draft-ietf-dnsop-attrleaf-fix-03.txt   draft-ietf-dnsop-attrleaf-fix-04.txt 
dnsop D. Crocker dnsop D. Crocker
Internet-Draft Brandenburg InternetWorking Internet-Draft Brandenburg InternetWorking
Updates: 2782, 3263, 3404, 3529, 3620, July 21, 2018 Updates: 2782, 3263, 3404, 3529, 3620, August 21, 2018
3832, 3861, 3887, 3958, 4120, 3832, 3861, 3887, 3921, 3958,
4227, 4386, 4387, 4976, 5026, 4120, 4227, 4386, 4387, 4976,
5328, 5389, 5415, 5518, 5555, 5026, 5328, 5389, 5415, 5518,
5617, 5679, 5766, 5780, 5804, 5555, 5617, 5679, 5766, 5780,
5864, 5928, 6011, 6120, 6186, 5804, 5864, 5928, 6011, 6120,
6376, 6733, 7208, 7489 (if 6186, 6376, 6733, 7208, 7489,
approved) 8145 (if approved)
Intended status: Best Current Practice Intended status: Best Current Practice
Expires: January 22, 2019 Expires: February 22, 2019
DNS Attrleaf Changes: Fixing Specifications with Underscored Node Name DNS Attrleaf Changes: Fixing Specifications with Underscored Node Name
Use Use
draft-ietf-dnsop-attrleaf-fix-03 draft-ietf-dnsop-attrleaf-fix-04
Abstract Abstract
Original uses of an underscore character as a domain node name Original uses of an underscore character as a domain node name
prefix, which creates a space for constrained interpretation of prefix, which creates a space for constrained interpretation of
resource records, were specified without the benefit of an IANA resource records, were specified without the benefit of an IANA
registry. This produced an entirely uncoordinated set of name- registry. This produced an entirely uncoordinated set of name-
creation activities, all drawing from the same namespace. A registry creation activities, all drawing from the same namespace. A registry
now has been defined. However the existing specifications that use now has been defined. However the existing specifications that use
underscore naming need to be modified, to be in line with the new underscore naming need to be modified, to be in line with the new
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 22, 2019. This Internet-Draft will expire on February 22, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 30 skipping to change at page 2, line 30
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Underscored RRset Use in Specifications . . . . . . . . . . . 3 2. Underscored RRset Use in Specifications . . . . . . . . . . . 3
2.1. TXT RRset Use . . . . . . . . . . . . . . . . . . . . . . 3 2.1. TXT RRset Use . . . . . . . . . . . . . . . . . . . . . . 3
2.2. SRV RRset Use . . . . . . . . . . . . . . . . . . . . . . 4 2.2. SRV RRset Use . . . . . . . . . . . . . . . . . . . . . . 4
2.3. URI RRset Use . . . . . . . . . . . . . . . . . . . . . . 5 2.3. URI RRset Use . . . . . . . . . . . . . . . . . . . . . . 5
3. Underscored Template Specifications . . . . . . . . . . . . . 6 3. Underscored Template Specifications . . . . . . . . . . . . . 6
3.1. SRV Specification Changes . . . . . . . . . . . . . . . . 6 3.1. SRV Specification Changes . . . . . . . . . . . . . . . . 6
3.2. URI Specification Changes . . . . . . . . . . . . . . . . 7 3.2. URI Specification Changes . . . . . . . . . . . . . . . . 7
3.3. DNSSEC Signaling Specifiction Changes . . . . . . . . . . 9
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
5. Security Considerations . . . . . . . . . . . . . . . . . . . 9 5. Security Considerations . . . . . . . . . . . . . . . . . . . 10
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.1. Normative References . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . 10
6.2. References -- Informative . . . . . . . . . . . . . . . . 10 6.2. References -- Informative . . . . . . . . . . . . . . . . 10
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 12 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 13
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 13 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
Original uses of an underscore character as a domain node name Original uses of an underscore character as a domain node name
[RFC1035] prefix, which creates a space for constrained [RFC1035] prefix, which creates a space for constrained
interpretation of resource records, were specified without the interpretation of resource records, were specified without the
benefit of an [IANA-reg] registry. This produced an entirely benefit of an [IANA-reg] registry. This produced an entirely
uncoordinated set of name-creation activities, all drawing from the uncoordinated set of name-creation activities, all drawing from the
same namespace. A registry has been now defined, and that document same namespace. A registry has been now defined, and that document
discusses the background for underscored domain name use [Attrleaf]. discusses the background for underscored domain name use [Attrleaf].
