DNSEXT Working Group Levon Esibov INTERNET-DRAFT Bernard Aboba Category: Standards Track Dave Thaler
<draft-ietf-dnsext-mdns-00.txt><draft-ietf-dnsext-mdns-01.txt> Microsoft November 16, 20006 July 2001 Multicast DNS This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (2000).(2001). All Rights Reserved. Abstract Today, with the rise of home networking, there are an increasing number of smallad-hoc networks operating without a DNS server. In order to allow DNS name resolution in such environments, the use of a multicast DNS is proposed. Table of Contents 1. Introduction .......................................... 3 2. Name resolution using multicast DNS ................... 3 2.1 Behavior of the sender and responder ............ 3 3. Usage model ........................................... 4 4. Sequence of events .................................... 8 5. Conflict resolution ................................... 8 5.1 Considerations for multiple interfaces .......... 10 6. IANA considerations ................................... 11 7. ARPA domain considerations ............................ 11 8. References ............................................ 12 9. Security considerations ............................... 13 ACKNOWLEDGMENTS .............................................. 13 AUTHORS' ADDRESSES ........................................... 14 Intellectual Property Statement .............................. 14 Full Copyright Statement ..................................... 15 1. Introduction Multicast DNS enables DNS name resolution in the scenarios when conventional DNS name resolution is not possible. Namely, when there are no DNS servers available on the network or available DNS servers do not provide name resolution for the names of the hosts on the local network. The latter case, for example, corresponds to a scenario when a homenetwork that doesn't have a DNS server is connected to the Internet through an ISP and the homenetwork hosts are configured with the ISP's DNS server for the name resolution. The ISP's DNS server provides the name resolution for the names registered on the Internet, but doesn't provide name resolution for the names of the hosts on the homenetwork. This document discusses multicast DNS, an extension to the DNS protocol which consists of a single change to the method of use, and no change to the format of DNS packets. Discovery of the servicesService discovery in general as well as discovery of theDNS servers using mDNS in particular using multicast DNSis leftoutside of the scope of this document. Namedocument, as is name resolution over non-multicast capable media is left outside of the scope of this document.media. In this document, the key words "MAY", "MUST, "MUST NOT", "optional", "recommended", "SHOULD", and "SHOULD NOT", are to be interpreted as described in . 2. Name resolution using Multicast DNS This extension to the DNS protocol consists of a single change to the method of use, and no change whatsoeverto the current format of DNS packets. Namely, this extension allows multicast DNS queries to be sent to and received on port 5353. The messages are sent using the LINKLOCAL addresses  for IPv4 and IPv6 (below in this textreferred as the LINKLOCAL address), which are yet to be assigned by IANA. LINKLOCAL addresses are used to prevent propagation of themulticast DNS traffic across routers, potentially flooding the routers that may cause network flooding.network. Propagation of themulticast DNS packets within the boundarieslocal subnet is considered sufficient to enable DNS name resolution, since the expectationresolution in small adhoc networks. The assumption is that if a network has a router, then thisthe network either has a DNS server or the router can function as a mini-DHCP server, as described in , and aDNS proxy, possibly implementing dynamic DNS. Thus thereIn the future, mDNS may be defined to support greater than LINKLOCAL multicast scope. This would occur if LINKLOCAL mDNS deployment is successful, the assumption that mDNS is not expected toneeded in multiple subnets proves incorrect, and multicast routing becomes ubiquitous. For example, it is not clear that this assumption will be a need for usevalid in large adhoc networking scenarios. Once we have experience in mDNS deployment in terms of administrative issues, usability and impact on the network it will be possible reevaluate which multicast DNS in networksscopes are appropriate for use with multiple segments. 2.1mDNS. 2.1. Behavior of the sender and responder For the purpose of this document a devicehost that sends a multicast query is called a "sender", while a devicehost that listens to (but not necessarily responds to) a multicast query is called "responder". A devicehost configured to be a "responder" may also be a "sender". A devicehost configured to not be a "responder" cannot be a "sender". 