draft-ietf-regext-dnsoperator-to-rrr-protocol-04.txt | draft-ietf-regext-dnsoperator-to-rrr-protocol-05.txt | |||
---|---|---|---|---|
regext J. Latour | regext J. Latour | |||
Internet-Draft CIRA | Internet-Draft CIRA | |||
Intended status: Standards Track O. Gudmundsson | Intended status: Standards Track O. Gudmundsson | |||
Expires: March 16, 2018 Cloudflare, Inc. | Expires: November 5, 2018 Cloudflare, Inc. | |||
P. Wouters | P. Wouters | |||
Red Hat | Red Hat | |||
M. Pounsett | M. Pounsett | |||
Rightside Group, Ltd. | Nimbus Operations Inc. | |||
September 12, 2017 | May 4, 2018 | |||
Third Party DNS operator to Registrars/Registries Protocol | Third Party DNS operator to Registrars/Registries Protocol | |||
draft-ietf-regext-dnsoperator-to-rrr-protocol-04 | draft-ietf-regext-dnsoperator-to-rrr-protocol-05 | |||
Abstract | Abstract | |||
There are several problems that arise in the standard | There are several problems that arise in the standard | |||
Registrant/Registrar/Registry model when the operator of a zone is | Registrant/Registrar/Registry model when the operator of a zone is | |||
neither the Registrant nor the Registrar for the delegation. | neither the Registrant nor the Registrar for the delegation. | |||
Historically the issues have been minor, and limited to difficulty | Historically the issues have been minor, and limited to difficulty | |||
guiding the Registrant through the initial changes to the NS records | guiding the Registrant through the initial changes to the NS records | |||
for the delegation. As this is usually a one time activity when the | for the delegation. As this is usually a one time activity when the | |||
operator first takes charge of the zone it has not been treated as a | operator first takes charge of the zone it has not been treated as a | |||
skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on March 16, 2018. | This Internet-Draft will expire on November 5, 2018. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
skipping to change at page 2, line 48 ¶ | skipping to change at page 2, line 48 ¶ | |||
3.5. Bootstrapping DNSSEC . . . . . . . . . . . . . . . . . . 6 | 3.5. Bootstrapping DNSSEC . . . . . . . . . . . . . . . . . . 6 | |||
4. API Definition . . . . . . . . . . . . . . . . . . . . . . . 7 | 4. API Definition . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
4.1. Authentication . . . . . . . . . . . . . . . . . . . . . 7 | 4.1. Authentication . . . . . . . . . . . . . . . . . . . . . 7 | |||
4.2. RESTful Resources . . . . . . . . . . . . . . . . . . . . 8 | 4.2. RESTful Resources . . . . . . . . . . . . . . . . . . . . 8 | |||
4.2.1. CDS resource . . . . . . . . . . . . . . . . . . . . 8 | 4.2.1. CDS resource . . . . . . . . . . . . . . . . . . . . 8 | |||
4.2.2. Token resource . . . . . . . . . . . . . . . . . . . 10 | 4.2.2. Token resource . . . . . . . . . . . . . . . . . . . 10 | |||
4.3. Customized Error Messages . . . . . . . . . . . . . . . . 11 | 4.3. Customized Error Messages . . . . . . . . . . . . . . . . 11 | |||
5. Security considerations . . . . . . . . . . . . . . . . . . . 11 | 5. Security considerations . . . . . . . . . . . . . . . . . . . 11 | |||
6. IANA Actions . . . . . . . . . . . . . . . . . . . . . . . . 11 | 6. IANA Actions . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
7. Internationalization Considerations . . . . . . . . . . . . . 11 | 7. Internationalization Considerations . . . . . . . . . . . . . 11 | |||
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 | |||
8.1. Normative References . . . . . . . . . . . . . . . . . . 11 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 12 | |||
8.2. Informative References . . . . . . . . . . . . . . . . . 12 | 8.2. Informative References . . . . . . . . . . . . . . . . . 12 | |||
Appendix A. Document History . . . . . . . . . . . . . . . . . . 13 | Appendix A. Document History . . . . . . . . . . . . . . . . . . 13 | |||
A.1. regext Version 04 . . . . . . . . . . . . . . . . . . . . 13 | A.1. regext Version 05 . . . . . . . . . . . . . . . . . . . . 13 | |||
A.2. regext Version 03 . . . . . . . . . . . . . . . . . . . . 13 | A.2. regext Version 04 . . . . . . . . . . . . . . . . . . . . 13 | |||
A.3. regext Version 02 . . . . . . . . . . . . . . . . . . . . 13 | A.3. regext Version 03 . . . . . . . . . . . . . . . . . . . . 13 | |||
