[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 07 08 09 10 RFC 3405

Network Working Group                                        M. Mealling
Internet-Draft                                                  Verisign
Expires: August 9, 2001                                 February 8, 2001


           Assignment Procedures for URI Resolution Using DNS
                    draft-ietf-urn-net-procedures-07

Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that
   other groups may also distribute working documents as
   Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   To view the entire list of Internet-Draft Shadow Directories, see
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on August 9, 2001.

Copyright Notice

   Copyright (C) The Internet Society (2001). All Rights Reserved.

Abstract

   RFCYYYY defines a how DNS is used as a DDDS database that contains
   URI delegation rules (sometimes called resolution hints). That
   document specifies that the first step in that algorithm is to
   append 'URI.ARPA' to the URI scheme and retrieve the NAPTR record
   for that domain-name.  I.e., the first step in resolving
   "http://foo.com/" would be to look up a NAPTR record for the domain
   "http.URI.ARPA". URN resolution also follows a similar procedure but
   uses the 'URN.ARPA' zone as its root. This document describes the
   procedures for inserting a new rule into the 'URI.ARPA' and
   'URN.ARPA' zones.








Mealling                 Expires August 9, 2001                 [Page 1]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


Table of Contents

   1.    Introduction . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.    URI Resolution vs URN Resolution . . . . . . . . . . . . . .  3
   3.    Registration Policies  . . . . . . . . . . . . . . . . . . .  3
   3.1   URI.ARPA Registration  . . . . . . . . . . . . . . . . . . .  3
   3.1.1 Only Schemes in the IETF Tree Allowed  . . . . . . . . . . .  3
   3.1.2 Scheme Registration Takes Precedence . . . . . . . . . . . .  3
   3.1.3 NAPTR Registration May Accompany Scheme Registration . . . .  4
   3.1.4 Registration or Changes after Scheme Registration  . . . . .  4
   3.2   URN.ARPA Registration  . . . . . . . . . . . . . . . . . . .  4
   3.2.1 NID Registration Takes Precedence  . . . . . . . . . . . . .  4
   3.2.2 NAPTR Registration May Accompany NID Registration  . . . . .  4
   3.2.3 Registration or Changes after Scheme Registration  . . . . .  4
   4.    Requirements on hints  . . . . . . . . . . . . . . . . . . .  5
   5.    Submission Procedure . . . . . . . . . . . . . . . . . . . .  6
   6.    Registration Template  . . . . . . . . . . . . . . . . . . .  6
   6.1   Key  . . . . . . . . . . . . . . . . . . . . . . . . . . . .  6
   6.2   Authority  . . . . . . . . . . . . . . . . . . . . . . . . .  6
   6.3   Records  . . . . . . . . . . . . . . . . . . . . . . . . . .  6
   7.    Example Template . . . . . . . . . . . . . . . . . . . . . .  7
   8.    The URN Registration in the URI.ARPA zone  . . . . . . . . .  7
   9.    IANA Considerations  . . . . . . . . . . . . . . . . . . . .  7
   10.   Security Considerations  . . . . . . . . . . . . . . . . . .  7
   11.   Acknowledgements . . . . . . . . . . . . . . . . . . . . . .  8
         References . . . . . . . . . . . . . . . . . . . . . . . . .  8
         Author's Address . . . . . . . . . . . . . . . . . . . . . .  9
         Full Copyright Statement . . . . . . . . . . . . . . . . . . 10























Mealling                 Expires August 9, 2001                 [Page 2]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


1. Introduction

   This document defines the policies and procedures for inserting
   NAPTR records into the 'URI.ARPA' and 'URN.ARPA' zones for the
   purpose of resolving URIs according to "URI Resolution using the
   Dynamic Delegation Discovery System" (RFCXXXX)[7], which is an
   Application that uses the DNS based DDDS Database defined in
   RFCYYYY[6]. The algorithm expressed by these Rules is specified in
   "Dynamic Delegation Discovery System (DDDS) (RFCZZZZ)[8].