2.1.1. Behavior of senders A sender sends multicast DNS query for any legal Type of resource record (e.g. A, PTR, etcà)etc.) for a name within the ".local.arpa." domain to the LINKLOCAL address. The RD (Recursion Desired) bit MUST NOT be set. If a responder receives a query with the header containing RD set bit, the responder MUST ignore the RD bit. If the multicast query is not positively resolved ("positively resolved" refers in this document to thea response with the RCODE set to 0) during a limited amount of time, then a sender MAY repeat the transmission of a query in order to assure themselves that the query has been received by a host capable of responding to the query. Repetition MUST NOT be attempted more than 5 times,3 times and the repetitionSHOULD NOT be repeated more often than once per 0.1 secondssecond to reduce theunnecessary network traffic. Retry intervals SHOULDThe delay between attempts should be exponentially increased.randomised so as to avoid synchronisation effects. 2.1.2. Behavior of responders A responder listens on port 53 on the LINKLOCAL address. Responders MUST respond to multicast queries to those and only those names for which they are authoritative. As an example, computer "host.example.com.local.arpa." is authoritative for the domain "host.example.com.local.arpa.". When such host receivesOn receiving a multicast DNS query for anA record query for the name "host.example.com.local.arpa." itsuch a host responds with anA record(s) that contains itscontain IP address(es) in the RDATA of the record. In conventional DNS terminology a DNS server authoritative for a zone is authoritative for all the domain names under the zone root except for the branches delegated into separate zones. Contrary to conventional DNS terminology, a responder is authoritative only for the zone root. For example the host "host.example.com.local.arpa." is not authoritative for the name "child.host.example.com.local.arpa." unless the host is configured with multiple names, including "host.example.com.local.arpa." and "child.host.example.com.local.arpa.". The purpose of such limitation oflimiting the name authority scope of a responder is to prevent complicationcomplications that could be caused by coexistence of two or more deviceshosts with the names representing child and parent (or grandparents)grandparent) nodes in the DNS tree, for example, "host.example.com.local.arpa." and "child.host.example.com.local.arpa.". In this example (unless this limitation is introduced) thea multicast query for an A record for the name "child.host.example.com.local.arpa." would causeresult in two authoritative responses: name error received from "host.example.com.local.arpa.", and a requested A record - from "child.host.example.com.local.arpa.". To prevent suchthis ambiguity, we could propose to implementmulticast enabled devices tohosts could perform a dynamic update of the parent (or grandparent) zone with a delegation to a child zone, inzone. In this example a host "child.host.example.com.local.arpa." would send a dynamic update for the NS and glue A record to the"host.example.com.local.arpa.", but this approach significantly complicates implementation of themulticast DNS and would not be acceptable for alightweight devices. Thehosts. A response to thea multicast query is composed in exactly the same manner as in case ofa response to the unicast DNS query as specified in . Responders MUST never respond using cached data, and the AA (Authoritative Answer) bit MUST be set. The response is sent to the sender via unicast. If a TC (truncation) bit is set in the response, then the sender MAY use theA response if it containsto an mDNS query MUST have RCODE set to zero, since mDNS responders MUST NOT send error replies in response to mDNS queries. If a TC (truncation) bit is set in the response, then the sender MAY use the response if it contains all necessary information, or the sender MAY discard the response and resend the query over TCP or using EDNS0 with larger window using the unicast address of the responder. The RA (Recursion Available) bit in the header of the response MUST NOT be set. Even if the RA bit is set in the response header, the sender MUST ignore it. The2.1.3. mDNS addressing For IPv4 LINKLOCAL addressing, section 2.4 of  lays out the rules with respect to source address selection, TTL settings, and acceptable source/destination address combinations. IPv6 LINKLOCAL addressing is described in . mDNS queries and responses MUST obey the rules laid out in these documents. In composing an mDNS response, the responder MUST set the Hop Limit field in the IPv6 header and the TTL field in IPv4 header of all responses tothe multicast DNS queryresponse to 255. The sender MUST verify that the Hop Limit field in IPv6 header and TTL field in IPv4 header of each response to the multicast DNS query is set to 255. If it is not, then sender MUST ignore suchthe response. Implementation note: In the sockets API for IPv4, the IP_TTL and IP_MULTICAST_TTL socket options are used to specify the TTL of outgoing unicast and multicast packets. The IP_RECVTTL socket option is available on some platforms to receive the IPv4 TTL of received packets with recvmsg(). RFC 2292 specifies similar options for specifying and receiving the IPv6 Hop Limit. 