EPP Security Best Practices Guidelines

As part of a series of upcoming sector-specific guidelines, the European TLD ISAC published its EPP Security Best Practices Guidelines. The guidelines provide top-level domain (TLD) registry operators with essential best practices and security recommendations for implementing the Extensible Provisioning Protocol (EPP) securely.

The guidelines aim to identify and mitigate vulnerabilities in EPP infrastructure, which directly impact the Domain Name System (DNS) security. The guidelines cover key areas such as network security, authentication, cryptography, and security monitoring. They are aligned with the NIS2 Directive ((EU) 2022/2555), which establishes technical and sector-specific cybersecurity requirements across the EU.

The guidelines are published as TLP:CLEAR and can be downloaded here.

EPP Security Best Practices Guidelines

DOWNLOAD TLD I...L-42.pdf

EPP Security Best Practices Guidelines

Geavanceerde instellingen