Internet DRAFT - draft-dnsop-update-timeout
draft-dnsop-update-timeout
Internet Engineering Task Force T.J. Pusateri
Internet-Draft T. Wattenberg
Intended status: Standards Track Unaffiliated
Expires: 25 November 2020 24 May 2020
DNS TIMEOUT Resource Record
draft-dnsop-update-timeout-00
Abstract
This specification defines a new DNS TIMEOUT resource record (RR)
that associates a lifetime with one or more zone resource records.
It is intended to be used to transfer resource record lifetime state
between a zone's primary and secondary servers and to store lifetime
state during server software restarts.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 25 November 2020.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License.
Pusateri & Wattenberg Expires 25 November 2020 [Page 1]
Internet-Draft TIMEOUT Resource Record May 2020
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Sources of TIMEOUT Expiry Time . . . . . . . . . . . . . . . 3
4. Common Usage Patterns . . . . . . . . . . . . . . . . . . . . 4
4.1. TIMEOUT records vs. Update Leases . . . . . . . . . . . . 5
4.2. Testing for TIMEOUT . . . . . . . . . . . . . . . . . . . 6
5. Resource Record Composition . . . . . . . . . . . . . . . . . 6
5.1. Represented Record Type . . . . . . . . . . . . . . . . . 6
5.2. Represented Record Count . . . . . . . . . . . . . . . . 7
5.3. Method Identifiers . . . . . . . . . . . . . . . . . . . 7
5.3.1. Method Identifier 0: NO METHOD . . . . . . . . . . . 8
5.3.2. Method Identifier 1: MD-SHA256-128 . . . . . . . . . 8
5.4. Expiry Time . . . . . . . . . . . . . . . . . . . . . . . 8
6. TIMEOUT RDATA Wire Format . . . . . . . . . . . . . . . . . . 9
7. Server Behavior . . . . . . . . . . . . . . . . . . . . . . . 10
7.1. Primary Server Behavior . . . . . . . . . . . . . . . . . 10
7.2. Secondary Server Behavior . . . . . . . . . . . . . . . . 11
8. TIMEOUT RDATA Presentation Format . . . . . . . . . . . . . . 11
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
10. Security Considerations . . . . . . . . . . . . . . . . . . . 13
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
12.1. Normative References . . . . . . . . . . . . . . . . . . 13
12.2. Informative References . . . . . . . . . . . . . . . . . 14
Appendix A. Example TIMEOUT resource records . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction
DNS Update [RFC2136] provides a mechanism to dynamically add/remove
DNS resource records to/from a zone. When a resource record is
dynamically added, it remains in the zone until it is removed
manually or via a subsequent DNS Update. The context of a dynamic
update may provide lifetime hints for the updated records (such as
the EDNS(0) Update Lease option [I-D.sekar-dns-ul]), however, this
lifetime is not communicated to secondary servers and will not
necessarily endure through server software restarts. This
specification defines a new DNS TIMEOUT resource record that
associates lifetimes with one or more resource records with the same
owner name, type, and class that can be transferred to secondary
servers through normal AXFR [RFC5936], IXFR [RFC1995] transfer
mechanisms.
An UPDATE lifetime could be stored in a proprietary database on an
authoritative primary server but there is an advantage to saving it
as a resource record: redundant master servers and secondary servers
Pusateri & Wattenberg Expires 25 November 2020 [Page 2]
Internet-Draft TIMEOUT Resource Record May 2020
capable of taking over as the primary server for a zone automatically
can benefit from the existing database synchronization of resource
records. In addition, primary and secondary servers from multiple
vendors can synchronize the lifetimes through the open format
provided by a resource record.
TIMEOUT records can be installed via policy by a primary server,
manually, or via an external UPDATE from a client. If TIMEOUT
records are being managed by an UPDATE client, the client should be
aware of server software policy with respect to TIMEOUT records to
prevent the TIMEOUT records from being rejected. The primary server
has ultimate responsibility for the records in the database and the
client must work within the restrictions of the policy of the primary
server.
