UDAI Expiry - 2014 ================== A UDAI is a randomly generated unique identifier that is required to authenticate requests to transfer domain names from one registrar to another. In 2014 DNCL approved a small number of amendments related to UDAIs in the following policies: * `Operations and Procedures Policy - Unique Domain Authentication ID (UDAI) `_ * `Operations and Procedures Policy - Transfer of Registrar `_ These changes came into effect on 5 September 2014 and resulted in the following impact to registrars and registrants: * UDAIs now expire after 30 days * SRS only automatically generates a new UDAI on initial registration only. More information on how this impacts registrars and the SRS is detailed in the sections below. Previous UDAI Behaviour ----------------------- A UDAI was previously generated when: * A domain name was registered. * A change in registrant contact details was made. * A domain name was transferred. * A new UDAI was requested. Under this system a UDAI did not expire which was identified as a security risk. Current UDAI Behaviour -------------------------- #. UDAIs expire: * 30 days after generation. * After a domain transfer (and a new one will not be automatically created post transfer). #. New UDAIs will be created: * Upon request. * During initial registration of a domain. #. New UDAIs are NOT created when: * a domain is transferred. * a change in Registrant contact details is made. SRS and EPP transactions to Generate and Validate UDAI ------------------------------------------------------ Registrars can validate a UDAI using either of the following transactions: * SRS UDAIValidQry ( see srs-transactions - :ref:`UDAIValidQry` ) * EPP domain:info ( see epp-commands - :ref:`eppdomaininfo` ) Registrars can generate a new UDAI using either of the following transactions: * SRS DomainUpdate request with the NewUDAI parameter ( see srs-transactions - :ref:`DomainUpdate` ) * EPP domain:update request ( see epp-commands - :ref:`eppdomainupdate` )