SRS Registrar Information Kit (RIK)

The Registrar Information Kit (RIK) is jointly provided by NZRS and DNCL. The SRS RIK Client Package contains SRS protocol command line tools, associated Perl-based libraries, and example SRS XML while the Policy Package contains the .nz Policies and Procedures, Agreements and Forms that apply to the .nz environment.

NZRS has standardised on Ubuntu LTS as our reference platform for the SRS RIK and we provide .deb packages, an apt repository and pre-built VM images for registrars using this operating system.

Registrars who would like to build their own system can check out the source from https://github.com/NZRS/srs-rik-clients and install manually.

SRS RIK Client Package

The RIK client package contains:

Details Link
APT repository https://apt.nzrs.net.nz/
Source from github https://github.com/NZRS/srs-rik-clients
VM image in OVA format https://apt.nzrs.net.nz/images/ubuntu-srs.ova
VM image in VmwareVM format https://apt.nzrs.net.nz/images/ubuntu-srs.vmwarevm.tgz

Policy Package

The policy package contains:

  • Agreements
  • Forms
  • Policies and Procedures

The policy package is available for download from the DNCL website:

Details Link
Policy Package https://dnc.org.nz/content/rik.zip

Client installation by Ubuntu package

Add NZRS package signing GPG key:

curl https://apt.nzrs.net.nz/packages.asc | sudo apt-key add -

Note

You can also download the APT repo key from here: apt.nzrs.net.nz.asc

Add NZRS repository to your apt sources:

echo 'deb https://apt.nzrs.net.nz/ trusty main' | sudo tee /etc/apt/sources.list.d/srs.list
sudo apt-get update 1>/dev/null

Install RIK clients:

sudo apt-get install srs-rik-clients

Client installation from source

If you are not using Ubuntu or would prefer to manage Perl and the CPAN libraries yourself, the following installation instructions can be used.

To install client packages from source you will need the following:

External dependencies:

  • GpgME development libraries (libgpgme11-dev in Debian/Ubuntu, gpgme-devel in Centos/Redhat, gpgme in Brew for OSX)
  • GnuPG (gpg)

Note

GpgME may require GnuPG v1 to support pass-phrase entry as this functionality was altered in GnuPG v2.

CPAN dependencies:

  • File::Slurp
  • Time::HiRes
  • Pod::Usage
  • FindBin
  • Encode
  • Encoding::FixLatin
  • Pod::Usage
  • Carp
  • GetOpt::Long
  • JSON::Any
  • JSON::XS
  • Config
  • Date::Parse
  • XML::XML2JSON
  • XML::LibXSLT
  • XML::LibXML
  • IO::File
  • Crypt::GpgME
  • Data::Dumper
  • LWP::UserAgent
  • LWP::Protocol::https
  • HTTP::Request::Common

Example installation

Install prerequisites:

nzrs@ubuntu:~$ apt-get install libgpgme11-dev
nzrs@ubuntu:~$ cpan -i File::Slurp Time::HiRes Pod::Usage FindBin Encode Encoding::FixLatin Pod::Usage Carp GetOpt::Long JSON::Any JSON::XS Config Date::Parse XML::XML2JSON XML::LibXSLT XML::LibXML IO::File Data::Dumper LWP::UserAgent HTTP::Request::Common Crypt::GpgME

Note

CPAN tests for Crypt::GpgME generate GPG keys and may exhaust entropy on some systems. You may need to install an entropy gathering daemon such as havaged, or install without running CPAN tests.

Clone srs-rik-clients repo from Github:

nzrs@ubuntu:~$ git clone https://github.com/NZRS/srs-rik-clients.git

Import registry GPG key

nzrs@ubuntu:~$ cd srs-rik-clients/
nzrs@ubuntu:~/srs-rik-clients/$ gpg --import etc/reg.key

You should now be able to run the command line tools without the .sh wrappers, e.g.:

nzrs@ubuntu:~$ ./srs-rik-clients/bin/sendXML.pl

Client virtual machine images

We provide the following pre-built VM images running Ubuntu for registrars who would like to execute adhoc manual transactions with the RIK clients:

Details Link
VM image in OVA format https://apt.nzrs.net.nz/images/ubuntu-srs.ova
VM image in VmwareVM format https://apt.nzrs.net.nz/images/ubuntu-srs.vmwarevm.tgz

These images are configured with a default account:

User: nzrs
Pass: nzrs

Quick Start Guide

This step-by-step guide will quickly get you started using basic SRS command line tools.