2.1.4. Use of DNS TTL The responder should use a pre-configured TTL  value in the records returned in the multicast DNS query response. Due to the TTL minimalization necessary when caching an RRset, all TTLs in an RRset MUST be set to the same value. The responder includes inIn the additional and authority section of the response the responder includes the same records,records as a DNS server would insert in the response to the unicast DNS query. Sender2.1.5. No/multiple responses The sender MUST anticipate receiving no replies to some multicastedmulticast queries, in the event that no responders are available within the multicast scope, or in the event that no positive non-null responses exist tofor the transmitted query. If no positive response is received, a resolver treats it as a response that no records of the specified type and class for the specified name exist (NXRRSET), which SHOULD be cached for a period that SHOULD NOT exceed 5 seconds. Sender(NXRRSET). The sender MUST anticipate receiving multiple replies to the same multicastedmulticast query, in the event that several multicast DNS enabled computers receive the query and respond with valid answers. When this occurs, the responses MAY first be concatenated, and then treated in the same manner that multiple RRs received from the same DNS server would, ordinarily. 3. Usage model A devicehost configured to be aan mDNS "responder" mayMUST also be configured as a "sender". A device configured tohost not beconfigured as a "responder" cannotMUST NOT be a "sender". Multicast DNS usage is determined by the domain search configuration as well as by special treatment of the ".local.arpa." namespace. Any devicehost whose domain search configuration contains the ".local.arpa." domain is configured to behave as "responder". A device configured to be a "responder" may also be a "sender". A device cannot be configured to behave as one (i.e. sender or responder), but not another.The sender treats queries for ".local.arpa." as a special case. The domain search list can be configured manually or automatically via a DHCP option.option . A sender MUST NOT send a unicast query for names ending with the ".local.arpa." suffix except in the case when awhen: a. A sender repeats a query over TCP after it received a response to the previous multicast query with the TC bit setset, or unlessb. The sender's cache contains an NS resource record that enables the sender to send a query directly to the deviceshosts authoritative for the name in the query. It is not expected that a devicehost named "host.example.com." will be manually configured to have the additional name "host.example.com.local.arpa." when it is configured to use multicast DNS. Instead, a responder with a name "host.example.com." configured with ".local.arpa." suffix in its domain search configuration is authoritative for the name "host.example.com.local.arpa.". I.e.For example, when a responder with the name "host.example.com." receives an A type query for the name "host.example.com.local.arpa." it authoritatively responds to the query. If ".local.arpa" is not in the domain search list, then multicast DNS MUST NOT be used by a device.used. This implies that the devicehost will neither listen on the DNS LINKLOCAL multicast address, nor will it send queries to that address. An auto-configured host will typically have ".local.arpa" first in its search list so that it will be enabled to use mDNS.multicast DNS. Typically an enterprise host will not have ".local.arpa" in its search list at all so that it will not use mDNS.multicast DNS. The same device mayhost MAY use multicast DNS queries for the nameresolution of thenames ending with ".local.arpa.", and unicast DNS queries for nameresolution of all other names. When a DNS client is requested by auser or application to performrequests a name resolution ofDNS client to resolve a dot-terminated name that contains a ".local.arpa" suffix, athe query for such a name MUST be multicastedmulticast and suchthe name should notSHOULD NOT be concatenated with any suffix. If a DNS server is running on a device,host, the devicehost MUST NOT listen for themulticast DNS queries, to prevent a devicethe host from listening on port 53 and intercepting DNS queries directed to a DNS server. ABy default, a DNS server mayMUST NOT listen and respondto themulticast DNS queries. AFor a DNS server by default doesn't listen toserver, the multicast DNS queries. Presencepresence of the".local.arpa." in the domain search list doesn't affect the configuration on the DNS server.MUST NOT enable multicast DNS. 4. Sequence of events The sequence of events for usage ofmulticast DNS usage is as follows: 1. If a sender needs to resolve a query for a name "host.example.com.local.arpa", then it sends a multicast query to the LINKLOCAL multicast address. 