draft-ietf-dnssec-ddi-04.txt   draft-ietf-dnssec-ddi-05.txt 
INTERNET-DRAFT Donald E. Eastlake 3rd INTERNET-DRAFT Donald E. Eastlake 3rd
CyberCash, Inc. CyberCash, Inc.
Expires July 23, 1998 January 24, 1998
Detached Domain Name System (DNS) Information Detached Domain Name System (DNS) Information
-------- ------ ---- ------ ----- ----------- -------- ------ ---- ------ ----- -----------
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Status of This Document Status of This Document
This draft, file name draft-ietf-dnssec-ddi-04.txt, is intended to be This draft, file name draft-ietf-dnssec-ddi-05.txt, is intended to be
become a Proposed Standard RFC. Distribution of this document is become a Proposed Standard RFC. Distribution of this document is
unlimited. Comments should be sent to the DNS Security Working Group unlimited. Comments should be sent to the DNS Security Working Group
mailing list <dns-security@tis.com> or to the author. mailing list <dns-security@tis.com> or to the author.
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months. Internet-Drafts may be updated, replaced, or obsoleted by months. Internet-Drafts may be updated, replaced, or obsoleted by
other documents at any time. It is not appropriate to use Internet- other documents at any time. It is not appropriate to use Internet-
Drafts as reference material or to cite them other than as a Drafts as reference material or to cite them other than as a
``working draft'' or ``work in progress.'' ``working draft'' or ``work in progress.''
To learn the current status of any Internet-Draft, please check the To learn the current status of any Internet-Draft, please check the
1id-abstracts.txt listing contained in the Internet-Drafts Shadow 1id-abstracts.txt listing contained in the Internet-Drafts Shadow
Directories on ds.internic.net (East USA), ftp.isi.edu (West USA), Directories on ds.internic.net (East USA), ftp.isi.edu (West USA),
nic.nordu.net (North Europe), ftp.nis.garr.it (South Europe), ftp.nordu.net (North Europe), ftp.nis.garr.it (South Europe),
munnari.oz.au (Pacific Rim), or ftp.is.co.za (Africa). munnari.oz.au (Pacific Rim), or ftp.is.co.za (Africa).
Abstract Abstract
A standard format is defined for representing detached DNS A standard format is defined for representing detached DNS
information. This is anticipated to be of use for storing information. This is anticipated to be of use for storing
information retrieved from the Domain Name System (DNS), including information retrieved from the Domain Name System (DNS), including
security information, in archival contexts or contexts not connected security information, in archival contexts or contexts not connected
to the Internet. to the Internet.
skipping to change at page 3, line 11 skipping to change at page 3, line 11
References.................................................8 References.................................................8
Author's Address...........................................8 Author's Address...........................................8
Expiration and File Name...................................8 Expiration and File Name...................................8
1. Introduction 1. Introduction
The Domain Name System (DNS) is a replicated hierarchical distributed The Domain Name System (DNS) is a replicated hierarchical distributed
database system [RFC 1034, 1035] that can provide highly available database system [RFC 1034, 1035] that can provide highly available
service. It provides the operational basis for Internet host name to service. It provides the operational basis for Internet host name to
address translation, automatic SMTP mail routing, and other basic address translation, automatic SMTP mail routing, and other basic
Internet functions. The DNS has recently been extended as described Internet functions. The DNS has been extended as described in
in [RFC 2065] to permit the general storage of public cryptographic [draft-ietf-dnssec-secext2-*.txt] to permit the general storage of
keys in the DNS and to enable the authentication of information public cryptographic keys in the DNS and to enable the authentication
retrieved from the DNS though digital signatures. of information retrieved from the DNS though digital signatures.
The DNS was not originally designed for storage of information The DNS was not originally designed for storage of information
outside of the active zones and authoritative master files that are outside of the active zones and authoritative master files that are
part of the connected DNS. However there may be cases where this is part of the connected DNS. However there may be cases where this is
useful, particularly in connection with archived security useful, particularly in connection with archived security
information. information.
2. General Format 2. General Format
The formats used for detached Domain Name System (DNS) information The formats used for detached Domain Name System (DNS) information
skipping to change at page 7, line 24 skipping to change at page 7, line 24
these KEY RRs will actually be sets of KEY RRs with the same owner these KEY RRs will actually be sets of KEY RRs with the same owner
and class because SIGs actually sign such record sets.) and class because SIGs actually sign such record sets.)
This information could be preserved as a set of detached DNS This information could be preserved as a set of detached DNS
information blocks. information blocks.
4. Security Considerations 4. Security Considerations
The entirety of this document concerns a means to represent detached The entirety of this document concerns a means to represent detached
DNS information. Such detached resource records may be security DNS information. Such detached resource records may be security
relevant and/or secured information as described in RFC 2065. The relevant and/or secured information as described in [draft-ietf-
detached format provides no overall security for sets of detached dnssec-secext2-*.txt]. The detached format provides no overall
information or for the association between retrieval time and security for sets of detached information or for the association
information. This can be provided by wrapping the detached between retrieval time and information. This can be provided by
information format with some other form of signature. However, if wrapping the detached information format with some other form of
the detached information is accompanied by SIG RRs, its validity signature. However, if the detached information is accompanied by
period is indicated in those SIG RRs so the retrieval time might be SIG RRs, its validity period is indicated in those SIG RRs so the
of secondary importance. retrieval time might be of secondary importance.
References References
[RFC 1034] - Domain Names - Concepts and Facilities, P. Mockapetris, [RFC 1034] - Domain Names - Concepts and Facilities, P. Mockapetris,
November 1987. November 1987.
[RFC 1035] - Domain Names - Implementation and Specifications, P. [RFC 1035] - Domain Names - Implementation and Specifications, P.
Mockapetris, November 1987. Mockapetris, November 1987.
[RFC 2065] - Domain Name System Security Extensions, D. Eastlake, C. [draft-ietf-dnssec-secext2-*.txt] - Domain Name System Security
Kaufman, January 1997. Extensions, D. Eastlake.
Author's Address Author's Address
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
CyberCash, Inc. CyberCash, Inc.
318 Acton Street 318 Acton Street
Carlisle, MA 01741 USA Carlisle, MA 01741 USA
Telephone: +1 978 287 4877 Telephone: +1 978 287 4877
+1 703 620 4200 (main office, Reston, Virginia) +1 703 620 4200 (main office, Reston, Virginia)
Fax: +1 978 371 7148 Fax: +1 978 371 7148
email: dee@cybercash.com email: dee@cybercash.com
Expiration and File Name Expiration and File Name
This draft expires July 23, 1998. This draft expires September 1998.
Its file name is draft-ietf-dnssec-ddi-04.txt. Its file name is draft-ietf-dnssec-ddi-05.txt.
 End of changes. 8 change blocks. 
18 lines changed or deleted 17 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/