draft-ietf-homenet-dot-05.txt   draft-ietf-homenet-dot-06.txt 
Network Working Group P. Pfister Network Working Group P. Pfister
Internet-Draft Cisco Systems Internet-Draft Cisco Systems
Updates: RFC7788 (if approved) T. Lemon Updates: RFC7788 (if approved) T. Lemon
Intended status: Standards Track Nominum, Inc. Intended status: Standards Track Nominum, Inc.
Expires: October 22, 2017 April 20, 2017 Expires: December 9, 2017 June 7, 2017
Special Use Domain '.home.arpa' Special Use Domain '.home.arpa'
draft-ietf-homenet-dot-05 draft-ietf-homenet-dot-06
Abstract Abstract
This document specifies the behavior that is expected from the Domain This document specifies the behavior that is expected from the Domain
Name System with regard to DNS queries for names ending with Name System with regard to DNS queries for names ending with
'.home.arpa.', and designates this domain as a special-use domain '.home.arpa.', and designates this domain as a special-use domain
name. The '.home.arpa' domain replaces '.home' as the default domain name. 'home.arpa' is designated for non-unique use in residential
used by the Home Networking Control Protocol (HNCP). home networks. Home Networking Control Protocol (HNCP) is updated to
use the '.home.arpa' domain instead of '.home'.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 22, 2017. This Internet-Draft will expire on December 9, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 14
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. General Guidance . . . . . . . . . . . . . . . . . . . . . . 3 2. General Guidance . . . . . . . . . . . . . . . . . . . . . . 3
3. Domain Name Reservation Considerations . . . . . . . . . . . 3 3. Domain Name Reservation Considerations . . . . . . . . . . . 3
4. Updates to Home Networking Control Protocol . . . . . . . . . 4 4. Updates to Home Networking Control Protocol . . . . . . . . . 4
5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
6. Delegation of 'home.arpa' . . . . . . . . . . . . . . . . . . 5 6. Delegation of 'home.arpa' . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . 6 9.1. Normative References . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . 6 9.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
Users and devices within a home network require devices and services Users and devices within a home network require devices and services
to be identified by names that are unique within the boundaries of to be identified by names that are unique within the boundaries of
the home network [RFC7368]. The naming mechanism needs to function the home network [RFC7368]. The naming mechanism needs to function
without configuration from the user. While it may be possible for a without configuration from the user. While it may be possible for a
name to be delegated by an ISP, home networks must also function in name to be delegated by an ISP, home networks must also function in
the absence of such a delegation. A default name with a scope the absence of such a delegation. A default name with a scope
limited to each individual home network needs to be used. limited to each individual home network needs to be used.
The '.home.arpa' domain replaces '.home' which was specified in The '.home.arpa' domain corrects an error in [RFC7788], replacing
[RFC7788] as the default domain-name for home networks. '.home' had '.home' as the default domain-name for home networks. '.home' had
been selected as the most user-friendly option. However, there are been selected as the most user-friendly option. However, there are
existing uses of '.home' that may be in conflict with this use: existing uses of '.home' that may be in conflict with this use:
evidence indicates that '.home' queries frequently leak out and reach evidence indicates that '.home' queries frequently leak out and reach
the root name servers [ICANN1] [ICANN2]. Also, ICANN has about a the root name servers [ICANN1] [ICANN2].
dozen applicants for the '.home' top-level domain name, which creates
a significant risk of litigation if it were claimed by the IETF In addition, it's necessary, for compatibility with DNSSEC
outside of that process. As a result, the use of '.home' has been (Section 5), that an unsigned delegation be present for the name.
deprecated; this document updates [RFC7788] to replace '.home' with There is an existing process for allocating names under '.arpa'
'.home.arpa', while another document, [I-D.ietf-homenet-redact] [RFC3172]. No such process is available for requesting a similar
deprecates the use of the '.home' TLD. delegation in the root at the request of the IETF, which does not
administer that zone. As a result, the use of '.home' is deprecated.
