5.7.4. Update keyset¶

A keyset update command is used to alter details of a keyset.

The keyset update command is an update element in the keyset namespace (http://www.nic.cz/xml/epp/keyset-1.3).

The command must be contained in the <update> command type.

5.7.4.1. Command element structure¶

The <keyset:update> element must declare the keyset namespace and schema and it must contain the following child elements:

<keyset:id> (1) – a keyset handle as fredcom:objIDType,
<keyset:add> (0..1) – a list of items that will be added to this keyset:
- <keyset:dnskey> (0..10) – a DNS key (see object’s attributes for allowed values) given by:
  <keyset:flags> (1) – flags as xs:unsignedShort,
  
  <keyset:protocol> (1) – protocol as xs:unsignedByte,
  
  <keyset:alg> (1) – algorithm as xs:unsignedByte,
  
  <keyset:pubKey> (1) – public key as keyset:keyT,
- <keyset:tech> (0..n) – a handle of a contact that will be added to technical contacts as fredcom:objIDType,
<keyset:rem> (0..1) – a list of items that will be removed from this keyset:
- <keyset:dnskey> (0..10) – a DNS key (see object’s attributes for allowed values) given by:
  <keyset:flags> (1) – flags as xs:unsignedShort,
  
  <keyset:protocol> (1) – protocol as xs:unsignedByte,
  
  <keyset:alg> (1) – algorithm as xs:unsignedByte,
  
  <keyset:pubKey> (1) – public key as keyset:keyT,
- <keyset:tech> (0..n) – a handle of keyset’s technical contact as fredcom:objIDType,
<keyset:chg> (0..1) – the new values of keyset attributes that will be replaced by this update. Omitted attributes will remain unchanged.
- <keyset:authInfo> (0..1) – change the keyset’s authorization information (AuthInfo) as fredcom:authInfoType.

Important

Since FRED 2.48.0, server can be configured so that the AuthInfo must meet some basic requirements, such as minimum length (which can be configured).

[registry]
# Minimal length of authinfo
authinfo_length_min = 8

Calling update object with empty AuthInfo leads to removal of all object AuthInfos.

Example¶

<?xml version="1.0" encoding="utf-8" standalone="no"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-1.0.xsd">
   <command>
      <update>
         <keyset:update xmlns:keyset="http://www.nic.cz/xml/epp/keyset-1.3"
         xsi:schemaLocation="http://www.nic.cz/xml/epp/keyset-1.3 keyset-1.3.4.xsd">
            <keyset:id>KEYSET-MYKEYSET</keyset:id>
            <keyset:add>
               <keyset:dnskey>
                  <keyset:flags>257</keyset:flags>
                  <keyset:protocol>3</keyset:protocol>
                  <keyset:alg>5</keyset:alg>
                  <keyset:pubKey>eGVmbmZrY3lvcXFwamJ6aGt2YXhteXdkc2tjeXBp</keyset:pubKey>
               </keyset:dnskey>
               <keyset:dnskey>
                  <keyset:flags>257</keyset:flags>
                  <keyset:protocol>3</keyset:protocol>
                  <keyset:alg>5</keyset:alg>
                  <keyset:pubKey>aXN4Y2lpd2ZicWtkZHF4dnJyaHVtc3BreXN6ZGZy</keyset:pubKey>
               </keyset:dnskey>
               <keyset:tech>TECH2</keyset:tech>
            </keyset:add>
            <keyset:rem>
               <keyset:tech>TECH1</keyset:tech>
            </keyset:rem>
            <keyset:chg>
               <keyset:authInfo>aBcD1234</keyset:authInfo>
            </keyset:chg>
         </keyset:update>
      </update>
      <clTRID>pkxv003#17-07-20at20:04:32</clTRID>
   </command>
</epp>

FRED-eppic equivalent¶

> update-keyset --id=KEYSET-AKEYSET --add-dnskey-1.flags=257 --add-dnskey-1.protocol=3 --add-dnskey-1.alg=5 --add-dnskey-1.pub-key=eGVmbmZrY3lvcXFwamJ6aGt2YXhteXdkc2tjeXBp --add-dnskey-2.flags=257 --add-dnskey-2.protocol=3 --add-dnskey-2.alg=5 --add-dnskey-2.pub-key=aXN4Y2lpd2ZicWtkZHF4dnJyaHVtc3BreXN6ZGZy --add-tech-1=TECH2 --rem-tech-1=TECH1 --auth-info=aBcD1234

5.7.4.2. Response element structure¶

The FRED EPP server responds with a plain result message which does not contain any response data (no <resData>).