TIMEOUT records can be thought of as a universal method for removing
stale dynamic DNS records. Clients such as DHCP servers who best
know the lease lifetimes can include individual TIMEOUT records in
the dynamic UPDATE messages specific for each lease lifetime. These
TIMEOUT records can be refreshed when the lease is refreshed and will
timeout the A, AAAA, and PTR records if they are not refreshed by the
DHCP server. Additional use cases include service discovery resource
records installed in unicast DNS servers via UPDATE described in
[RFC6763], Active Directory Controllers publishing SRV records, DNS
TXT resource records supporting ACME certificate management
challenges as described in [RFC8555], Section 8.4, and the limited
lifetime certificate representations produced by ACME that are stored
in DANE TLSA resource records [RFC6698].
2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. These words may also appear in this
document in lower case as plain English words, absent their normative
meanings.
3. Sources of TIMEOUT Expiry Time
The expire time may come from many different sources. A few are
listed here however, this list is not considered complete. TIMEOUT
records may be included along side the records they represent in the
UPDATE message or they be synthesized by the primary server receiving
the UPDATE.
* Via DHCP Lease Lifetimes.
Pusateri & Wattenberg Expires 25 November 2020 [Page 3]
Internet-Draft TIMEOUT Resource Record May 2020
* Via EDNS(0) Update Lease option [I-D.sekar-dns-ul] communicated in
DNS Update.
* Via an administrative default value such as one day (86400
seconds).
4. Common Usage Patterns
TIMEOUT resource records are just one tool in the toolbox for
cleaning up stale resource records. They provide a failsafe in case
other mechanisms meant to clean up records fail. It might be useful
to think of them similar to Garbage Collection (GC) or Automatic
Reference Counting (ARC) used by programming languages for memory
management. The model in which the TIMEOUT resource records are used
depends on the support provided for them by the primary DNS server.
As it cannot be presumed that all primary authoritative servers will
manage TIMEOUT resource records internally, an external management of
the TIMEOUT records and the resource records they represent might be
necessary. The client may perform external management of TIMEOUT
records it creates through an UPDATE or a third party with
appropriate permission may manage the records.
If the primary server understands TIMEOUT records and manages them
based on resource record updates, it will likely know when to remove
the resource records referenced by the TIMEOUT records. This is
similar to ARC.
┌─────────────┐
│Client UPDATE│
│ with EDNS0 │───┐
└─────────────┘ │ ┌───────────────┐
│ │ Primary │ Zone ┌─────────┐
┌────────────────┐ ├──▶│(Authoritative)│───Transfer──▶│Secondary│
│ UPDATE with │ │ └───────────────┘ └─────────┘
│TIMEOUT included│───┘
└────────────────┘
If the primary server does not understand TIMEOUT records, then an
external manager (client) will need to use DNS UPDATE to manage
TIMEOUT records and the resource records they reference. Garbage
Collectors run periodically looking for memory no longer being used
to reclaim. In a similar way, external TIMEOUT record managers need
to periodically scan the TIMEOUT records and send DNS UPDATE messages
to add/remove records when the server doesn't manage them
automatically.
Pusateri & Wattenberg Expires 25 November 2020 [Page 4]
Internet-Draft TIMEOUT Resource Record May 2020
┌────────────────┐ ┌───────────────┐
│ UPDATE with │ │ Primary │ Zone ┌─────────┐
│TIMEOUT included│───────▶│(Authoritative)│───Transfer──▶│Secondary│
└────────────────┘ └───────────────┘ └─────────┘
│ ▲
Zone │
Transfer UPDATE
│ │
┌─────────────┐ ▼ │
│Client UPDATE│ ┌───────────────┐
│ with EDNS0 │───────▶│ timeoutd │
└─────────────┘ └───────────────┘
It should be noted that similar to many instances of Garbage
Collection, the precision with which TIMEOUT records and the resource
records they reference are removed is not critical. Gross timers
and/or scanning mechanisms are perfectly appropriate and should not
consume additional resources for the purpose of being precise. As
described in Section 5.4 below, expiry times use one second
resolution.