A.4. regext Version 01 . . . . . . . . . . . . . . . . . . . . 14 | A.4. regext Version 02 . . . . . . . . . . . . . . . . . . . . 14 | |||
A.5. regext Version 00 . . . . . . . . . . . . . . . . . . . . 14 | A.5. regext Version 01 . . . . . . . . . . . . . . . . . . . . 14 | |||
A.6. Version 03 . . . . . . . . . . . . . . . . . . . . . . . 14 | A.6. regext Version 00 . . . . . . . . . . . . . . . . . . . . 14 | |||
A.7. Version 02 . . . . . . . . . . . . . . . . . . . . . . . 14 | A.7. Version 03 . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
A.8. Version 01 . . . . . . . . . . . . . . . . . . . . . . . 14 | A.8. Version 02 . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
A.9. Version 00 . . . . . . . . . . . . . . . . . . . . . . . 14 | A.9. Version 01 . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
A.10. Version 00 . . . . . . . . . . . . . . . . . . . . . . . 14 | ||||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
1. Introduction | 1. Introduction | |||
After a domain has been registered, one of three parties will | After a domain has been registered, one of three parties will | |||
maintain the DNS zone loaded on the "primary" DNS servers: the | maintain the DNS zone loaded on the "primary" DNS servers: the | |||
Registrant, the Registrar, or a third party DNS operator. DNS | Registrant, the Registrar, or a third party DNS operator. DNS | |||
registration systems were originally designed around making | registration systems were originally designed around making | |||
registrations easy and fast, however after registration the | registrations easy and fast, however after registration the | |||
complexity of making changes to the delegation differs for each of | complexity of making changes to the delegation differs for each of | |||
skipping to change at page 12, line 23 ¶ | skipping to change at page 12, line 32 ¶ | |||
[RFC8078] Gudmundsson, O. and P. Wouters, "Managing DS Records from | [RFC8078] Gudmundsson, O. and P. Wouters, "Managing DS Records from | |||
the Parent via CDS/CDNSKEY", RFC 8078, | the Parent via CDS/CDNSKEY", RFC 8078, | |||
DOI 10.17487/RFC8078, March 2017, | DOI 10.17487/RFC8078, March 2017, | |||
<https://www.rfc-editor.org/info/rfc8078>. | <https://www.rfc-editor.org/info/rfc8078>. | |||
8.2. Informative References | 8.2. Informative References | |||
[I-D.ietf-dnsop-terminology-bis] | [I-D.ietf-dnsop-terminology-bis] | |||
Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | |||
Terminology", draft-ietf-dnsop-terminology-bis-06 (work in | Terminology", draft-ietf-dnsop-terminology-bis-10 (work in | |||
progress), July 2017. | progress), April 2018. | |||
[I-D.wallstrom-dnsop-dns-delegation-requirements] | [I-D.wallstrom-dnsop-dns-delegation-requirements] | |||
Wallstrom, P. and J. Schlyter, "DNS Delegation | Wallstrom, P. and J. Schlyter, "DNS Delegation | |||
Requirements", draft-wallstrom-dnsop-dns-delegation- | Requirements", draft-wallstrom-dnsop-dns-delegation- | |||
requirements-03 (work in progress), October 2016. | requirements-03 (work in progress), October 2016. | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
skipping to change at page 13, line 7 ¶ | skipping to change at page 13, line 16 ¶ | |||
Registration Data Access Protocol (RDAP)", RFC 7480, | Registration Data Access Protocol (RDAP)", RFC 7480, | |||
DOI 10.17487/RFC7480, March 2015, | DOI 10.17487/RFC7480, March 2015, | |||
<https://www.rfc-editor.org/info/rfc7480>. | <https://www.rfc-editor.org/info/rfc7480>. | |||
[RFC7719] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | [RFC7719] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | |||
Terminology", RFC 7719, DOI 10.17487/RFC7719, December | Terminology", RFC 7719, DOI 10.17487/RFC7719, December | |||
2015, <https://www.rfc-editor.org/info/rfc7719>. | 2015, <https://www.rfc-editor.org/info/rfc7719>. | |||
Appendix A. Document History | Appendix A. Document History | |||
A.1. regext Version 04 | A.1. regext Version 05 | |||
o new version to keep the draft alive | ||||
o updating author organization | ||||
A.2. regext Version 04 | ||||
o changed uses of Registrar to Registration Entity and updated | o changed uses of Registrar to Registration Entity and updated | |||
definitions to improve clarity | definitions to improve clarity | |||
o adding note about CDS/CDNSKEY interchangability in this document | o adding note about CDS/CDNSKEY interchangability in this document | |||
