic steps in the authority transfer process are:

• Transfer request command is issued by the gaining i-broker. The GRS will respond back with a single use token that needs to be provided to the owner of the authority.
• The GRS will provide notification to the gaining and losing i-brokers via the EPP Poll mechanism
• The losing i-broker upon receipt of notification of a transfer request should notify the authority owner, using their local records, that a pending transfer request has been issued. They then need to provide a mechanism to allow the registrant to provide the single use transfer token.
• When the losing i-broker receives the transfer token they then issue a transfer approval command to complete the transfer. If the registrant indicates that they do not want to carry through with the transfer the losing i-broker rejects the transfer.
• The GRS provides notifications through the EPP poll mechanism to both the losing and gaining i-brokers that the approve or reject was processed.
• The GRS will automatically reject the transfer if the losing i-broker does not approve or reject before hand.

Please see the GSS Spec and the EPP spec for more specifics.

How are i-names transfered?

the transferring of an i-name is a process of moving an i-name from one authority to another authority. The basic process is the same as discussed above with an authority. The one key difference is that with an i-name transfer the gaining and losing entities are authorities that may have the same sponsoring i-broker (intra broker transfer) or different sponsoring i-broker (inter broker transfer).

• Transfer request command is issued by the i-broker of the gaining authority. The GRS will respond back with a single use token that needs to be provided to the owner of the gaining authority.
• The owner of the gaining authority will need to provide this single use token to the owner of the losing authority.
• The GRS will provide notification to the gaining and losing i-brokers via the EPP Poll mechanism
• The losing i-broker upon receipt of notification of a transfer request should notify the owner of the losing authority, using their local records, that a pending transfer request has been issued for an i-name in their authority. They then need to provide a mechanism to allow the registrant to provide the single use transfer token.
• When the losing i-broker receives the transfer token they then issue a transfer approval command to complete the transfer. If the registrant indicates that they do not want to carry through with the transfer the losing i-broker rejects the transfer.
• The GRS provides notifications through the EPP poll mechanism to both the losing and gaining i-brokers that the approve or reject was processed.
• The GRS will automatically reject the transfer if the losing i-broker does not approve or reject before hand.

Please see the GSS Spec and the EPP spec for more specifics.

What is a gaining i-broker?

The gaining i-broker is either the i-broker in which an authority is being transfered to or the sponsoring i-broker of the gaining authority for an i-name transfer. The gaining i-broker initiates a transfer via a transfer request command.

Please see the GSS Spec for more specifics.

What is a losing i-broker?

The losing i-broker is either the ibroker in which an authority is being transferred from or the sponsoring i-broker of the losing authority for an i-name transfer. The losing i-broker responds to a transfer request with either a transfer approve or transfer reject.

Please see the GSS Spec for more specifics.

What is a transfer token?

A transfer token is a single use password that a registrant uses to authorize the transfer transaction. This token is provided to the gaining i-broker in response to a transfer request. The gaining i-broker must share this token with the registrant that initiated the transfer. The registrant then uses this token at the losing i-broker. In the case of an i-name transfer the registrant of the gaining authority must share the token with the registrant of the losing authority.

Please see the GSS Spec for more specifics.

What is EPP Poll used for?

the GRS provides a notification message queue to each i-broker. The i-brokers use EPP Poll commands to read messages on his message queue.

Please see the GSS Spec for more specifics.

What is a gaining authority?

The gaining authority is the authority that an i-name is transferring to.

Please see the GSS Spec for more specifics.

What is a losing authority?

The losing authority is the authority that an i-name is transferring from.

Please see the GSS Spec for more specifics.

How do I get Accredited?

Look for the iBroker accreditation manual. It explains all that stuff.

What is the GRS?

The GRS is the global registry system for global = and @ i-names and i-numbers. The GRS provides three environments for registered i-borkers.

A. Production - This is the live one in which real authorities, i-names and i-numbers are purchased and managed. These names and numbers will resolve through the gloabl resolution servers.

B. OT&E - This is an operational test and evaluation site provided to i-brokers so that they can test their registration systems before taking them to production. It is also used by the GRS to allow testing of major enhancements to the GRS systems before they are brought live. i-names and i-numbers in the OT&E environment do not resolve.

C. Accreditation - this is a "canned" pretend copy of things that the registry might return to you if you issued real EPP commands. This environment is used during certification testing to demonstrate basic EPP capability. Once certification testing is passed access is granted to both production and OT&E.

Where do I get password to access the registries?

Passwords are issued to you by Neustar.

SRS MajorCode and SRS Minor Code. What are they?

Return codes document if stuff worked or failed. The major and minor codes provide specific failure reasons at a granular level. I-brokers should use the high level EPP return code for basic success/failure processing and then inspect major and minor codes for specific on why a command failed. See the i-broker accreditation manual or EPP specs.

What is the meaning of "Creating Authority with Max length"

It is unclear to me what this question is referring to. I'd be happy to provide an answer if it is clarified. (=les)

What are "Authority Trustees"?

Authority trustees serve the same basic purpose of the establishment of trustees in finanicial instruments, wills and similar contracts. An authority can assigned various other authorities to act on behalf of the assigning authority if the assigning authority becomes incapacitated. This concept is especially important since an authority with an i-number will persist forever. The trustees can contact the ibroker of the authority it is a trustee for and legally make changes to the authority once incapacitation is proven.

What is a contact agent?

The i-name registry is designed to protect the privacy of i-name owners. The contact agent provides a trusted accredited entity that can contact an i-name owner on behalf of a party that has an intellectual property dispute with the i-name holder. A contact agent, upon receipt of a valid complaint, will use the associated contact data custodian (sometimes referred to as an escrow agent) to obtain valid contact data. This process ensures the privacy of the i-name owner while still providing for IP holders to protect their property.

Currently in production the only accredited contact agent's client authority id is: @!(!!1003!1). This is the value you place in the authority create to set the contact agent.

If you would like to become an accredited contact agent please see the instructions at the GSS

What is a contact data custodian or escrow agent?

The contact data custodian is referred to as the escrow agent in the authority create command. This value must be set in the authoirty. The contact data custodian is responsible for holding contact data for accredited contact agents in the event of an IP dispute. An i-broker MUST send contact data for the authority to the contact data custodian.

Currently in production the on contact data custodian's client authoirty id is @. This is the value you place in the authority create to set the contact data custodian (escrow agent).

If you would like to become an accredited contact data custodian please see the instructions at the GSS

PLEASE CONTRIBUTE

This Wiki is where you can ask questions, get answers, and have experts guide you, and correct your mistakes. Edit liberally, and you will be rewarded. Many people "watch" this page and will respond to your questions, review your edits, and generally help you out!