4.1. TIMEOUT records vs. Update Leases
Each application will have to determine when it is better to use
TIMEOUT resource records, EDNS(0) Update Lease options, or a
combination of the two. In some cases, either will serve the same
purpose. A differentiating factor is that TIMEOUT resource records
use absolute time so that the records may be more easily synchronized
across secondary servers whereas Update Leases are specified in
relative time offsets.
If your primary DNS server supports TIMEOUT records directly, it may
be simpler to just provide an Update Lease lifetime in the DNS UPDATE
message that the server will use to create the TIMEOUT records
internally. If your primary DNS server does not support TIMEOUT
records and your application uses sources that have real-time clocks
that are synchronized with standard time sources, TIMEOUT records are
an available option to the client. However, if your clients are
using low-cost hardware without real-time clocks, they should send
Update Leases to the primary server or an intermediate proxy with a
synchronized real-time clock.
Pusateri & Wattenberg Expires 25 November 2020 [Page 5]
Internet-Draft TIMEOUT Resource Record May 2020
4.2. Testing for TIMEOUT
There is no more reliable mechanism to determine if the primary DNS
server supports the management of TIMEOUT records than explicitly
trying it. Before relying on a server to expire TIMEOUT records, the
application should send test records and test if they are handled as
expected. If the preferred mode of operation is not supported,
another mode can be attempted. For example, if sending a DNS UPDATE
with a EDNS(0) Update Lease of 1 second doesn't cause the record to
be expired within 6 seconds (1 + 5 fuzz), then the application can
try including a TIMEOUT record in the DNS UPDATE. If that doesn't
automatically expire, TIMEOUT records will need to be managed
externally.
5. Resource Record Composition
TIMEOUT resource records provide expiry times for a mixed variety of
resource record types with the same owner name, type, and class.
Since there could exist multiple records of the same record type with
the same owner name and class, the TIMEOUT resource record must be
able to identify each of these records individually with only
different RDATA. As an example, PTR records for service discovery
[RFC6763] provide a level of indirection to SRV and TXT records by
instance name. The instance name is stored in the PTR RDATA and
multiple PTR records with the same owner name and only differing
RDATA often exist.
In order to distinguish each individual record with potentially
different expiry times, the TIMEOUT resource record contains an
expiry time, the record type, a method to identify the actual records
for which the expiry time applies, and a count of the number of
records represented. Multiple TIMEOUT records with the same owner
name and class are created for each expiry time, record type, and
resource record representation. If the expiry time is the same,
multiple records can be combined into a single TIMEOUT record with
the same owner name, class, and record type but this is not required.
The fields and their values in a TIMEOUT record are defined as:
5.1. Represented Record Type
A 16-bit field containing the resource record type to which the
TIMEOUT record applies. Multiple TIMEOUT records for the same owner
name, class, and represented type can exist. Any resource record
type can be specified in the Represented Record Type including
another TIMEOUT record. This specification does not put any
restrictions on the record type but implementations in authoritative
servers will likely do so for policy and security reasons.
Pusateri & Wattenberg Expires 25 November 2020 [Page 6]
Internet-Draft TIMEOUT Resource Record May 2020
QTYPEs and Meta-TYPEs MUST NOT be used as the represented record
type. For more information, refer to [RFC6895], Section 3.1.
5.2. Represented Record Count
The Represented Record Count is a 8-bit value that specifies the
number of records of the specified record type with this expiry time.