skipping to change at page 9, line 24 skipping to change at page 9, line 24
For example, suppose we are looking for the URI for a service For example, suppose we are looking for the URI for a service
with ENUM Service Parameter "A:B:C" for host example.com. Then with ENUM Service Parameter "A:B:C" for host example.com. Then
we would query for we would query for
(QNAME,QTYPE)=("_C._B._A.example.com","URI"). (QNAME,QTYPE)=("_C._B._A.example.com","URI").
As another example, suppose we are looking for the URI for a As another example, suppose we are looking for the URI for a
service with Service Name "A" and Transport Protocol "B" for service with Service Name "A" and Transport Protocol "B" for
host example.com. Then we would query for host example.com. Then we would query for
(QNAME,QTYPE)=("_A._B.example.com","URI"). (QNAME,QTYPE)=("_A._B.example.com","URI").
3.3. DNSSEC Signaling Specifiction Changes
" Signaling Trust Anchor Knowledge in DNS Security Extensions
(DNSSEC)" [RFC8145] defines a use of DNS node names that effectively
consumes all names beginning with the string "_ta-", when using the
NUL RR in the query.
Section 5.1, "Query Format", of the specification is changed as
follows:
OLD:
For example, a validating DNS resolver ... QNAME=_ta-4444.
NEW:
For example, a validating DNS resolver ... QNAME=_ta-4444.
Under the NULL RR, an entry is registered in the IANA DNS
Underscore Global Scoped Entry Registry [Attrleaf] for all node
names beginning with "_ta-".
4. IANA Considerations 4. IANA Considerations
Although this document makes reference to IANA registries, it Although this document makes reference to IANA registries, it
introduces no new IANA registries or procedures. introduces no new IANA registries or procedures.
5. Security Considerations 5. Security Considerations
This memo raises no security issues. This memo raises no security issues.
6. References 6. References
skipping to change at page 10, line 9 skipping to change at page 10, line 31
[RFC6335] Cotton, M., Eggert, L., Tpuch, J., Westerlund, M., and S. [RFC6335] Cotton, M., Eggert, L., Tpuch, J., Westerlund, M., and S.
Cheshire, "Internet Assigned Numbers Authority (IANA) Cheshire, "Internet Assigned Numbers Authority (IANA)
Procedures for the Management of the Service Name and Procedures for the Management of the Service Name and
Transport Protocol Port Number Registry", RFC 6335, Aug Transport Protocol Port Number Registry", RFC 6335, Aug
2011. 2011.
[RFC7553] Falstrom, P. and O. Kolkman, "The Uniform Resource [RFC7553] Falstrom, P. and O. Kolkman, "The Uniform Resource
Identifier (URI) DNS Resource Record", RFC 7553, Identifier (URI) DNS Resource Record", RFC 7553,
ISSN 2070-1721, June 2015. ISSN 2070-1721, June 2015.
[RFC8145] Wessels, D., Kumari, W., and P. Hoffman, "Signaling Trust
Anchor Knowledge in DNS Security Extensions (DNSSEC)",
RFC 8145, April 2017.
6.2. References -- Informative 6.2. References -- Informative
[IANA-reg] [IANA-reg]
"Protocol Registries", URL https://www.iana.org/protocols, "Protocol Registries", URL https://www.iana.org/protocols,
2018. 2018.
[RFC1035] Mockapetris, P., "Domain names - implementation and [RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987. specification", STD 13, RFC 1035, November 1987.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
skipping to change at page 10, line 50 skipping to change at page 11, line 30
Microsystems, IBM, and IBM, "Remote Service Discovery in Microsystems, IBM, and IBM, "Remote Service Discovery in
the Service Location Protocol (SLP) via DNS SRV", the Service Location Protocol (SLP) via DNS SRV",
RFC 3832, July 2004. RFC 3832, July 2004.
[RFC3861] Peterson, J., "Address Resolution for Instant Messaging [RFC3861] Peterson, J., "Address Resolution for Instant Messaging
and Presence", RFC 3861, August 2004. and Presence", RFC 3861, August 2004.