o added advice to scan all delegations (including insecure | o added advice to scan all delegations (including insecure | |||
delegations) for CDS in order to bootstrap or update DNSSEC | delegations) for CDS in order to bootstrap or update DNSSEC | |||
o removed "Other Delegation Maintenance" section, since we decided a | o removed "Other Delegation Maintenance" section, since we decided a | |||
while ago not to use this to update NS | while ago not to use this to update NS | |||
A.2. regext Version 03 | A.3. regext Version 03 | |||
o simplify abstract | o simplify abstract | |||
o move all justification text to Intro | o move all justification text to Intro | |||
o added HTTP response codes for rate limiting (429), missing DS | o added HTTP response codes for rate limiting (429), missing DS | |||
RRsets (412) | RRsets (412) | |||
o expanded on Internationalization Considerations | o expanded on Internationalization Considerations | |||
skipping to change at page 13, line 38 ¶ | skipping to change at page 14, line 4 ¶ | |||
o expanded on Internationalization Considerations | o expanded on Internationalization Considerations | |||
o corrected informative/normative document references | o corrected informative/normative document references | |||
o clarify parent/Registrar references in the draft | o clarify parent/Registrar references in the draft | |||
o general spelling/grammar/style cleanup | o general spelling/grammar/style cleanup | |||
o removed references to NS and glue maintenance | o removed references to NS and glue maintenance | |||
o clarify content of POST body for 'cds' resource | o clarify content of POST body for 'cds' resource | |||
o change verb for obtaining a 'token' to GET | o change verb for obtaining a 'token' to GET | |||
o Updated reference to RFC8078 | o Updated reference to RFC8078 | |||
A.3. regext Version 02 | A.4. regext Version 02 | |||
o Clarified based on comments and questions from early implementors | o Clarified based on comments and questions from early implementors | |||
(JL) | (JL) | |||
o Text edits and clarifications. | o Text edits and clarifications. | |||
A.4. regext Version 01 | A.5. regext Version 01 | |||
o Rewrote Abstract and Into (MP) | o Rewrote Abstract and Into (MP) | |||
o Introduced code 401 when changes are not allowed | o Introduced code 401 when changes are not allowed | |||
o Text edits and clarifications. | o Text edits and clarifications. | |||
A.5. regext Version 00 | A.6. regext Version 00 | |||
o Working group document same as 03, just track changed to standard | o Working group document same as 03, just track changed to standard | |||
A.6. Version 03 | A.7. Version 03 | |||
o Clarified based on comments and questions from early implementors | o Clarified based on comments and questions from early implementors | |||
A.7. Version 02 | A.8. Version 02 | |||
o Reflected comments on mailing lists | o Reflected comments on mailing lists | |||
A.8. Version 01 | A.9. Version 01 | |||
o This version adds a full REST definition this is based on | o This version adds a full REST definition this is based on | |||
suggestions from Jakob Schlyter. | suggestions from Jakob Schlyter. | |||
A.9. Version 00 | A.10. Version 00 | |||
o First rough version | o First rough version | |||
Authors' Addresses | Authors' Addresses | |||
Jacques Latour | Jacques Latour | |||
CIRA | CIRA | |||
Ottawa, ON | Ottawa, ON | |||
Email: jacques.latour@cira.ca | Email: jacques.latour@cira.ca | |||
Olafur Gudmundsson | Olafur Gudmundsson | |||
Cloudflare, Inc. | Cloudflare, Inc. | |||
San Francisco, CA | San Francisco, CA | |||
skipping to change at page 15, line 4 ¶ | skipping to change at page 15, line 15 ¶ | |||
CIRA | CIRA | |||
Ottawa, ON | Ottawa, ON | |||
Email: jacques.latour@cira.ca | Email: jacques.latour@cira.ca | |||
Olafur Gudmundsson | Olafur Gudmundsson | |||
Cloudflare, Inc. | Cloudflare, Inc. | |||
San Francisco, CA | San Francisco, CA | |||
Email: olafur+ietf@cloudflare.com | Email: olafur+ietf@cloudflare.com | |||
Paul Wouters | Paul Wouters | |||
Red Hat | Red Hat | |||
Toronto, ON | Toronto, ON | |||
Email: paul@nohats.ca | Email: paul@nohats.ca | |||
Matthew Pounsett | Matthew Pounsett | |||
Rightside Group, Ltd. | Nimbus Operations Inc. | |||
Toronto, ON | Toronto, ON | |||
Email: matt@conundrum.com | Email: matt@conundrum.com | |||
End of changes. 21 change blocks. | ||||
31 lines changed or deleted | 37 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |