Automaton

At a glance

  • The Automaton is an email based system
  • The emails are PGP signed for security
  • Requests to the Automaton are queued and processed in the order in which they were received
  • You can send test messages to validate your use of the Automaton

The Automaton is our email based system that allows registrars to register and manage  domain names. The Automaton can carry out a number of different operations, each of which has to be specifically requested by a registrar. Messages are processed one at a time, in the order in which they were received.

We have an acceptable use policy for the Automaton to encourage responsible usage.

PGP Signatures

The security of the Automaton is provided primarily by requiring registrars to use PGP signatures when sending email messages to the Automaton.  The signature is checked in the following process:

  • The date/time of the signature is checked to ensure that it was not created in the future or more than 72 hours before receipt of the message.  If it is out of date then the operation is rejected.
  • The ID of the PGP key used to create the signature is extracted from the signature.  This ID should correspond to a tag from a registered key.  If the ID is not recognised then the operation is rejected.
  • The checksum part of the signature is decrypted using the public key that we hold for that tag.  The message contents are checked to see that they have not been tampered with by recalculating the checksum and comparing with that supplied.  If the signatures do not match then the operation is rejected.

More information on how to set up and use PGP is available.

Operations

To use the Automaton you send a structured email with specific information in it.  This is described in the operations section.

Notifications

There are certain circumstances when the Automaton will send you a notification about a change that has happened to a domain one your tag.  

Test messages

Test messages can be submitted to the Automaton for createmodify, and bulk modify operations. To test a create or modify operation, the domain should follow this pattern:
automaton-test-[any characters].[sld].uk

For example:
key: automaton-test-1.co.uk
key: automaton-test-another.org.uk
key: automaton-test-for-developers-ca.net.uk

Domain names that are sent using this pattern will not appear on the register. Instead you will receive a response that tells you whether the format of application / modification was correct.

To test a bulk modify operation, include the clause 'dry-run:' in the request, which will return details of the outcome of the operation but will commit no changes to the register.

Client polls the server to see if there are any notifications waiting to be collected and then collects them (or it could do this later).

  • Client issues commands to server, which then replies immediately with response status.
  • Client then idles until it has more commands to send, polling periodically for any notifications.