This document registers the domain '.home.arpa.' as a special-use This document registers the domain '.home.arpa.' as a special-use
domain name [RFC6761] and specifies the behavior that is expected domain name [RFC6761] and specifies the behavior that is expected
from the Domain Name System with regard to DNS queries for names from the Domain Name System with regard to DNS queries for names
whose rightmost non-terminal label is 'homenet'. Queries for names whose rightmost non-terminal labels are '.home.arpa'. Queries for
ending with '.home.arpa.' are of local significance within the scope names ending with '.home.arpa.' are of local significance within the
of a home network, meaning that identical queries will result in scope of a home network, meaning that identical queries will result
different results from one home network to another. In other words, in different results from one home network to another. In other
a name ending in '.home.arpa' is not globally unique. words, a name ending in '.home.arpa' is not globally unique.
Although this document makes specific reference to RFC7788, it is not
intended that the use of '.home.arpa' be restricted solely to
networks where HNCP is deployed; it is rather the case that
'.home.arpa' is the correct domain for uses like the one described
for '.home' in RFC7788: local name service in residential home
networks.
2. General Guidance 2. General Guidance
The domain name '.home.arpa.' is to be used for naming within a home The domain name '.home.arpa.' is to be used for naming within
network. Names ending with '.home.arpa.' reference a locally-served residential home networks. Names ending with '.home.arpa.' reference
zone, the contents of which are unique only to a particular home a locally-served zone, the contents of which are unique only to a
network, and are not globally unique. Such names refer to nodes and/ particular home network, and are not globally unique. Such names
or services that are located within a home network (e.g., a printer, refer to nodes and/or services that are located within a home network
or a toaster). (e.g., a printer, or a toaster).
DNS queries for names ending with '.home.arpa.' are resolved using DNS queries for names ending with '.home.arpa.' are resolved using
local resolvers on the homenet. Such queries MUST NOT be recursively local resolvers on the homenet. Such queries MUST NOT be recursively
forwarded to servers outside the logical boundaries of the home forwarded to servers outside the logical boundaries of the home
network. network.
Some service discovery user interfaces that are expected to be used Some service discovery user interfaces that are expected to be used
on homenets conceal information such as domain names from end users. on homenets conceal information such as domain names from end users.
However, it is still expected that in some cases, users will need to However, it is still expected that in some cases, users will need to
see, remember, and even type, names ending with '.home.arpa'. It is see, remember, and even type, names ending with '.home.arpa'. It is
therefore desirable that users identify the domain and understand therefore desirable that users identify the domain and understand
that using it expresses the intention to connect to a service that is that using it expresses the intention to connect to a service that is
specific to the home network to which they are connected. Enforcing specific to the home network to which they are connected. Enforcing
the fulfillment of this intention is out of scope for this document. the fulfillment of this intention is out of scope for this document.
3. Domain Name Reservation Considerations 3. Domain Name Reservation Considerations
This section defines the behavior of systems involved in domain name This section defines the behavior of systems involved in domain name
resolution when serving queries for names ending with '.home.arpa.' resolution when resolving queries for names ending with '.home.arpa.'
(as per [RFC6761]). (as per [RFC6761]).
1. Users can use names ending with '.home.arpa.' just as they would 1. Users can use names ending with '.home.arpa.' just as they would
use any other domain name. The '.home.arpa' name is chosen to be use any other domain name. The '.home.arpa' name is chosen to be
readily recognized by users as signifying that the name is readily recognized by users as signifying that the name is
addressing a service on the homenet to which the user's device is addressing a service on the homenet to which the user's device is
connected. connected.
2. Applications SHOULD treat domain names ending with '.home.arpa.' 2. Application software SHOULD NOT process names ending in
just like any other FQDN, and MUST NOT make any assumption on the '.home.arpa' specially. In particular, it would not be correct
level of additional security implied by its presence. to assign a higher level of trust to such names: although such
names might refer to resources on the application user's home
network, there is no basis for validating this assumption at a
protocol level, and hence such an assumption would create an
attack surface for devices roaming to other networks.