A count of zero indicates that it is not necessary to represent any
records in the list. This is a shortcut notation meaning all
resource records with the same owner name, class, and record type use
the same Expiry Time. When the Represented Record Count is 0, the
Method Identifier is set to NO METHOD (0) on transmission and ignored
on reception. A primary server MUST NOT install a TIMEOUT record
with No Method/No Count at the same time that a TIMEOUT record exists
for the same owner name, class, and type with a non-zero record
count. Either all records MUST match the No Method/No Count
shorthand syntax or they MUST all be included in the list of matching
records.
In the unlikely event that the Represented Record Count exceeds 255
which is the largest number representable in 8 bits, multiple
instances of the same Expiry Time can exist.
5.3. Method Identifiers
The Method Identifier is a 8-bit value that specifies an identifier
for the algorithm used to distinguish between resource records. The
identifiers are declared in a registry maintained by IANA for the
purpose of listing acceptable methods for this purpose. In addition
to the method and the index, the registry MAY contain a fixed output
length in bits of the method to be used or the term "variable" to
denote a variable length output per record. It is conceivable,
though not likely, that the same method could be used with different
fixed output lengths. In this case, each fixed output length would
require a different identifier in the registry. Additions to this
registry will be approved with additional documentation under expert
review. At the time that the registry is created by IANA, a group of
expert reviewers will be established.
Pusateri & Wattenberg Expires 25 November 2020 [Page 7]
Internet-Draft TIMEOUT Resource Record May 2020
Additional methods of representing records may be defined in the
future. If such methods are defined, a primary server could create
TIMEOUT record using a new method that is not understood by a
secondary server that could take over as the primary in the event of
an outage or administrative change. In this case, the new primary
would not be able to identify the records it is supposed to TIMEOUT.
This is a misconfiguration and it is the responsibility of the
administrator to ensure that secondary servers in a position to
become primary understand the TIMEOUT record methods of the primary
server.
5.3.1. Method Identifier 0: NO METHOD
The method identifier of 0 is defined as "NO METHOD" and MUST NOT be
used if the represented record count is greater than 0. The value of
0 is to be included in the IANA registry of method identifier values.
5.3.2. Method Identifier 1: MD-SHA256-128
The method identifier of 1 is defined as "MD-SHA256-128". Following
the expiry time is a list of 128-bit values. Each of these values is
the first 128-bits of a message digest of the RDATA of a represented
record in canonical DNSSEC form calculated using the 256-bit SHA-256
hash algorithm defined in [FIPS180-4]. The canonical DNSSEC form is
described in [RFC4034], Section 6. The input length of RDATA for the
message digest is the RDLEN of the represented record.
5.4. Expiry Time
The expiry time is a 64-bit number expressed as the number of seconds
since the UNIX epoch (00:00:00 UTC on January 1, 1970). This value
is an absolute time at which the record will expire. An absolute
time is necessary so the TIMEOUT records do not have to change during
zone transfers.
There are circumstances when a relative expiry time would be
convenient due to limited resources for clock synchronization in
constrained devices. In this case, DNS UPDATE messages should not
contain precomputed TIMEOUT records but convey the relative expiry
time using the EDNS(0) Update Lease Option defined in
[I-D.sekar-dns-ul]. The relative time is then converted to an
absolute expiry time when received by the primary server which will
create the TIMEOUT resource records.
Pusateri & Wattenberg Expires 25 November 2020 [Page 8]
Internet-Draft TIMEOUT Resource Record May 2020
6. TIMEOUT RDATA Wire Format
The TIMEOUT resource record follows the same pattern as other DNS
resource records including owner name, type, class, TTL, RDATA
length, and RDATA as defined in [RFC1035], Section 3.2.1.
The RDATA section of the resource record with method identifier NO
METHOD (0) is illustrated in Figure 1:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Represented RR Type | Count (0) | Method (0) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Expiry Time (64-bit) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Method (0) RDATA Wire Format
Figure 1 represents the TIMEOUT RDATA field of all matching records
of the represented type for the same owner name and class.
