Thursday, 26 April 2012

EEP to Nominet

We wanted to make the handling of UK domains a tad slicker in our systems, and in particular allow end users to update details including name server and DS records.

Fortunately Nominet have EPP (Extensible Provisioning Protocol) which allows some rather neat automation.

Well, I was half expecting it to be some SOAP/XML thing, like so many other XML based APIs, and was pleasantly surprised that it is not. It is just XML "messages" each way sent with a length (in binary) and the XML ,over a TCP (or TCP+SSL) connection. Simples.

I have taken just over a day to code all of the functions and integrate in to our management pages. It is damn quick too - registering domains instantly. We used to use the email based system before, which worked, but at the speed of email.

So, finally customers can set up DS records. All we need now is signing domains for people. That will come later.

One rather annoying thing, which is not an issue with EPP as such but with XSD, is the definition. It insists the fields are in order. Why the hell is it done like that!!!

Basically, a "structure" can have two styles, either a strictly ordered sequence where individual items may appear a different number of times (you define min/max number of times), or you can set any order but only a maximum of one instance of each record.

What we want is any order and defined number of instances of each entry.

As an aside, that is what we do with FireBrick config. It is generated in strict order as per the definition, but accepts in any order. Much easier.

Sadly the EPP requires the strict order, which is just a nuisance and so unnecessary, and what is worse is that if you get it wrong the error is just that there is a syntax error (as it fails their xsd validation). No clue what bit it does not like. Shame.

However, good fun, very easy to code if you ever want to do EPP yourself.


  1. It's nice being able to do more stuff via clueless. I found and corrected some dodgy contact details!

    (please can we have signing domains too :))

  2. Does it help to do validation against their schema yourself locally, e.g. with libxml2?

  3. We use schemas extensively at work, and we now depend on XML Spy to point out when data doesn't match a schema (for debugging purposes). It's Windows-only and expensive though, so possibly not much use for you.