3. Name resolution APIs and libraries MUST NOT recognize names that 3. Name resolution APIs and libraries MUST NOT recognize names that
end in '.home.arpa.' as special and MUST NOT treat them end in '.home.arpa.' as special and MUST NOT treat them
differently. Name resolution APIs MUST send queries for such differently. Name resolution APIs MUST send queries for such
names to a recursive DNS server that is configured to be names to a recursive DNS server that is configured to be
authoritative for the .home.arpa zone appropriate to the home authoritative for the .home.arpa zone appropriate to the home
network. One or more IP addresses for recursive DNS servers will network. One or more IP addresses for recursive DNS servers will
usually be supplied to the client through router advertisements usually be supplied to the client through router advertisements
or DHCP. If a host is configured to use a resolver other than or DHCP. If a host is configured to use a resolver other than
one that is authoritative for the appropriate .home.arpa zone, one that is authoritative for the appropriate .home.arpa zone,
the client may be unable to resolve, or may receive incorrect the client may be unable to resolve, or may receive incorrect
results for, names in sub domains of ".home.arpa". results for, names in sub domains of ".home.arpa".
4. Unless configured otherwise, recursive resolvers and DNS proxies 4. Unless configured to serve subdomains of 'home.arpa', recursive
MUST behave as described in Locally Served Zones ([RFC6303] resolvers and DNS proxies MUST behave as described in Locally
Section 3). Recursive resolvers that are part of a home network Served Zones ([RFC6303] Section 3). Recursive resolvers that are
MAY be configured manually or automatically (e.g., for auto- part of a home network MAY be configured manually or
configuration purposes) to act differently, e.g., by querying automatically (e.g., for auto-configuration purposes) to act
another name server configured as authoritative for part or all differently, e.g., by querying another name server configured as
of the '.home.arpa' domain, or proxying the request through a authoritative for part or all of the '.home.arpa' domain, or
different mechanism. proxying the request through a different mechanism.
5. Only a DNS server that is authoritative for the '.arpa' zone or 5. Only a DNS server that is authoritative for the '.arpa' zone or
is configured to be authoritative for '.home.arpa' or a subdomain is configured to be authoritative for '.home.arpa' or a subdomain
of '.home.arpa' will ever answer a query about '.home.arpa.' In of '.home.arpa' will ever answer a query about '.home.arpa.' In
both of these cases, the server should simply answer as both of these cases, the server should simply answer as
configured: no special handling is required. configured: no special handling is required. The delegation
returned by servers authoritative for '.arpa' will not match the
delegation returned by a local resolver that is actually
answering for '.home.arpa.'
6. DNS servers outside a home network should not be configured to be 6. DNS servers outside a home network should not be configured to be
authoritative for .home.arpa. authoritative for .home.arpa.
7. 'home.arpa' is a subdomain of the 'arpa' top-level domain, which 7. 'home.arpa' is a subdomain of the 'arpa' top-level domain, which
is entirely operated by the Internet Architecture Board. As is operated by IANA under the authority of the Internet
such, no new advice for registrars is required here. Architecture Board according to the rules established in
[RFC3172]. There are no other registrars for .arpa.
4. Updates to Home Networking Control Protocol 4. Updates to Home Networking Control Protocol
The final paragraph of Homenet Considerations Protocol [RFC7788], The final paragraph of Homenet Considerations Protocol [RFC7788],
section 8, is updated as follows: section 8, is updated as follows:
OLD: OLD:
Names and unqualified zones are used in an HNCP network to provide Names and unqualified zones are used in an HNCP network to provide
naming and service discovery with local significance. A network- naming and service discovery with local significance. A network-
skipping to change at page 5, line 12 skipping to change at page 5, line 28
Names and unqualified zones are used in an HNCP network to provide Names and unqualified zones are used in an HNCP network to provide
naming and service discovery with local significance. A network- naming and service discovery with local significance. A network-
wide zone is appended to all single labels or unqualified zones in wide zone is appended to all single labels or unqualified zones in
order to qualify them. ".home.arpa" is the default; however, an order to qualify them. ".home.arpa" is the default; however, an
administrator MAY configure the announcement of a Domain-Name TLV administrator MAY configure the announcement of a Domain-Name TLV
(Section 10.6) for the network to use a different one. In case (Section 10.6) for the network to use a different one. In case
multiple are announced, the domain of the node with the greatest multiple are announced, the domain of the node with the greatest
node identifier takes precedence. node identifier takes precedence.
