draft-ietf-homenet-dot-11.txt   draft-ietf-homenet-dot-12.txt 
Network Working Group P. Pfister Network Working Group P. Pfister
Internet-Draft Cisco Systems Internet-Draft Cisco Systems
Updates: RFC7788 (if approved) T. Lemon Updates: RFC7788 (if approved) T. Lemon
Intended status: Standards Track Nominum, Inc. Intended status: Standards Track Nominum, Inc.
Expires: February 9, 2018 August 8, 2017 Expires: February 11, 2018 August 10, 2017
Special Use Domain 'home.arpa.' Special Use Domain 'home.arpa.'
draft-ietf-homenet-dot-11 draft-ietf-homenet-dot-12
Abstract Abstract
This document specifies the behavior that is expected from the Domain This document specifies the behavior that is expected from the Domain
Name System with regard to DNS queries for names ending with Name System with regard to DNS queries for names ending with
'.home.arpa.', and designates this domain as a special-use domain '.home.arpa.', and designates this domain as a special-use domain
name. 'home.arpa.' is designated for non-unique use in residential name. 'home.arpa.' is designated for non-unique use in residential
home networks. Home Networking Control Protocol (HNCP) is updated to home networks. Home Networking Control Protocol (HNCP) is updated to
use the 'home.arpa.' domain instead of '.home'. use the 'home.arpa.' domain instead of '.home'.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 9, 2018. This Internet-Draft will expire on February 11, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 14
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. General Guidance . . . . . . . . . . . . . . . . . . . . . . 3 3. General Guidance . . . . . . . . . . . . . . . . . . . . . . 3
4. Domain Name Reservation Considerations . . . . . . . . . . . 3 4. Domain Name Reservation Considerations . . . . . . . . . . . 3
5. Updates to Home Networking Control Protocol . . . . . . . . . 5 5. Updates to Home Networking Control Protocol . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. Delegation of 'home.arpa.' . . . . . . . . . . . . . . . . . 7 7. Delegation of 'home.arpa.' . . . . . . . . . . . . . . . . . 7
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
10.1. Normative References . . . . . . . . . . . . . . . . . . 7 10.1. Normative References . . . . . . . . . . . . . . . . . . 8
10.2. Informative References . . . . . . . . . . . . . . . . . 8 10.2. Informative References . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction 1. Introduction
Users and devices within a home network (hereafter "homenet") require Users and devices within a home network (hereafter "homenet") require
devices and services to be identified by names that are unique within devices and services to be identified by names that are unique within
the boundaries of the homenet [RFC7368]. The naming mechanism needs the boundaries of the homenet [RFC7368]. The naming mechanism needs
to function without configuration from the user. While it may be to function without configuration from the user. While it may be
possible for a name to be delegated by an ISP, homenets must also possible for a name to be delegated by an ISP, homenets must also
skipping to change at page 4, line 28 skipping to change at page 4, line 28
differently. Name resolution APIs MUST send queries for such differently. Name resolution APIs MUST send queries for such
names to a recursive DNS server that is configured to be names to a recursive DNS server that is configured to be
authoritative for the 'home.arpa.' zone appropriate to the authoritative for the 'home.arpa.' zone appropriate to the
homenet. One or more IP addresses for recursive DNS servers will homenet. One or more IP addresses for recursive DNS servers will
usually be supplied to the client through router advertisements usually be supplied to the client through router advertisements
or DHCP. If a host is configured to use a resolver other than or DHCP. If a host is configured to use a resolver other than
one that is authoritative for the appropriate 'home.arpa.' zone, one that is authoritative for the appropriate 'home.arpa.' zone,
the client may be unable to resolve, or may receive incorrect the client may be unable to resolve, or may receive incorrect
results for, names in sub domains of 'home.arpa.'. results for, names in sub domains of 'home.arpa.'.
4. Unless configured otherwise, recursive resolvers and DNS proxies 4. Caching resolvers conforming to this specification MUST support
DNSSEC queries. While validation is not required, it is strongly
encouraged; a caching resolver that does not validate answers
that can be validated may cache invalid data; this will prevent
validating stub resolvers from successfully validating answers.
Unless configured otherwise, recursive resolvers and DNS proxies
MUST behave as described in Locally Served Zones ([RFC6303] MUST behave as described in Locally Served Zones ([RFC6303]
Section 3). Recursive resolvers that can be used in a homenet Section 3). That is, queries for domains that are subdomains of
MUST be configurable with a delegation to an authoritative server 'home.arpa.' MUST NOT be forwarded, with one important
for that particular homenet's instance of the domain exception: a query for a DS record when the DO bit ([RFC4035]
'home.arpa.', and, when so configured, MUST NOT attempt to look section 3.2.1) set MUST return the correct answer for that
up a delegation for 'home.arpa.' in the public DNS. Of course, question, including correct information in the authority section
from an implementation standpoint it may be that a hybrid name that proves that the record is nonexistent.
server acts as a caching resolver or DNS proxy for non-local
domains and as an authoritative server for 'home.arpa.' and other So for example a query for the NS record for 'home.arpa.' MUST
locally served zones, responding directly to queries for NOT result in that query being forwarded to an upstream cache nor
subdomains of 'home.arpa.' rather than using a delegation. to the authoritative DNS server for '.arpa.'. However, as
necessary to provide accurate authority information, a query for
the DS record MUST result in whatever queries are necessary being
forwarded; typically, this will just be a query for the DS
record, since the necessary authority information will be
included in the authority section of the response if the DO bit
is set.
In addition to the behavior specified above, recursive resolvers
that can be used in a homenet MUST be configurable with a
delegation to an authoritative server for that particular
homenet's instance of the domain 'home.arpa.'.
It is permissible to combine the recursive resolver function for
general DNS lookups with an authoritative resolver for
'home.arpa.'; in this case, rather than forwarding queries for
subdomains of 'home.arpa.' to an authoritative server, the
caching resolver answers them authoritatively. The behavior with
respect to forwarding queries specifically for 'home.arpa.'
remains the same.
5. No special processing of 'home.arpa.' is required for 5. No special processing of 'home.arpa.' is required for
authoritative DNS server implementations. It is possible that an authoritative DNS server implementations. It is possible that an
authoritative DNS server might attempt to check the authoritative authoritative DNS server might attempt to check the authoritative
servers for 'home.arpa.' for a delegation beneath that name servers for 'home.arpa.' for a delegation beneath that name
before answering authoritatively for such a delegated name. In before answering authoritatively for such a delegated name. In
such a case, because the name always has only local significance such a case, because the name always has only local significance
there will be no such delegation in the 'home.arpa.' zone, and so there will be no such delegation in the 'home.arpa.' zone, and so
the server would refuse to answer authoritatively for such a the server would refuse to answer authoritatively for such a
zone. A server that implements this sort of check MUST be zone. A server that implements this sort of check MUST be
 End of changes. 7 change blocks. 
17 lines changed or deleted 42 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/