The RDATA section of the resource record with method identifier MD-
SHA256-128 (1) is illustrated in Figure 2:
Pusateri & Wattenberg Expires 25 November 2020 [Page 9]
Internet-Draft TIMEOUT Resource Record May 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Represented RR Type | Count (n) | Method (1) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Expiry Time (64-bit) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| First 128 bits of SHA256 hash |
| of Represented Record 1 RDATA |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
. .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| First 128 bits of SHA256 hash |
| of Represented Record n RDATA |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Method (1) MD-SHA256-128 Wire Format
Figure 2 represents an arbitrary number of represented records with
the same owner name, class, and represented type. For each expiry
time, a list of the first 128-bits of a SHA256 hash are appended.
7. Server Behavior
A server may or may not understand TIMEOUT resource records. If a
server does not understand them, they are treated like any other
resource record that the server may not understand. See [RFC3597]
for more information.
7.1. Primary Server Behavior
The primary server is the ultimate source of the database and
policies established by the server may overrule the actions of
external clients. The primary server is ultimately responsible for
ensuring the database is consistent but until TIMEOUT record
management is built-in to authoritative server software, external
UPDATE clients will likely manage the records.
Pusateri & Wattenberg Expires 25 November 2020 [Page 10]
Internet-Draft TIMEOUT Resource Record May 2020
Upon receiving any DNS UPDATE deleting resource records that might
have been covered by a TIMEOUT RR, a primary server MUST remove all
represented records in all of the TIMEOUT records with the same owner
name, class, and represented type.
A TIMEOUT resource record MUST be removed when the last resource
record it covers has been removed. This may be due to the record
expiring (reaching the expiry time) or due to a subsequent DNS Update
or administrative action.
The TIMEOUT record TTL should use the default TTL for the zone like
any other record. The TTL values of the records covered by a TIMEOUT
are not affected by the TIMEOUT expiry time and may be longer than
the expiry time. The TIMEOUT RR is mostly for the benefit of the
authoritative server to know when to remove the records. The fact
that some records might live longer in the cache of a resolver is no
different than other records that might get removed while still in a
remote resolver cache.
7.2. Secondary Server Behavior
A secondary server MUST NOT expire the records in a zone it maintains
covered by the TIMEOUT resource record and it MUST NOT expire the
TIMEOUT resource record itself when the last record it covers has
expired. The secondary server MUST always wait for the records to be
removed or updated by the primary server.
8. TIMEOUT RDATA Presentation Format
Record Type:
resource record type mnemonics. When the mnemonic is unknown,
the TYPE is represented by the word "TYPE" immediately followed
by the decimal RR type number, with no intervening whitespace
as described in [RFC3597], Section 5
Represented Record Count:
unsigned decimal integer (0-255)
Method Identifier:
unsigned decimal integer (0-255)
Expiry Time:
The Expiry Time is displayed as a compact numeric-only
representation of ISO 8601. All punctuation is removed. This
form is slightly different than the recommendation in [RFC3339]
but is common for DNS protocols. It is defined in [RFC4034],
Section 3.2 as YYYYMMDDHHmmSS in UTC. This form will always be
exactly 14 digits since no component is optional.
Pusateri & Wattenberg Expires 25 November 2020 [Page 11]
Internet-Draft TIMEOUT Resource Record May 2020
YYYY is the year;
MM is the month number (01-12);
DD is the day of the month (01-31);
HH is the hour, in 24 hour notation (00-23);
mm is the minute (00-59); and
SS is the second (00-60) where 60 is only possible as a leap
second.
List of 0 or more hashes depending on Method Identifier:
( hash-1 hash2 ... )
hash values shown as upper case hexadecimal string;
some type of white space MUST exist between hash values but
MUST NOT exist within hash value;
MUST only display parentheses for one or more hash values;
9. IANA Considerations
This document defines a new DNS Resource Record Type named TIMEOUT to
be exchanged between authoritative primary and secondary DNS servers.