Step 1: Install preferred client package

Install your RIK client via your preferred method:

Step 2: Generate GPG key and send public key to NZRS

Follow instructions as per How do I generate a PGP key for use with SRS?

nzrs@ubuntu:~$ gpg --gen-key
gpg (GnuPG) 1.4.16; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory `/home/rik/.gnupg' created
gpg: new configuration file `/home/rik/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/rik/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/rik/.gnupg/secring.gpg' created
gpg: keyring `/home/rik/.gnupg/pubring.gpg' created
Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Example Registrar
Email address: reg90-gpg-key@nzrs.net.nz
Comment:
You selected this USER-ID:
    "Example Registrar <reg90-gpg-key@nzrs.net.nz>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.


Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 242 more bytes)
.+++++
.....+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
....+++++
...+++++
gpg: /home/rik/.gnupg/trustdb.gpg: trustdb created
gpg: key 1BAC0BC6 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   4096R/1BAC0BC6 2015-05-26
      Key fingerprint = 2A56 5642 23FB 499B 62A4  DCAB F2B5 4F47 1BAC 0BC6
uid                  Example Registrar <reg90-gpg-key@nzrs.net.nz>
sub   4096R/54685D3B 2015-05-26

Note

For this example we did not set a GPG pass-phrase key. If you have set a key pass-phrase you will need to use either the SRS_RIK_PASSPHRASE environment variable or the SRS_RIK_PASSPHRASE_FILE environment variable.

Export GPG key and send public key to NZRS:

nzrs@ubuntu:~$ gpg --export --armour reg90-gpg-key@nzrs.net.nz
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQINBFVj3sMBEAC+pYOKvjZt//eSBdLMqYHMfwOgHVtGhj88NyU9sr/zjOdJbSbv
WuJd+RO+Sfuh5MkoUq3ccyfbmfmx9YQE+6EF2PIPzuKiPwFo8csCF+68w+OY9ITT
PlClpetKAzaovXaCiJuuL7v3048GnvtITj5MhA2wvvg7c1SL67exYBUymH7IhckI
Uv6QQ5R9l46HL/01eQrSwFygdc/j9qZWrD/nQ1ipW6QQvwTHv2eQvL5Cr2eJjVL9
hVX+kZNarLnQVpT1vvuHyUUwsNilislzBTGvAU+djPEsULAZxi83ePxcZ8U/oB54
Y9eEf6HPFVDVBRPysTUs48la/zAZEVWtE9ab2cNVmTAjo8/k7AU4aQfiZlV10pBX
1a8/4YOwQNcXL/Z5o1YzckM9sYSt/Xft15uS0n8f8UGiB3TLNiFYqiYIy4zzyNS3
KFTJheCC8J5Dj4aOrysxBcTgidtkaq4RCj3iGVychBJ3U42c3n5vYk7B2ehk4fuV
eM04A2vbfGxuk8mrtlRqdlVabB8AyMNbRqTrbudy8wflYf6pFmICPRkXC2aK9OMr
FLjvaGr0y1kkwnA9vI/Kg/NN4vfA5E2mhNV/XAsMwhYyUmgtyIMWEgLea/d6AM3t
Hw76v+w6zcwEWm81cxOrP+1x1vFVuSubLcUx2nFtyfhupXfb0C4WWAY29wARAQAB
tC1FeGFtcGxlIFJlZ2lzdHJhciA8cmVnOTAtZ3BnLWtleUBuenJzLm5ldC5uej6J
AjgEEwECACIFAlVj3sMCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEPK1
T0cbrAvGqrsP/1dDb1doe+E1nXX4SOFYcI8n4SboRwVa7TeTcqGR5eBxIBynjXye
kTnNLqQvKUVU1suKhQFrnwtsgbN3R/LsSdY0hCuNUd/jLM+Z2awtIiQw+bol51PH
1J+0rDP2WxdcPNQ/Ne5RHOfXWzlrfOwS2wt8CqfjdUhGFzHLeGEShXsTSjOD6qhN
NuV/02BgodEjjYgzkuEoSLdcvyqJ43wyWdxraNrZ+hatLt/UQVB1N0URq8qVTH7L
eQJAD1cDoDp9GZEfFhuUMqrEPZ5RoToXlnnYCm5GGyR6GZmOQ/9e41vP/qkr5qnD
20mA8FSJwnxPszlRYrBgCmD0kCfZS2BhcSGOENx9BY9l1flfHjA08ek9o+xCyuDL
5XpGLdOctkspKE7klXKzEV80DA7bHue/YpkNgLCWnRbxpnNWq1Wx9itL4qZFfXsI
4wWxpgGNX70vEpGFXdgBrJU3JouKozl0PWHcPKyamgsyJhQc6vHJRrSxvoKyoNZK
ZzNtUiw4hQxKgkiPK7nxkx4llxAYGKgx80QJfFt2uJ5wzN5PXN150VwMJxQ8Jbg4
ZkayTlZ64kHYQFzQOdfvDf/nONTy+Owls9oE/OzK0aBz8VQV3w/K/sP8iLOc7wwm
yUxrQiyG/nnvkWO0cfGsL54R/KmiCSCVHlq1WwLs0iE2VStJFdYyLyKruQINBFVj
3sMBEAC8f/IEHZd4P+Jo/VQX/sYvfdYdrOGoxrocWNMbc7ZK8CuGnb+ESpWoPTYq
MskcMan1dM/gZrgygI9T3dyi1gFDZiMm48C80oQxQwBX2IJE8q5BodDOwHAZdPZM
HaXKQXsqRl2zAN6GDiDuEW5u8VRl/rKP4vmo4IKYcL+OGruYxus4w+aLFG/LXN62
gA5qf96u8zUEzVnk6A5I5Nx2e+VG/Q01e12/OR7e1A2+f0MagEjAnf8vbKhTqY6o
RGl2nZGGd0G6PhJeHLpH86pekSt65F47VlIKTaEbDOSBRa0SkdI/fwm9XaDrauIu
Uh05PmDRQJ5r4h4ktcyyyBo2XB73s4PD+sXwyJYMaUpKbcQqv/l5Mom4juVt+/SG
qXrTWhSxkWKPWgIOvGSaLVgSPJLqXaBms1bF0Hafp810wFYH29i7hUU2fxj/oT/i
QBhOpNToC6ec3tCECzCc2KrTJaPHPOTatcIuj4jli75RCme5UcRd1VT2dmn7qTnP
Y4qXVqAO1rC83mbA7kRnvndi9fiyhwrRTPj32qd9My6fh0TnN5augZ9JBMfUbPvC
R0qf7v1Ifi3WnkoyvdwedxacKt0LiBdki4c7AkhCHBcKay4kzrBi6S1pHduf31S/
HRFKXTa/XYURRK2F3ngUvjsf+fjbPB9ywJIkbHFd5YIaRCpwQQARAQABiQIfBBgB
AgAJBQJVY97DAhsMAAoJEPK1T0cbrAvGk2kP/RsoXDdmhTruOc7ICC9OdFVN/tL1
8osZebOfQfM8jJgxSZOtrIAzUy8bItf0NNFN6t1i6+L40/nB823u2YfAGpvr+ayc
0PLZXnea4VuiFuFbuOfKLSq3uxZOw+oMlfb0m/5k7QTYm66jL4doBB0mkJg3nTrj
olXP1tzQKvHIg0aFICoCAYlg8zlctDj+B+Ktvg5YzyTdnSvMleas1QOqeoq6gwRC
NWxnWmXU1VQSQcHoJdaE2x1/+MN1STSOnpzrQHDgdyDPYSwJRDFqmPGgNi5rNyr1
QmDlm+5AqaQNInSxZc+yJAewAisklEtWLontt8eOjrUYVc5k8Sg1fA+NCml/Z87R
HKa0xbgAZ9E0VSECxWY0RXVwVxxo2JlScssdRj8OIQpcC2XI2r93hfxCu9O3k5WF
pyS9BIT+PWUwAT4OxSN47kC8ZlhlocdFmBJz/h0xJbtYyG8bCblfN6vtHrpNcrtH
hDvI8YL8kdIVvxvNPggFPqRBnGJrKCIoCjU2W8nRx9ymt6OmYO5ADl0lV3Hwu+C2
6Elu1h/tHFZrbJo84z55P0i9LO3mVZn2f5xlr6c/OZBnIiKDNMhj4zZ/eLbO6sj7
4+QKuiDg+QqD2KL7ALkaup/XaTca4sc+7XZbKCqm0ZYRvp+ppvG4EpupWDEq2jYF
Y4bZ9LPTcVX2wk2y
=9KYL
-----END PGP PUBLIC KEY BLOCK-----