2. URI Resolution vs URN Resolution

   RFCXXXX[7] defines how both URI[2] resolution and URN[1] resolution
   work when DNS is used as the delegation rule (or hint) database.
   Specifically it says that the initial instructions ('hints') for
   DNS-based resolution of URIs are stored as resource records in the
   'URI.ARPA' DNS zone.

   Since a URN is a kind of URI, a hint for resolution of the URI
   prefix 'urn:' will also be stored in the 'URI.ARPA' zone. This rule
   states that the namespace id[1] is extracted, 'URN.ARPA' is appended
   to the end of the namespace id, and the result is used as the key
   for retrieval of a subsequent NAPTR record[6].

3. Registration Policies

   The creation of a given URI scheme or URN namespace id (NID) follows
   the appropriate registration documents for those spaces. URI schemes
   follow "Registration Procedures for URL Scheme Names"  (RFC
   2717)[5]. URN namespace ids follow "URN Namespace Definition
   Mechanisms" (RFC 2611) (or updates thereto)[4].

3.1 URI.ARPA Registration

3.1.1 Only Schemes in the IETF Tree Allowed

   In order to be inserted into the URI.ARPA zone, the subsequent URI
   scheme MUST be registered under the IETF URI tree. The requirements
   for this tree are specified in [5].

3.1.2 Scheme Registration Takes Precedence

   The registration of a NAPTR record for a URI scheme MUST NOT precede
   proper registration of that scheme and publication of a stable
   specification in accordance with [5]. The IESG or its designated
   expert will review the request for
   1.  correctness and technical soundness
   2.  consistency with the published URI specification, and
   3.  to ensure that the NAPTR record for a DNS-based URI does not


Mealling                 Expires August 9, 2001                 [Page 3]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


       delegate resolution of the URI to a party other than the holder
       of the DNS name.  This last rule is to insure that a given URI's
       resolution hint doesn't hijack (inadvertently or otherwise)
       network traffic for a given domain.

3.1.3 NAPTR Registration May Accompany Scheme Registration

   A request for a URI.ARPA registration MAY accompany a request for a
   URI scheme (in accordance with [5]), in which case both requests
   will be reviewed simultaneously by IESG or its designated experts.

3.1.4 Registration or Changes after Scheme Registration

   A request for a NAPTR record (or an request to change an existing
   NAPTR record) MAY be submitted after the URI prefix has been
   registered.   If the specification for the URI prefix is controlled
   by some other party than IETF, IESG will require approval from the
   owner/maintainer of that specification before the registration will
   be accepted. This is in addition to any technical review of the
   NAPTR registration done by IESG or its designated experts.

3.2 URN.ARPA Registration

3.2.1 NID Registration Takes Precedence

   The registration of a NAPTR record for a URN NID MUST NOT precede
   proper registration of that NID and publication of a stable
   specification in accordance with [4]. This is to prevent the
   registration of a NAPTR record in URN.ARPA from circumventing the
   NID registration process.

3.2.2 NAPTR Registration May Accompany NID Registration

   A request for a URN.ARPA registration MAY accompany a request for a
   NID (in accordance with [4]), in which case both requests will be
   reviewed at the same time.

3.2.3 Registration or Changes after Scheme Registration

   A request for a NAPTR record (or an request to change an existing
   NAPTR record) MAY be submitted after the NID has been registered.
   If the specification for the NID is controlled by some other party
   than IETF, IESG will require approval from the owner/maintainer of
   that specification before the registration will be accepted. This is
   in addition to any technical review of the NAPTR registration done
   by IESG or its designated experts.