The '.home.arpa' special-use name does not require a special The '.home.arpa' special-use name does not require a special
resolution protocol. Names for which the rightmost non-terminal resolution protocol. Names for which the rightmost two labels are
label is 'homenet' are resolved using the DNS protocol [RFC1035]. '.home.arpa' are resolved using the DNS protocol [RFC1035].
5. Security Considerations 5. Security Considerations
A DNS record that is returned as a response to a query ending with A DNS record that is returned as a response to a query for an FQDN in
'.home.arpa.' is expected to have local significance. It is expected the domain '.home.arpa.' is expected to have local significance. It
to be returned by a server involved in name resolution for the home is expected to be returned by a server involved in name resolution
network the device is connected in. However, such response MUST NOT for the home network the device is connected in. However, such
be considered more trustworthy than would be a similar response for response MUST NOT be considered more trustworthy than would be a
any other DNS query. similar response for any other DNS query.
Because '.home.arpa' is not globally scoped and cannot be secured Because '.home.arpa' is not globally scoped and cannot be secured
using DNSSEC based on the root domain's trust anchor, there is no way using DNSSEC based on the root domain's trust anchor, there is no way
to tell, using a standard DNS query, in which home network scope an to tell, using a standard DNS query, in which home network scope an
answer belongs. Consequently, users may experience surprising answer belongs. Consequently, users may experience surprising
results with such names when roaming to different home networks. To results with such names when roaming to different home networks. To
prevent this from happening, it may be useful for the resolver to prevent this from happening, it may be useful for the resolver to
identify different home networks on which it has resolved names, but identify different home networks on which it has resolved names, but
this is out of scope for this document. this is out of scope for this document.
In order to enable DNSSEC validation of a particular '.home.arpa', it It is not possible to install a trust anchor for this zone in the
might make sense to configure a trust anchor for that homenet. How '.arpa' zone. The reason for this is that in order to do so, it
this might be done is out of scope for this document. would be necessary to have the key-signing key for the zone
([RFC4034] Section 5). Since the zone is not globally unique, no one
key would work.
An alternative would be to install a authenticated denial of
existence ([RFC4033] Section 3.2). However, this assumes that
validation is being done on a caching resolver that is aware of the
special local meaning of '.home.arpa'. If a host stub resolver
attempts to validate a name in .local.arpa, an authenticated denial
of existence of 'home' as a subdomain of 'arpa.' would cause the
validation to fail. Therefore, the only delegation that will allow
names under '.home.arpa' to be resolved is an unsigned delegation.
Consequently, unless a trust anchor for the particular instance of
the '.home.arpa' zone being validated is manually configured on the
validating resolver, DNSSEC signing of names within the '.home.arpa'
zone is not possible.
Although in principle it might be useful to install a trust anchor
for a particular instance of '.home.arpa', it's reasonable to expect
that a host with such a trust anchor might from time to time connect
to more than one network with its own instance of '.home.arpa'. Such
a host would be unable to access services on any instance of
'.home.arpa' other than the one for which a trust anchor was
configured.
It is in principle possible to attach an identifier to an instance of
'.home.arpa' that could be used to identify which trust anchor to
rely on for validating names in that particular instance. However,
the security implications of this are complicated, and such a
mechanism, as well as a discussion of those implications, is out of
scope for this document.
6. Delegation of 'home.arpa' 6. Delegation of 'home.arpa'
In order to be fully functional, there must be a delegation of In order to be fully functional, there must be a delegation of
'home.arpa' in the '.arpa' zone. This delegation MUST NOT be signed, 'home.arpa' in the '.arpa' zone [RFC3172]. This delegation MUST NOT
MUST NOT include a DS record, and MUST point to one or more black be signed, MUST NOT include a DS record, and MUST point to one or
hole servers, for example BLACKHOLE-1.IANA.ORG and BLACKHOLE- more black hole servers, for example BLACKHOLE-1.IANA.ORG and
2.IANA.ORG. The reason that this delegation must not be signed is BLACKHOLE-2.IANA.ORG. The reason that this delegation must not be
that not signing the delegation breaks the DNSSEC chain of trust, signed is that not signing the delegation breaks the DNSSEC chain of
which prevents a validating stub resolver from rejecting names trust, which prevents a validating stub resolver from rejecting names
published under 'home.arpa' on a homenet name server. published under 'home.arpa' on a homenet name server.