2. A responder responds to this query only if it is authoritative for the domain name "host.example.com.local.arpa". The responder sends a response to the sender via unicast over UDP. 3. Upon the reception of the responseresponse, the sender verifies that the Hop Limit field in IPv6 header or TTL field in IPv4 header (depending on used protocol)the protocol used) of the response is set to 255. If it is,the destination address is a LINKLOCAL address, then the sender verifies use of a LINKLOCAL source address. If these conditions are met, then the sender uses and caches the returned response. If not, then the sender ignores the response and continues waiting for the response. 5. Name conflicts It is requiredConflict resolution There are some scenarios when multiple responders MAY respond to verify the uniqueness ofthe host DNS name when a host boots, when its name is changed, orsame query. There are other scenarios when it is configuredonly one responder may respond to use multicast DNS (sucha query. Resource records for which the latter queries are submitted are referred as whenUNIQUE throughout this document. The uniqueness of a resource record depends on a nature of the domain search option is changed to include ".local.arpa."). A gratuitousname resolutionin the query SHOULD be done to check for a name conflict. This is done by havingand type of the resolver sendquery. For example it is expected that: - multiple hosts may respond to a multicastquery for a SOASRV type record - multiple hosts may respond to a query for its own name (i.e.an A type record for thea cluster name it is authoritative for). If(assigned to multiple hosts in the query is not positively resolved thencluster) - only a single host assumes authoritymay respond to a query for the name. If thean A type record for a hostname. Every responder that responds to a multicast DNS query is positively resolved, thenand/or dynamic update request AND includes a UNIQUE record in the host shouldresponse: 1. MUST verify that there is no other host within the computer name specified in the RDATAscope of the SOA record in the answer section of the response is its own computer name. If the host verifies it, then it assumes authoritymulticast DNS query propagation that can return a DNS record for its name. If the host cannot matchthe returned computer name to its computersame name, thentype and class. 2. MUST NOT include a conflict has been detected. In order to resolve name conflict,UNIQUE resource record in the response without having verified its uniqueness. Where a host will changeis configured to respond to multicast DNS queries on more than one interface, the name. Ahost that has detected a name conflictMUST NOT use the name. This meansverify resource record uniqueness on each interface for each UNIQUE resource record that could be used on that interface. To accomplish this, the host MUST NOTmulticast a dynamic DNS update request as specified in RFC 2136  for each new UNIQUE resource record. Uniqueness verification is carried out when the host: - starts up or - is configured to respond to the multicast DNS queries for that name and MUST NOTon some interface or - is configured to respond to otherthe multicast DNS queries withusing additional UNIQUE DNS records. Below we describe the records that containdata to be specified in RDATAthe dynamic update request: Header section contains values according to [RFC 2136]. Zone section The zone name in conflict (for example, PTR record). Note that this name conflict detection mechanism doesn't preventthe zone section MUST be set to the name conflicts when previously separate networks are connected by a bridge. Name conflictof the UNIQUE record. The zone type in such situation is detected when a sender receives more than one response to its multicasted DNS query. Such sender sends using unicastthe first response that it receivedzone section MUST be set to all responders, exceptSOA. The zone class in the first one, that respondedzone section MUST be set to thisthe class of the UNIQUE record. Prerequisite section This section MUST contain a record set whose semantics are described in RFC 2136 , Section 2.4.3 "RRset Does Not Exist", requesting that RRs with the NAME and TYPE of the UNIQUE record do not exist. Update section This section MUST be left empty. Additional section This section is set according to RFC 2136. When a host that owns a UNIQUE record receives a dynamic update request that requests that the UNIQUE resource record set does not exist, the host MUST respond via unicast with the YXRRSET error, according to the rules described in Section 3 of RFC 2136 . After client receives an YXRRSET response to its dynamic update request that a UNIQUE resource record does not exist, the host MUST not use the UNIQUE resource record in responses to multicast queries and dynamic update requests. Note that this