   Note that this applies to all NAPTR records for a particular NID,
   even though a NAPTR record might affect only part of the URN space


Mealling                 Expires August 9, 2001                 [Page 4]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


   assigned to an NID

4. Requirements on hints

   Delegation of a namespace can happen in two ways. In the case of
   most URIs, the key being delegated to is hard-coded into the
   identifier itself (e.g. a hostname in an HTTP URL). The syntax of
   where this new key is located is predetermined by the syntax of the
   scheme. In other cases, the new key can be part of the hint itself.
   This is the functional equivalent of saying, "if this rule matches
   then this is always the key."

   In order to minimize the query load on the URI.ARPA and URN.ARPA
   zones, it is anticipated that the resource records in those zones
   will have extremely long "times to live" (TTLs), perhaps measured in
   years.

   Thus, for any URI prefix or URN namespace for which the resolution
   hints are likely to change, the actual rule should be stored in some
   other (less stable) DNS zone, and within URI.ARPA or URN.ARPA a
   stable NAPTR record should be used to delegate queries to that less
   stable zone.

   For example, the 'foo' URN namespace has flexible rules for how
   delegation takes place. Instead of putting those rules in the
   URN.ARPA zone, the entry instead punts those rules off to a
   nameserver that has a shorter time to live. The record in URN.ARPA
   would look like this:

          foo     IN NAPTR 100 10  ""  "" "" urn-resolver.foo.com.

   Thus, when the client starts out in the resolution process, the
   first step will be to query foo.URN.ARPA to find the above record,
   the second step is to begin asking 'urn-resolver.foo.com' for the
   NAPTR records that contain the resolution rules. The TTL at the root
   is very long. The TTL at the 'urn-resolver.foo.com' is much shorter.

   Conversely, the 'http' URL scheme adheres to a particular syntax
   that specifies that the host to ask is specified in the URL in
   question. Since this syntax does not change, that rule can be
   specified in the URI.ARPA zone. The record would look like this:

          http    IN NAPTR 100 100 "" ""  "/http:\\/\\/([^\\/:]+)/\\2/i" .

   Thus, the second step of resolution is to use the domain-name found
   in the URL as the next key in the cycle. If, for example, that NAPTR
   was terminal and contains some hostname in the replacement field,
   then the client could contact that host in order to ask questions
   about this particular URI.


Mealling                 Expires August 9, 2001                 [Page 5]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


5. Submission Procedure

   Using the MIME Content-Type registration  mechanism[3] as a model
   for a successful registration mechanism, the 'URI.ARPA' and
   'URN.ARPA' procedures consist of a request template submitted to an
   open mailing list made up of interested parties. If no objections
   are made within a two week period, a representative of the
   registration authority considers the submission to be accepted and
   enters that submission into the nameserver.

   o  Registrations for the 'URI.ARPA' zone are sent to
      'register@URI.ARPA'.
   o  Registrations for the 'URN.ARPA' zone are sent to
      'register@URN.ARPA'.

   The registration authority is the Internet Assigned Numbers
   Authority (IANA).

   Objections are restricted to those that point out impacts on the
   zone itself or to DNS in general. Objections to the URL scheme or to
   the URN namespace-id are not allowed, as these should be raised in
   their respective forums. The logical conclusion of this is that ANY
   sanctioned URL scheme or URN namespace MUST be allowed to be
   registered if it meets the requirements specified in this document
   as regards times to live and general impact to the DNS.

6. Registration Template

   The template to be sent to the appropriate list MUST contain the
   following values:

6.1 Key

   This is the URN NID or URL scheme, which is used as the domain
   portion of the DNS entry. It must be valid according to the
   procedures specified in the URN namespace-id assignment document and
   any future standards for registering new URL schemes.

6.2 Authority

   This is the individual or organization (entity) which has authority
   for registering the record. It must be an authority recognized as
   either the IESG or any authority defined in the URN NID[4] or URL
   scheme registration[5] documents.

6.3 Records

   The actual DNS records representing the rule set for the key. The
   required values are Preference, Order, Flags, Services, Regex, and


Mealling                 Expires August 9, 2001                 [Page 6]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


   Replacement as defined by RFCYYYY[6].