Note

Send the output from the above command to support@nzrs.net.nz

Step 3: Run test transaction

Once NZRS has confirmed that your GPG key has been added to SRS you can run a test transaction.

nzrs@ubuntu:~$ echo '<NZSRSRequest VerMajor="1" VerMinor="0"><Whois DomainName="nzrs.net.nz" FullResult="1"/></NZSRSRequest>' > whois.xml
nzrs@ubuntu:~$ sendXML.pl -r 90 --gpg_id reg90-gpg-key@nzrs.net.nz whois.xml

Note

Replace registrar ID 90 ("-r 90") with your own registrar ID

<?xml version="1.0" encoding="UTF-8"?>
<NZSRSResponse VerMinor="7" VerMajor="6" RegistrarId="90"><Response FeSeq="60551240" FeId="8" Action="Whois" OrigRegistrarId="90" RecipientRegistrarId="90"><FeTimeStamp Year="2015" Month="05" Hour="08" TimeZoneOffset="+12:00" Day="27" Second="23" Minute="52"/><Domain Status="Active" Delegate="1" DomainName="nzrs.net.nz"><NameServers><Server FQDN="ns1.dns.net.nz"/><Server FQDN="ns2.dns.net.nz"/><Server FQDN="ns3.dns.net.nz"/><Server FQDN="ns4.dns.net.nz"/></NameServers><RegistrantContact Name="NZRS Ltd" Email="support@nzrs.net.nz"><PostalAddress Address2="P O Box 24361" PostalCode="6021" Address1="NZRS Ltd" Province="Wellington" City="Wellington" CountryCode="NZ"/><Phone LocalNumber="9316970" AreaCode="4" CountryCode="64"/><Fax LocalNumber="9316979" AreaCode="4" CountryCode="64"/></RegistrantContact><RegistrarPublicContact Name="Domain Name Commissioner" Email="info@dnc.org.nz"><PostalAddress Address1="PO Box 11881" City="Wellington" CountryCode="NZ"/><Phone LocalNumber="472-1600" AreaCode="4" CountryCode="64"/><Fax LocalNumber="495-2115" AreaCode="4" CountryCode="64"/></RegistrarPublicContact><AdminContact Name="NZRS Ltd" Email="support@nzrs.net.nz"><PostalAddress Address2="P O Box 24361" PostalCode="6021" Address1="NZRS Ltd" Province="Wellington" City="Wellington" CountryCode="NZ"/><Phone LocalNumber="9316970" AreaCode="4" CountryCode="64"/><Fax LocalNumber="9316979" AreaCode="4" CountryCode="64"/></AdminContact><TechnicalContact Name="NZRS Ltd" Email="support@nzrs.net.nz"><PostalAddress Address2="P O Box 24361" PostalCode="6021" Address1="NZRS Ltd" Province="Wellington" City="Wellington" CountryCode="NZ"/><Phone LocalNumber="9316970" AreaCode="4" CountryCode="64"/><Fax LocalNumber="9316979" AreaCode="4" CountryCode="64"/></TechnicalContact><BilledUntil Year="2015" Month="06" Hour="19" TimeZoneOffset="+12:00" Day="07" Second="04" Minute="19"/><RegisteredDate Year="2002" Month="07" Hour="19" TimeZoneOffset="+12:00" Day="07" Second="04" Minute="19"/><AuditDetails><AuditTime><From Year="2015" Month="05" Hour="04" TimeZoneOffset="+12:00" Day="25" Second="07" Minute="32"/></AuditTime></AuditDetails></Domain></Response></NZSRSResponse>

RIK Clients

Note

Please note that as of Feb 2016 the previously depreciated sendJSON client is no longer included in the current distribution.