The security of the Automaton is provided primarily by requiring registrars to use PGP signatures when sending email messages to the Automaton. The signature is checked in the following process:
- The date/time of the signature is checked to ensure that it was not created in the future or more than 72 hours before receipt of the message. If it is out of date then the operation is rejected.
- The ID of the PGP key used to create the signature is extracted from the signature. This ID should correspond to a tag from a registered key. If the ID is not recognised then the operation is rejected.
- The checksum part of the signature is decrypted using the public key that we hold for that tag. The message contents are checked to see that they have not been tampered with by recalculating the checksum and comparing with that supplied. If the signatures do not match then the operation is rejected.
More information on how to set up and use PGP is available.
To use the Automaton you send a structured email with specific information in it. This is described in the operations section.
There are certain circumstances when the Automaton will send you a notification about a change that has happened to a domain one your tag.
Test messages can be submitted to the Automaton for create, modify, and bulk modify operations. To test a create or modify operation, the domain should follow this pattern:
Domain names that are sent using this pattern will not appear on the register. Instead you will receive a response that tells you whether the format of application / modification was correct.
To test a bulk modify operation, include the clause 'dry-run:' in the request, which will return details of the outcome of the operation but will commit no changes to the register.
Client polls the server to see if there are any notifications waiting to be collected and then collects them (or it could do this later).
- Client issues commands to server, which then replies immediately with response status.
- Client then idles until it has more commands to send, polling periodically for any notifications.