7. Example Template


      To: register@URN.ARPA
      From: joe@foo.com

      Key: foo
      Authority: Foo Technology, Inc as specified in RFCFOO
      Record: foo       IN NAPTR 100 100 "" "" "" urn.foo.com.

8. The URN Registration in the URI.ARPA zone

   Since this document discusses the URI.ARPA and URN.ARPA zones and
   the URN rule that exists in the URI.ARPA zone, it makes sense for
   the registration template for the URN URI rule to be specified here:


      To: register@URI.ARPA
      From: The IETF URN Working Group

      Key: urn
      Authority: RFC2141
      Record: urn       IN NAPTR 0 0 "" "" "/urn:([^:]+)/\\2/i" .

9. IANA Considerations

   This document describes a mechanism for registering representations
   of protocol items that have already been registered with some IETF
   sanctioned agency (probably the IANA as well). This means that the
   IANA need not determine appropriateness of the underlying
   namespaces, since that is determined by another process.

   The only real impact on the IANA will be
   o  to create and maintain (or designate some other entity to
      maintain) a primary nameserver for the URI.ARPA and URN.ARPA
      zones. From time to time the IANA may delegate or change
      delegation of operations at its discretion.
   o  to maintain the mailing lists "register@URI.ARPA" and
      "register@URN.ARPA" as the forum for discussions of submissions;
      and
   o  to act as the party that determines if all objections have been
      noted and accommodated.

10. Security Considerations

   The 'uri.arpa' and 'urn.arpa' zones will be a common point of attack
   both for Denial of Service and for spoofing entries in order to


Mealling                 Expires August 9, 2001                 [Page 7]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


   redirect delegation paths.  Any entity running nameservers that
   contain these zones should take appropriate action for securing an
   infrastructure level component of the Internet. When it becomes
   possible for a nameserver to reliably sign the records in its zone
   it should do so.

11. Acknowledgements

   The author would like to thank Ron Daniel who was originally
   co-author of these documents. Ron's original insite into the
   intricate nature of delegation rules made these procedures and the
   DDDS itself possible.

References

   [1]  Moats, R., "URN Syntax", RFC 2141, November 1998.

   [2]  Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
        Resource Identifiers (URI): Generic Syntax", RFC 2396, August
        1998.

   [3]  Freed, N., Klensin, J. and J. Postel, "Multipurpose Internet
        Mail Extensions (MIME) Part Four: Registration Procedures", RFC
        2048, November 1996.

   [4]  Faltstrom, P., Iannella, R., Daigle, L. and D. van Gulik, "URN
        Namespace Definition Mechanisms", RFC 2611, October 1998.

   [5]  Petke, R. and I. King, "Registration Procedures for URL Scheme
        Names", RFC 2717, January 1999.

   [6]  Mealling, M., "A DDDS Database Using The Domain Name System",
        Internet-Draft draft-ietf-urn-dns-ddds-database-00.txt, May
        2000.

   [7]  Mealling, M., "URI Resolution using the Dynamic Delegation
        Discovery System", Internet-Draft
        draft-ietf-urn-uri-res-ddds-00.txt, July 2000.

   [8]  Mealling, M., "Dynamic Delegation Discovery System (DDDS)",
        Internet-Draft draft-ietf-urn-ddds-00.txt, May 2000.










Mealling                 Expires August 9, 2001                 [Page 8]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


Author's Address

   Michael Mealling
   Verisign
   505 Huntmar Park Drive
   Herndon, VA  22070
   US

   Phone: (770) 721-2251
   EMail: michaelm@netsol.com









































Mealling                 Expires August 9, 2001                 [Page 9]


Internet-Draft      URI.ARPA Registration Procedures       February 2001


Full Copyright Statement

   Copyright (C) The Internet Society (2001). All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implmentation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph
   are included on all such copies and derivative works. However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

   Funding for the RFC editor function is currently provided by the
   Internet Society.



















Mealling                 Expires August 9, 2001                [Page 10]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/