The core of the Espresso Registry software package is a database used to maintain both current and historical information on domain names, registrants, contacts, hosts and associated billing records. The primary means of communicating with the database is via an API that conforms to the RFC’s that define the Extensible Provisioning Protocol (“EPP”). EPP is often considered the “gold standard” in a TLD registry. The specifications have been developed by the Internet Engineering Task Force (“IETF”) and are not proprietary.
Use of the EPP standard helps ensure compliance, best-practice in registry operations, and enables the registry operator to more easily attract registrars. An established registrar can generally connect to an EPP TLD registry with little or no development effort. An EPP registry is generally considered to be an “advanced”, “industrial strength” solution and difficult for small ISPs or resellers to integrate with – and therefore to be avoided by small TLDs. While this is to some extent true this common complaint has been resolved with the Espresso software package by developing a robust web-based graphical user interface (“GUI”). A registrar can simply login to the web page maintained by the registry operator (which in turn speaks to the EPP server) to register and manage domains. There is no need for a reseller or ISP managing a small number of domains to know anything about EPP or even to bother connecting via the API.
A mid-sized registrar that also desires to operate a public shopping cart to facilitate registrations can establish a site using the Registrar Module (not discussed here) and not concern themselves with the fact that they are connecting to an EPP registry. The Registrar Module would generally be run on separate infrastructure and has its own database and administration. It connects to the registry using EPP only. The Espresso Tools registry operates as a client-server system. There are seven different client types supported in the package, each with different access rights. The two most common client types are “TLD Manager” and “Registrar.” This document covers all of the features available through the GUI to TLD administrators, and many of those are available to the various client types.
The software has several security features.
- Unique Client Identifier: IP is tracked and recorded upon every log in.
- Strong Password: Eight mixed alphanumeric digits must be used.
- Two-Factor Authentication: Digital token-producing device is associated with each client account, only those with a token may log in.
- IP Restrictions: log in restricted to a specific Host, Network or Range of IPs.
- Auditing System: Every edit made to database records is stored as History.