name conflict detection mechanism doesn't prevent name conflicts when previously partitioned segments are connected by a bridge. In such a situation, name conflicts are detected when a sender receives more than one response to its multicast DNS query. In this case, the sender sends the first response that it received to all responders that responded to this query except the first one, using unicast. A host that receives a query response forcontaining a query for it's own name,UNIQUE resource record that it owns, even if it didn't send such query, sendsa query, MUST verify that no other host within the multicast queryDNS scope is authoritative for the SOA record forsame name, using the name that it is authoritative for.dynamic DNS update request mechanism described above. Based on the responseresult, the host detects thewhether there is a name conflict and acts according to the description above. 6.acts as described above. 5.1. Considerations for Multiple Interfaces A multi-homed host may elect to configure multicast DNS on only one of its active interfaces. In many situations this will be adequate. However, should a host wish to configure multicast DNS on more than one of its active interfaces, there are some additional precautions it MUST take. Implementers who are not planning to support multicast DNS on multiple interfaces simultaneously may skip this section. A multi-homed host checks the uniqueness of UNIQUE records as described in Section 5. The situation is illustrated in figure 1 below: ---------- ---------- | | | | [A] [myhost] [myhost] Figure 1. LINKLOCAL name conflict In this situation, the multi-homed myhost will probe for, and defend, its host name on both interfaces. A conflict will be detected on one interface, but not the other, and as a result, the multi-homed myhost will not be able to respond with a host RR for "myhost". Since names are only unique per-link, hosts on different links could be using the same name. If an mDNS client sends requests over multiple interfaces, and receives replies from more than one, the result returned to the client is defined by the implementation. The situation is illustrated in figure 2 below. ---------- ---------- | | | | [A] [myhost] [A] Figure 2. Off-segment name conflict If host myhost is configured to use mDNS on both interfaces, it will send mDNS queries on both interfaces. When host myhost sends a query for the host RR for name "A" it will receive a response from hosts on both interfaces. Host myhost will then forward a response from the first responder to the second responder, who will attempt to verify the uniqueness of host RR for its name, but will not discover a conflict, since the conflicting host resides on a different subnet. Therefore it will continue using its name. This illustrates that the proposed name conflict resolution mechanism does not support resolution of conflicts between hosts on different subnets. This problem can also occur with unicast DNS when a multi-homed host is connected to two different networks with separated name spaces. It is not the intent of this document to address the issue of uniqueness of names within DNS. 6. IANA Considerations Authors will contact IANA to reserve LINKLOCAL IPv4 and IPv6 addresses. 7. ARPA domain considerations This document specifies the use of a new sub-domain of the "ARPA" domain. According to Section 2.1 of the ARPA Guidelines , this specification requires description and justification. The 'local.arpa' domain is used to distinguish a local namespace. This namespace differs from others in the following respects: - Name servers responding to requests for names in this domain have different rules concerning authority. As explained in Section 2.1, mDNS servers have limited scope of authority, not extending to sub-domains of domain they are authoritative for. - DNS servers SHOULD NOT forward queries for domain names in the local.arpa domain - if the server cannot answer the query from its own database, it should reply with a non-authoritative NXDOMAIN. - Hosts may derive their own names in this namespace, independent of centralized authorization and registration (as defined in section 3 and section 5). - There is no delegation or administrative structure to sub-domains of '.local.arpa'. How protocol objects are mapped into lookup keys: Names are associated with resources which can be requested according to the DNS protocol. However, recursive lookup is impossible. Further, mDNS specifies only the use of multicast to transmit these requests. 8. References  Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.  Meyer, D., "Administratively Scoped IP Multicast", BCP 23, RFC 2365, July 1998.  Aboba, B., "DHCP Domain Search Option", Internet draft (work in progress), draft-aboba-dhc-domsearch-02.txt, June 2001.  Mockapetris, P., "Domain Names - Implementation and Specification", RFC 1035, November 1987.  Mockapetris, P., "DOMAIN NAMES - CONCEPTS AND FACILITIES", RFC 1034, November, 1987.  