[RFC3887] "Message Tracking Query Protocol", RFC 3887, September [RFC3887] "Message Tracking Query Protocol", RFC 3887, September
2007. 2007.
[RFC3921] Saint-Andre, P., Ed., "Extensible Messaging and Presence
Protocol (XMPP): Instant Messaging and Presence",
RFC 3921, DOI 10.17487/RFC3921, October 2004,
<https://www.rfc-editor.org/info/rfc3921>.
[RFC3958] Daigle, L. and A. Newton, "Domain-Based Application [RFC3958] Daigle, L. and A. Newton, "Domain-Based Application
Service Location Using SRV RRs and the Dynamic Delegation Service Location Using SRV RRs and the Dynamic Delegation
Discovery Service (DDDS)", RFC 3958, January 2005. Discovery Service (DDDS)", RFC 3958, January 2005.
[RFC4120] USC-ISI, MIT, MIT, and MIT, "The Kerberos Network [RFC4120] USC-ISI, MIT, MIT, and MIT, "The Kerberos Network
Authentication Service (V5)", RFC 4120, July 2005. Authentication Service (V5)", RFC 4120, July 2005.
[RFC4227] O'Tuathail, E. and M. Rose, "Using the Simple Object [RFC4227] O'Tuathail, E. and M. Rose, "Using the Simple Object
Access Protocol (SOAP) in Blocks Extensible Exchange Access Protocol (SOAP) in Blocks Extensible Exchange
Protocol (BEEP)", RFC 4227, January 2006. Protocol (BEEP)", RFC 4227, January 2006.
skipping to change at page 11, line 26 skipping to change at page 12, line 11
[RFC4387] Gutmann, P., Ed., "Internet X.509 Public Key [RFC4387] Gutmann, P., Ed., "Internet X.509 Public Key
Infrastructure Operational Protocols: Certificate Store Infrastructure Operational Protocols: Certificate Store
Access via HTTP", RFC 4387, February 2006. Access via HTTP", RFC 4387, February 2006.
[RFC4976] Jennings, C., Mahy, R., and Roach, "Relay Extensions for [RFC4976] Jennings, C., Mahy, R., and Roach, "Relay Extensions for
the Message Session Relay Protocol (MSRP)", RFC 4976, the Message Session Relay Protocol (MSRP)", RFC 4976,
September 2007. September 2007.
[RFC5026] Giaretta, G., Ed., Kempf, J., and V. Devarapalli, Ed., [RFC5026] Giaretta, G., Ed., Kempf, J., and V. Devarapalli, Ed.,
"Mobile IPv6 Bootstrapping in Split Scenario", RFC 5026, "Mobile IPv6 Bootstrapping in Split Scenario", RFC 5026,
October 2007. DOI 10.17487/RFC5026, October 2007,
<https://www.rfc-editor.org/info/rfc5026>.
[RFC5328] Adolf, A. and P. MacAvock, "A Uniform Resource Name (URN) [RFC5328] Adolf, A. and P. MacAvock, "A Uniform Resource Name (URN)
Namespace for the Digital Video Broadcasting Project Namespace for the Digital Video Broadcasting Project
(DVB)", RFC 5328, September 2008. (DVB)", RFC 5328, September 2008.
[RFC5389] Rosenberg, Mahy, Matthews, and Wing, "Session Traversal [RFC5389] Rosenberg, Mahy, Matthews, and Wing, "Session Traversal
Utilities for NAT (STUN)", RFC 5389, October 2008. Utilities for NAT (STUN)", RFC 5389, October 2008.
[RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, [RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley,
Ed., "Control And Provisioning of Wireless Access Points Ed., "Control And Provisioning of Wireless Access Points
(CAPWAP) Protocol Specification", RFC 5415, March 2009. (CAPWAP) Protocol Specification", RFC 5415, March 2009.
[RFC5509] Loreto, S., "Internet Assigned Numbers Authority (IANA)
Registration of Instant Messaging and Presence DNS SRV RRs
for the Session Initiation Protocol (SIP)", RFC 5509,
DOI 10.17487/RFC5509, April 2009,
<https://www.rfc-editor.org/info/rfc5509>.
[RFC5518] Hoffman, P., Levine, J., and A. Hathcock, "Vouch By [RFC5518] Hoffman, P., Levine, J., and A. Hathcock, "Vouch By
Reference", RFC 5518, April 2009. Reference", RFC 5518, April 2009.
[RFC5555] Soliman, H., Ed., "Mobile IPv6 Support for Dual Stack [RFC5555] Soliman, H., Ed., "Mobile IPv6 Support for Dual Stack
Hosts and Routers", RFC 5555, June 2009. Hosts and Routers", RFC 5555, June 2009.
[RFC5617] Sendmail, Inc., Cisco Systems, Inc., Yahoo! Inc., and [RFC5617] Sendmail, Inc., Cisco Systems, Inc., Yahoo! Inc., and
Taughannock Networks, "DomainKeys Identified Mail (DKIM) Taughannock Networks, "DomainKeys Identified Mail (DKIM)
Author Domain Signing Practices (ADSP)", RFC 5617, August Author Domain Signing Practices (ADSP)", RFC 5617, August
2009. 2009.
skipping to change at page 12, line 35 skipping to change at page 13, line 27
[RFC6120] Saint-Andre, P., "Extensible Messaging and Presence [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence
Protocol (XMPP): Core", RFC 6120, March 2011. Protocol (XMPP): Core", RFC 6120, March 2011.
[RFC6186] Daboo, C., "Use of SRV Records for Locating Email [RFC6186] Daboo, C., "Use of SRV Records for Locating Email
Submission/Access Services", RFC 6186, March 2011. Submission/Access Services", RFC 6186, March 2011.
[RFC6376] Crocker, D., Hansen, T., and M. Kucherawy, "DomainKeys [RFC6376] Crocker, D., Hansen, T., and M. Kucherawy, "DomainKeys
Identified Mail (DKIM) Signatures", RFC 6376, Sept 2011. Identified Mail (DKIM) Signatures", RFC 6376, Sept 2011.
[RFC6733] Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, [RFC6733] Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn,
"Diameter Base Protocol", RFC 6733, October 2012. Ed., "Diameter Base Protocol", RFC 6733,
DOI 10.17487/RFC6733, October 2012,
<https://www.rfc-editor.org/info/rfc6733>.
[RFC7208] Kitterman, S., "Sender Policy Framework (SPF) for [RFC7208] Kitterman, S., "Sender Policy Framework (SPF) for
Authorizing Use of Domains in E-Mail, Version 1", Authorizing Use of Domains in E-Mail, Version 1",
RFC 7208, April 2014. RFC 7208, April 2014.
[RFC7489] Kucherawy, M., Ed. and E. Zwicky, Ed., "Domain-based [RFC7489] Kucherawy, M., Ed. and E. Zwicky, Ed., "Domain-based
Message Authentication, Reporting, and Conformance Message Authentication, Reporting, and Conformance
(DMARC)", RFC 7489, March 2015. (DMARC)", RFC 7489, March 2015.
[RFC7671] Dukhovni, V. and W. Hardaker, "The DNS-Based
Authentication of Named Entities (DANE) Protocol: Updates
and Operational Guidance", RFC 7671, DOI 10.17487/RFC7671,
October 2015, <https://www.rfc-editor.org/info/rfc7671>.
Appendix A. Acknowledgements Appendix A. Acknowledgements
Thanks go to Bill Fenner, Dick Franks, Tony Hansen, Peter Koch, Olaf Thanks go to Bill Fenner, Dick Franks, Tony Hansen, Peter Koch, Olaf
Kolkman, and Andrew Sullivan for diligent review of the (much) Kolkman, and Andrew Sullivan for diligent review of the (much)
earlier drafts. For the later enhancements, thanks to: Tim Wicinski, earlier drafts. For the later enhancements, thanks to: Tim Wicinski,
John Levine, Bob Harold, Joel Jaeggli, Ond&#345;ej Sury and Paul John Levine, Bob Harold, Joel Jaeggli, Ond&#345;ej Sury and Paul
Wouters. Wouters.
Special thanks to Ray Bellis for his persistent encouragement to Special thanks to Ray Bellis for his persistent encouragement to
continue this effort, as well as the suggestion for an essential continue this effort, as well as the suggestion for an essential
 End of changes. 14 change blocks. 
19 lines changed or deleted 65 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/