It is assigned out of the DNS Parameters Resource Record (RR) Type
registry. The value for the TIMEOUT resource record type is TBA.
+---------+-------+----------------------------+------------+
| Type | Value | Meaning | Definition |
+=========+=======+============================+============+
| TIMEOUT | TBA | expire represented records | Section 5 |
+---------+-------+----------------------------+------------+
Table 1: DNS Parameters Resource Record Registry
This document establishes a new registry of DNS TIMEOUT Resource
Record Method Identifier values. The registry shall include a
numeric identifier, a method name, a description of the method, and
the length of the output function in bits or the keyword "variable".
The identifier is to be used in the RDATA section of the TIMEOUT
resource record.
Initially, there are two values defined in the registry. Values from
240 (0xF0) through 255 (0xFF) are reserved for experimental use.
Pusateri & Wattenberg Expires 25 November 2020 [Page 12]
Internet-Draft TIMEOUT Resource Record May 2020
+---------+---------------+----------------+----------+------------+
| ID | Method Name | Description | Length | Definition |
| | | | (bits) | |
+=========+===============+================+==========+============+
| 0 | NO METHOD | All records | 0 | Section |
| | | match | | 5.3.1 |
+---------+---------------+----------------+----------+------------+
| 1 | MD-SHA256-128 | List of | 128 bits | Section |
| | | 128-bit hashes | | 5.3.2 |
| | | of represented | | |
| | | records RDATA | | |
+---------+---------------+----------------+----------+------------+
| 240-255 | EXPERIMENTAL | Reserved for | variable | Section 9 |
| | | Experimental | | |
| | | Use | | |
+---------+---------------+----------------+----------+------------+
Table 2: TIMEOUT RR Method Identifier values
10. Security Considerations
There is no secure relationship between a TIMEOUT resource record and
the represented resource records it applies to. TIMEOUT records
should typically only apply to resource records created through the
UPDATE mechanism. Protection for permanent resource records in a
zone is advisable.
Authenticated UPDATE operations MUST be REQUIRED at authoritative
name servers supporting TIMEOUT resource records.
11. Acknowledgments
This idea was motivated through conversations with Mark Andrews.
Thanks to Mark as well as Paul Vixie, Joe Abley, Ted Lemon, Tony
Finch, Robert Story, Paul Wouters, Dick Franks, JINMEI, Tatuya,
Timothe Litt, and Stuart Cheshire for their suggestions, review, and
comments.
12. References
12.1. Normative References
[FIPS180-4]
National Institute of Standards and Technology, U.S.
Department of Commerce, "Secure Hash Standard (SHS) FIPS
180-4", August 2015,
<http://nvlpubs.nist.gov/nistpubs/FIPS/
NIST.FIPS.180-4.pdf>.
Pusateri & Wattenberg Expires 25 November 2020 [Page 13]
Internet-Draft TIMEOUT Resource Record May 2020
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <https://www.rfc-editor.org/info/rfc1035>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC3339] Klyne, G. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, DOI 10.17487/RFC3339, July 2002,
<https://www.rfc-editor.org/info/rfc3339>.
[RFC3597] Gustafsson, A., "Handling of Unknown DNS Resource Record
(RR) Types", RFC 3597, DOI 10.17487/RFC3597, September
2003, <https://www.rfc-editor.org/info/rfc3597>.
[RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "Resource Records for the DNS Security Extensions",
RFC 4034, DOI 10.17487/RFC4034, March 2005,
<https://www.rfc-editor.org/info/rfc4034>.
[RFC6895] Eastlake 3rd, D., "Domain Name System (DNS) IANA
Considerations", BCP 42, RFC 6895, DOI 10.17487/RFC6895,
April 2013, <https://www.rfc-editor.org/info/rfc6895>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
12.2. Informative References
[I-D.sekar-dns-ul]
Cheshire, S. and T. Lemon, "Dynamic DNS Update Leases",
Work in Progress, Internet-Draft, draft-sekar-dns-ul-02, 2
August 2018,
<https://tools.ietf.org/html/draft-sekar-dns-ul-02>.
