Technical setup[Link]

The EPP interface for DNS Belgium is RFC compliant and ICANN compliant for the gTLD registries.

For a complete reference of the standard syntax, we refer to the internet RFC documents, they explain in detail the valid content of a document:

  • RFC 5730: Extensible Provisioning Protocol.

  • RFC 5731: (EPP) Domain Name Mapping.

  • RFC 5732: (EPP) Host Mapping.

  • RFC 5733: (EPP) Contact Mapping.

  • RFC 5734: (EPP) Transport over TCP.

  • RFC 4033: DNSSEC, Introduction and Requirements.

  • RFC 4034: DNSSEC, Resource records.

  • RFC 4035: DNSSEC, Protocol modifications.

  • RFC 4641: DNSSEC, Operational best practices.

  • RFC 5155: DNSSEC, NSEC3.

  • RFC 5702: DNSSEC, SHA2.

  • RFC 5910: DNSSEC & EPP.

The implementation of IDN at DNS Belgium is based on the IDNA 2008 standard and the following reference documents:

  • RFC 5890: Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework

  • RFC 5891: Internationalized Domain Names in Applications (IDNA): Protocol

  • RFC 5892: The Unicode Code Points and Internationalized Domain Names for Applications (IDNA)

  • RFC 5894: Internationalized Domain Names for Applications (IDNA): Background, Explanation, and Rationale

  • RFC 3492: Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)

The EPP interface is solely accessible via SLL protocol and accepts utf-8 character encoding only. Host and port can be found here.


DNS Belgium has a GUI interface, including example EPP commands, that can be used to test the EPP system.

Userid and password[Link]

To access the EPP interface, you need a user and password. The user is the registrar handle that you have been attributed upon activation as a registrar. The password can be set in the registrar web interface by a user with the tech role.

IP whitelisting[Link]

Before connecting to the EPP interface, DNS Belgium needs to know from which IP addresses you will be connecting. These can be set in the registrar web interface by a user with the tech role.

Session management[Link]

DNS Belgium allows 4 simultaneous EPP sessions (connections) per registrar with our EPP server. When you open more connections, the oldest connection will be closed automatically.

As a registrar, you can specify 10 IP addresses from which you are allowed to connect with our EPP server. Although you have 10 IP addresses, DNS Belgium allows only 4 simultaneous connections. In other words, the number of IP addresses that you specify is not related in any way with the number of allowed connections.

Connections which are idle for more than 4 minutes will be closed by our EPP server.


We accept both U-label and A-label as input for EPP. The EPP response will only use the A-label for IDN names, both in succeeded and in error messages. If you register a non-IDN name, the domain name is returned as you entered it.

For name servers, we also accept both U-label and A-label. The EPP response will only use the A-label for IDN name servers.

Basic requirements[Link]

To have commands executed on the server, the following preconditions must be fulfilled:

  • The client must be properly authorized to the server, by establishing a proper EPP session (login), and connection from a well-known IP address. We provide a server certificate for validation, this can be found on our website.

  • The client must send EPP commands that do correctly validate against the EPP XML schema files.


EPP commands fall into three categories:

  • Session management: is used to establish and end persistent sessions with the EPP server.

  • Query: is used to perform read-only information retrieval.

  • Transform: is used to perform read-write transactional object management operations.

The following sections give an overview of the different EPP commands that can be exchanged between the client and the server. DNS Belgium follows the relevant RFC’s as listed above. Where choices had to be made according to the RFCs, they are described in the sections below. Each command has 4 subsections (where applicable) with relevant information:

  • Input data: Clarifications to the relevant RFC and more information on optional elements or choices made based on the RFC concerning the EPP request.

  • Prerequisites: Preconditions that must be met for a command to succeed.

  • Transformations: Changes to the registration database.

  • Response details: Clarifications to the relevant RFC and more information on optional elements or choices made based on the RFC concerning the EPP response.

EPP basics[Link]

DNS Belgium follows the RFCs relating to EPP. Following decisions have been made where the RFCs give a choice:

  • The EPP server only accepts utf-8 character encoding.

  • The EPP server offers contact and domain objects.

  • Domain names must include the TLD (e.g. “”).

  • Newly created domain names are active immediately.

  • “Host attributes” must be used in domains.

  • External hosts do not allow for IP addresses, while internal hosts (below the TLD) require at least one IP address (glue record).

  • In domain objects, exactly one registrant, and at least one tech and admin contact is required. The contact type billing is not supported.

  • In contact objects, we accept both “type=int” and “type=loc” fields. If you want to use non-ASCII characters in the address of your contact, you should use “type=loc”.

  • Contact objects require an empty authInfo element on creation.

  • Contact transfers are not supported.

  • Domain names can be created without references to hosts – however, this also means such domains are not included in the DNS.

  • Domain transfer requests require the authInfo of the respective domain object.

  • Domain Transfers are auto-approved after 5 days (or, 5 minutes on the sandbox system), but can also be

    • approved or rejected by the losing registrar.

    • cancelled by the gaining registrar.