7. IANA Considerations 7. IANA Considerations
IANA is requested to record the domain name ".home.arpa" in the IANA is requested to record the domain name ".home.arpa" in the
Special-Use Domain Names registry [SUDN]. Special-Use Domain Names registry [SUDN].
8. Acknowledgments 8. Acknowledgments
The authors would like to thank Stuart Cheshire for his prior work on The authors would like to thank Stuart Cheshire for his prior work on
'.home', as well as the homenet chairs: Mark Townsley and Ray Bellis. '.home', as well as the homenet chairs: Mark Townsley and Ray Bellis.
We would also like to thank Paul Hoffman for providing review and We would also like to thank Paul Hoffman for providing review and
comments on the IANA considerations section. comments on the IANA considerations section.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC3172] Huston, G., Ed., "Management Guidelines & Operational
Requirements for the Address and Routing Parameter Area
Domain ("arpa")", BCP 52, RFC 3172, DOI 10.17487/RFC3172,
September 2001, <http://www.rfc-editor.org/info/rfc3172>.
[RFC6303] Andrews, M., "Locally Served DNS Zones", BCP 163, [RFC6303] Andrews, M., "Locally Served DNS Zones", BCP 163,
RFC 6303, DOI 10.17487/RFC6303, July 2011, RFC 6303, DOI 10.17487/RFC6303, July 2011,
<http://www.rfc-editor.org/info/rfc6303>. <http://www.rfc-editor.org/info/rfc6303>.
[RFC6761] Cheshire, S. and M. Krochmal, "Special-Use Domain Names", [RFC6761] Cheshire, S. and M. Krochmal, "Special-Use Domain Names",
RFC 6761, DOI 10.17487/RFC6761, February 2013, RFC 6761, DOI 10.17487/RFC6761, February 2013,
<http://www.rfc-editor.org/info/rfc6761>. <http://www.rfc-editor.org/info/rfc6761>.
[I-D.ietf-homenet-redact]
Lemon, T., "Redacting .home from HNCP", draft-ietf-
homenet-redact-03 (work in progress), March 2017.
9.2. Informative References 9.2. Informative References
[RFC1035] Mockapetris, P., "Domain names - implementation and [RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <http://www.rfc-editor.org/info/rfc1035>. November 1987, <http://www.rfc-editor.org/info/rfc1035>.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "DNS Security Introduction and Requirements",
RFC 4033, DOI 10.17487/RFC4033, March 2005,
<http://www.rfc-editor.org/info/rfc4033>.
[RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "Resource Records for the DNS Security Extensions",
RFC 4034, DOI 10.17487/RFC4034, March 2005,
<http://www.rfc-editor.org/info/rfc4034>.
[RFC7368] Chown, T., Ed., Arkko, J., Brandt, A., Troan, O., and J. [RFC7368] Chown, T., Ed., Arkko, J., Brandt, A., Troan, O., and J.
Weil, "IPv6 Home Networking Architecture Principles", Weil, "IPv6 Home Networking Architecture Principles",
RFC 7368, DOI 10.17487/RFC7368, October 2014, RFC 7368, DOI 10.17487/RFC7368, October 2014,
<http://www.rfc-editor.org/info/rfc7368>. <http://www.rfc-editor.org/info/rfc7368>.
[RFC7788] Stenberg, M., Barth, S., and P. Pfister, "Home Networking [RFC7788] Stenberg, M., Barth, S., and P. Pfister, "Home Networking
Control Protocol", RFC 7788, DOI 10.17487/RFC7788, April Control Protocol", RFC 7788, DOI 10.17487/RFC7788, April
2016, <http://www.rfc-editor.org/info/rfc7788>. 2016, <http://www.rfc-editor.org/info/rfc7788>.
[ICANN1] "New gTLD Collision Risk Mitigation", October 2013, [ICANN1] "New gTLD Collision Risk Mitigation", October 2013,
 End of changes. 22 change blocks. 
67 lines changed or deleted 126 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/