5.6.4. Create keyset

A keyset create command is used to register a new keyset.

The keyset create command is a create element in the keyset namespace (http://www.nic.cz/xml/epp/keyset-1.3).

The command must be contained in the <create> command type.

5.6.4.1. Command element structure

The <keyset:create> element must declare the keyset namespace and schema, and it must contain the following child elements:

• <keyset:id> (1) – the keyset handle as fredcom:objIDCreateType.

• <keyset:dnskey> (1..10) – a DNS key (see object’s attributes for allowed values) given by:

  • <keyset:flags> (1) – flags as xs:unsignedShort,

  • <keyset:protocol> (1) – protocol as xs:unsignedByte,

  • <keyset:alg> (1) – algorithm as xs:unsignedByte,

  • <keyset:pubKey> (1) – public key as keyset:keyT,

• <keyset:tech> (1..10) – a handle of a contact that will be assigned as a technical contact as fredcom:objIDType,

• <keyset:authInfo> (0..1) – authorization information (AuthInfo) as fredcom:authInfoType; the AuthInfo will be generated by the server.

Example

<?xml version="1.0" encoding="utf-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd">
   <command>
      <create>
         <keyset:create xmlns:keyset="http://www.nic.cz/xml/epp/keyset-1.3"
          xsi:schemaLocation="http://www.nic.cz/xml/epp/keyset-1.3 keyset-1.3.4.xsd">
            <keyset:id>KID-AKEYSET</keyset:id>
            <keyset:dnskey>
               <keyset:flags>257</keyset:flags>
               <keyset:protocol>3</keyset:protocol>
               <keyset:alg>5</keyset:alg>
               <keyset:pubKey>AwEAAddt2AkLfYGKgiEZB5SmIF8EvrjxNMH6HtxWEA4RJ9Ao6LCWheg8</keyset:pubKey>
            </keyset:dnskey>
            <keyset:dnskey>
               <keyset:flags>257</keyset:flags>
               <keyset:protocol>3</keyset:protocol>
               <keyset:alg>5</keyset:alg>
               <keyset:pubKey>AwEAAddt2AkLfYGKgiEZB5SmIF8EvrjxNMH6HtxWEA4RJ9Ao6LCWheg9</keyset:pubKey>
            </keyset:dnskey>
            <keyset:tech>CID-TECH2</keyset:tech>
         </keyset:create>
      </create>
      <clTRID>dsce002#17-08-09at16:13:30</clTRID>
   </command>
</epp>

FRED-client equivalent

> create_keyset KID-AKEYSET ((257 3 5 AwEAAddt2AkLfYGKgiEZB5SmIF8EvrjxNMH6HtxWEA4RJ9Ao6LCWheg8), (257 3 5 AwEAAddt2AkLfYGKgiEZB5SmIF8EvrjxNMH6HtxWEA4RJ9Ao6LCWheg9)) () CID-TECH2

5.6.4.2. Response element structure

The response from the FRED EPP server contains the result, response data, and transaction identification.

See also Success or failure of a command.

The response data element (<resData>) contains a single child element <keyset:creData> which declares the keyset namespace and schema, and it contains the following child elements:

• <keyset:id> (1) – the keyset handle as fredcom:objIDType,

• <keyset:crDate> (1) – the timestamp of creation as xs:dateTime.

Important

Since FRED 2.48.0, in accordance with RFC 9154, create with nonempty AuthInfo is forbidden. Empty AuthInfo (meaning Authinfo is present, but empty) is allowed.

Example

<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd">
   <response>
      <result code="1000">
         <msg>Command completed successfully</msg>
      </result>
      <resData>
         <keyset:creData xmlns:keyset="http://www.nic.cz/xml/epp/keyset-1.3"
          xsi:schemaLocation="http://www.nic.cz/xml/epp/keyset-1.3 keyset-1.3.4.xsd">
            <keyset:id>KID-AKEYSET</keyset:id>
            <keyset:crDate>2017-08-09T16:13:50+02:00</keyset:crDate>
         </keyset:creData>
      </resData>
      <trID>
         <clTRID>dsce002#17-08-09at16:13:30</clTRID>
         <svTRID>ReqID-0000141095</svTRID>
      </trID>
   </response>
</epp>