[RFC1995] Ohta, M., "Incremental Zone Transfer in DNS", RFC 1995,
DOI 10.17487/RFC1995, August 1996,
<https://www.rfc-editor.org/info/rfc1995>.
[RFC2136] Vixie, P., Ed., Thomson, S., Rekhter, Y., and J. Bound,
"Dynamic Updates in the Domain Name System (DNS UPDATE)",
RFC 2136, DOI 10.17487/RFC2136, April 1997,
<https://www.rfc-editor.org/info/rfc2136>.
Pusateri & Wattenberg Expires 25 November 2020 [Page 14]
Internet-Draft TIMEOUT Resource Record May 2020
[RFC5936] Lewis, E. and A. Hoenes, Ed., "DNS Zone Transfer Protocol
(AXFR)", RFC 5936, DOI 10.17487/RFC5936, June 2010,
<https://www.rfc-editor.org/info/rfc5936>.
[RFC6698] Hoffman, P. and J. Schlyter, "The DNS-Based Authentication
of Named Entities (DANE) Transport Layer Security (TLS)
Protocol: TLSA", RFC 6698, DOI 10.17487/RFC6698, August
2012, <https://www.rfc-editor.org/info/rfc6698>.
[RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service
Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013,
<https://www.rfc-editor.org/info/rfc6763>.
[RFC8555] Barnes, R., Hoffman-Andrews, J., McCarney, D., and J.
Kasten, "Automatic Certificate Management Environment
(ACME)", RFC 8555, DOI 10.17487/RFC8555, March 2019,
<https://www.rfc-editor.org/info/rfc8555>.
Appendix A. Example TIMEOUT resource records
The following example shows sample TIMEOUT resource records based on
DNS UPDATEs containing A and AAAA address records plus the
corresponding PTR records.
A host sending a name registration at time Tn for "A" and "AAAA"
records with lease lifetime Ln would have a series of UPDATEs (one
for each zone) that contain:
+---------------------------------------------+----+----------------+
| Name | RR | Value |
| |Type| |
+=============================================+====+================+
| s.example.com. | A | 192.0.2.5 |
+---------------------------------------------+----+----------------+
| s.example.com. |AAAA| 2001:db8::5 |
+---------------------------------------------+----+----------------+
| 5.2.0.192.in-addr.arpa. |PTR | s.example.com. |
+---------------------------------------------+----+----------------+
| 5.0.0.0.0.0.0.0.0.0.0.0.b8.d.1.20.ip6.arpa. |PTR | s.example.com. |
+---------------------------------------------+----+----------------+
Table 3: Example Address Records Update
Next, consider the TIMEOUT resource records that would be generated
for the records in Table 3.
Pusateri & Wattenberg Expires 25 November 2020 [Page 15]
Internet-Draft TIMEOUT Resource Record May 2020
+---------------------------------------------+----+---+---+--------+
| Owner Name |Type|Cnt|Mth| Expire |
+=============================================+====+===+===+========+
| s.example.com. | A | 0 | 0 | Tn+Ln |
+---------------------------------------------+----+---+---+--------+
| s.example.com. |AAAA| 0 | 0 | Tn+Ln |
+---------------------------------------------+----+---+---+--------+
| 5.2.0.192.in-addr.arpa. |PTR | 0 | 0 | Tn+Ln |
+---------------------------------------------+----+---+---+--------+
| 5.0.0.0.0.0.0.0.0.0.0.0.b8.d.1.20.ip6.arpa. |PTR | 0 | 0 | Tn+Ln |
+---------------------------------------------+----+---+---+--------+
Table 4: Address TIMEOUT records
Next, assume there are two hosts advertising the same service type
(different service types will have different owner names). We will
use _ipp._tcp.example.com as an example.
