draft-ietf-dnssec-ddi-03.txt   draft-ietf-dnssec-ddi-04.txt 
INTERNET-DRAFT Donald E. Eastlake 3rd INTERNET-DRAFT Donald E. Eastlake 3rd
CyberCash, Inc. CyberCash, Inc.
Expires July 1998 January 1998 Expires July 23, 1998 January 24, 1998
Detached Domain Name System (DNS) Information Detached Domain Name System (DNS) Information
-------- ------ ---- ------ ----- ----------- -------- ------ ---- ------ ----- -----------
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Status of This Document Status of This Document
This draft, file name draft-ietf-dnssec-ddi-03.txt, is intended to be This draft, file name draft-ietf-dnssec-ddi-04.txt, is intended to be
become a Proposed Standard RFC. Distribution of this document is become a Proposed Standard RFC. Distribution of this document is
unlimited. Comments should be sent to the DNS Security Working Group unlimited. Comments should be sent to the DNS Security Working Group
mailing list <dns-security@tis.com> or to the author. mailing list <dns-security@tis.com> or to the author.
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
skipping to change at page 3, line 19 skipping to change at page 3, line 19
service. It provides the operational basis for Internet host name to service. It provides the operational basis for Internet host name to
address translation, automatic SMTP mail routing, and other basic address translation, automatic SMTP mail routing, and other basic
Internet functions. The DNS has recently been extended as described Internet functions. The DNS has recently been extended as described
in [RFC 2065] to permit the general storage of public cryptographic in [RFC 2065] to permit the general storage of public cryptographic
keys in the DNS and to enable the authentication of information keys in the DNS and to enable the authentication of information
retrieved from the DNS though digital signatures. retrieved from the DNS though digital signatures.
The DNS was not originally designed for storage of information The DNS was not originally designed for storage of information
outside of the active zones and authoritative master files that are outside of the active zones and authoritative master files that are
part of the connected DNS. However there may be cases where this is part of the connected DNS. However there may be cases where this is
useful, particularly in connection with security information. useful, particularly in connection with archived security
information.
2. General Format 2. General Format
The formats used for detached Domain Name System (DNS) information The formats used for detached Domain Name System (DNS) information
are similar to those used for connected DNS information. The primary are similar to those used for connected DNS information. The primary
difference is that elements of the connected DNS system (unless they difference is that elements of the connected DNS system (unless they
are an authoritative server for the zone containing the information) are an authoritative server for the zone containing the information)
are required to count down the Time To Live (TTL) associated with are required to count down the Time To Live (TTL) associated with
each DNS Resource Record (RR) and discard them (possibly fetching a each DNS Resource Record (RR) and discard them (possibly fetching a
fresh copy) when the TTL reaches zero. In contrast to this, detached fresh copy) when the TTL reaches zero. In contrast to this, detached
skipping to change at page 5, line 22 skipping to change at page 5, line 22
/ / / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
| next retrieval time | | next retrieval time |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RR count | | | RR count | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Resource Records (RRs) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Resource Records (RRs) |
/ / / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ ... / / ... /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| hex 80 | | hex 20 |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Retrieval time - the time that the immediately following information Retrieval time - the time that the immediately following information
was obtained from the connected DNS system. It is an unsigned was obtained from the connected DNS system. It is an unsigned
number of seconds since the start of 1 January 1970, GMT, ignoring number of seconds since the start of 1 January 1970, GMT, ignoring
leap seconds, in network (big-endian) order. Note that this time leap seconds, in network (big-endian) order. Note that this time
can not be before the initial proposal of this standard. can not be before the initial proposal of this standard.
Therefore, the initial byte of an actual retrieval time, Therefore, the initial byte of an actual retrieval time,
considered as an unsigned quantity, will be larger than 80 hex. considered as an unsigned quantity, will be larger than 20 hex.
The end of detached DNS information is indicated by a "retrieval The end of detached DNS information is indicated by a "retrieval
time" field initial byte equal to 80 hex. Use of a "retrieval time" field initial byte equal to 20 hex. Use of a "retrieval
time" field with a leading zero bit in binary detached DNS time" field with a leading unsigned byte less than 20 in binary
information is reserved for future use. It may indicate a detached DNS information is reserved for future use. It may
different format. Retrieval times will not generally be 32 bit indicate a different format. The present format will run out of
aligned with respect to each other due to the variable length bits during the year 2106. Retrieval times will not generally be
nature of RRs. 32 bit aligned with respect to each other due to the variable
length nature of RRs.
RR count - an unsigned integer number (with bytes in network order) RR count - an unsigned integer number (with bytes in network order)
of following resource records retrieved at the preceding retrieval of following resource records retrieved at the preceding retrieval
time. time.
Resource Records - the actual data which is in the same format as if Resource Records - the actual data which is in the same format as if
it were being transmitted in a DNS response. In particular, name it were being transmitted in a DNS response. In particular, name
compression via pointers is permitted with the origin at the compression via pointers is permitted with the origin at the
beginning of the particular detached information data section, beginning of the particular detached information data section,
just after the RR count. just after the RR count.
skipping to change at page 8, line 26 skipping to change at page 8, line 26
Author's Address Author's Address
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
CyberCash, Inc. CyberCash, Inc.
318 Acton Street 318 Acton Street
Carlisle, MA 01741 USA Carlisle, MA 01741 USA
Telephone: +1 978 287 4877 Telephone: +1 978 287 4877
+1 703 620 4200 (main office, Reston, Virginia) +1 703 620 4200 (main office, Reston, Virginia)
Fax: +1 978 371 7148 Fax: +1 978 371 7148
EMail: dee@cybercash.com email: dee@cybercash.com
Expiration and File Name Expiration and File Name
This draft expires July 1998. This draft expires July 23, 1998.
Its file name is draft-ietf-dnssec-ddi-03.txt. Its file name is draft-ietf-dnssec-ddi-04.txt.
 End of changes. 9 change blocks. 
13 lines changed or deleted 15 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/