Cheshire, S., Aboba, B., "Dynamic Configuration of IPv4 Link-Local Addresses", Internet draft (work in progress), draft-ietf-zeroconf- ipv4-linklocal-03.txt, June 2001.  Alvestrand, H. and T. Narten, "Guidelines for Writing an IANA Considerations Authors will contact IANA to reserve LINKLOCAL IPv4Section in RFCs", BCP 26, RFC 2434, October 1998.  Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.  Hinden, R., Deering, S., "IP Version 6 Addressing Architecture", RFC 2373, July 1998.  Information technology - Telecommunications and IPv6 addresses. 7.information exchange between systems - Local and metropolitan area networks - Specific Requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Std. 802.11-1997, 1997.  Vixie, P., Thomson, S., Rekhter, Y., Bound, J., "Dynamic Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April 1997.  Huston, G., "Management Guidelines & Operational Requirements for the Internet Infrastructure Domain ("ARPA")", Internet draft (work in progress), draft-iab-arpa-02.txt, May 2001. 9. Security Considerations This draft does not prescribe a means of securing the multicast DNS mechanism. It is possible that hosts will allocate conflicting names for a period of time, or that non-conforming hosts will attempt to deny service to other hosts by allocating the same name. Such attacks also allow nodes to receive packets destined for other nodes. The protocol reduces the exposure to such threats in the absence of authentication by ignoring multicast DNS query response packets received from off-link senders. TheIn all received responses, the Hop Limit field in IPv6 and the TTL field in IPv4 of all received packets isare verified to contain 255, the maximum legal value. BecauseSince routers decrement the Hop Limit on all packets they forward, received packets containing a Hop Limit of 255 must have originated from a neighbor. Packets destined for a LINKLOCAL address are verified to have been sent from a LINKLOCAL source address. These threats are most serious in wireless networks such as 802.11, since attackers on a wired network will require physical access to the home network, while wireless attackers may reside outside the home. In order to provide for privacy equivalentLink-layer security will serve to a wired network,secure mDNS against the 802.11 specification provides for RC4-based encryption. Thisabove threats if it is known as theavailable. For example, where 802.11 "Wired Equivalency Privacy" (WEP) specification. Where WEP is implemented, ana casual attacker will need to obtain the WEP key prioris likely to be deterred from gaining access to the home network. The mechanism specified in this draft does not require use of the DNSSEC, which means that the responses to the multicast DNS queries may not be authenticated. If a network contains a "signed key distribution center" for all (or at least some) of the DNS zones that the responders are authoritative for, then those deviceshosts on such a network are configured with the key for the top zone, "local.arpa." (hosted by "signed keys distribution center") and may use DNSSEC for theauthentication of the responders using DNSSEC. 8. AcknowledgementsAcknowledgments This work builds upon original work done on multicast DNS by Bill Manning and Bill Woodcock. The authors would likegratefully acknowledge their contribution to thankthe current specification. Constructive input has also been received from Mark Andrews, Stuart Cheshire, Michael Patton, Erik Guttman,Robert Elz, James Gilroy, Olafur Gudmundsson, Erik Guttman, Myron Hattig, Thomas Narten, Mark Andrews,Erik Nordmark, Myrong Hattig, Bill ManningSander Van-Valkenburg and James Gilroy for comments on this draft. 9.Tomohide Nagashima. Authors' Addresses Levon Esibov Microsoft Corporation One Microsoft Way Redmond, WA 98052 EMail: email@example.com Bernard Aboba Microsoft Corporation One Microsoft Way Redmond, WA 98052 Phone: +1 (425) 936-6605 EMail: firstname.lastname@example.org Dave Thaler Microsoft Corporation One Microsoft Way Redmond, WA 98052 Phone: +1 (425) 703-8835 EMail: email@example.com 10. References  Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.  Meyer, D., "Administratively Scoped IP Multicast", BCP 23, RFC 2365, July 1998.  Aboba, B., "The Mini-DHCP Server", Internet draft (work in progress), draft-aboba-dhc-mini-01.txt, April 2000.  Mockapetris, P., "Domain Names - Implementation and Specification", RFC 1035, November 1987.  Mockapetris, P., "DOMAIN NAMES - CONCEPTS AND FACILITIES", RFC 1034, November 1987. 11.Intellectual Property Statement The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards- related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 12.Full Copyright Statement Copyright (C) The Internet Society (2000).(2001). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." 13.Expiration Date This memo is filed as <draft-ietf-dnsext-mdns-00.txt>,<draft-ietf-dnsext-mdns-01.txt>, and expires May 16, 2001.January 15, 2002.