Host A sends an UPDATE at time Ta with lease life La for PTR, SRV, A,
AAAA, and TXT records. Host B sends an UPDATE at time Tb with lease
life Lb for PTR, SRV, A, and TXT records.
+---------------------------+---------+---------------------------+
| Owner name | RR Type | Value |
+===========================+=========+===========================+
| _ipp._tcp.example.com. | PTR | p1._ipp._tcp.example.com. |
+---------------------------+---------+---------------------------+
| p1._ipp._tcp.example.com. | SRV | 0 0 631 p1.example.com. |
+---------------------------+---------+---------------------------+
| p1._ipp._tcp.example.com. | TXT | paper=A4 |
+---------------------------+---------+---------------------------+
| p1.example.com. | A | 192.0.2.1 |
+---------------------------+---------+---------------------------+
| p1.example.com. | AAAA | 2001:db8::1 |
+---------------------------+---------+---------------------------+
Table 5: DNS UPDATE from Host A
Pusateri & Wattenberg Expires 25 November 2020 [Page 16]
Internet-Draft TIMEOUT Resource Record May 2020
+---------------------------+---------+---------------------------+
| Owner name | RR Type | Value |
+===========================+=========+===========================+
| _ipp._tcp.example.com. | PTR | p2._ipp._tcp.example.com. |
+---------------------------+---------+---------------------------+
| p2._ipp._tcp.example.com. | SRV | 0 0 631 p2.example.com. |
+---------------------------+---------+---------------------------+
| p2._ipp._tcp.example.com. | TXT | paper=B4 |
+---------------------------+---------+---------------------------+
| p2.example.com. | A | 192.0.2.2 |
+---------------------------+---------+---------------------------+
Table 6: DNS UPDATE from Host B
For these printer registrations, the TIMEOUT records on the server
would look like the following:
+-------------------------+----+-+-+--------------------------------+
| Owner Name |Type|C|M| Expire / Hash |
+=========================+====+=+=+================================+
| _ipp.tcp.example.com. |PTR |1|1| Ta+La |
| | | | |69D67BCB98E8809702B9DFCA6B865558|
+-------------------------+----+-+-+--------------------------------+
| _ipp.tcp.example.com. |PTR |1|1| Tb+Lb |
| | | | |7EBE34BC8B3E7306F8FCF1D6805331E1|
+-------------------------+----+-+-+--------------------------------+
|p1._ipp._tcp.example.com.|SRV |0|0| Ta + La |
+-------------------------+----+-+-+--------------------------------+
|p1._ipp._tcp.example.com.|TXT |0|0| Ta + La |
+-------------------------+----+-+-+--------------------------------+
|p2._ipp._tcp.example.com.|SRV |0|0| Tb + Lb |
+-------------------------+----+-+-+--------------------------------+
|p2._ipp._tcp.example.com.|TXT |0|0| Tb + Lb |
+-------------------------+----+-+-+--------------------------------+
| p1.example.com. | A |0|0| Ta + La |
+-------------------------+----+-+-+--------------------------------+
| p1.example.com. |AAAA|0|0| Ta + La |
+-------------------------+----+-+-+--------------------------------+
| p2.example.com. | A |0|0| Tb + Lb |
+-------------------------+----+-+-+--------------------------------+
Table 7: Service TIMEOUT records
Authors' Addresses
Pusateri & Wattenberg Expires 25 November 2020 [Page 17]
Internet-Draft TIMEOUT Resource Record May 2020
Tom Pusateri
Unaffiliated
Raleigh, NC
United States of America
Email: pusateri@bangj.com
Tim Wattenberg
Unaffiliated
Cologne
Germany
Email: mail@timwattenberg.de
Pusateri & Wattenberg Expires 25 November 2020 [Page 18]