Internet DRAFT - draft-durand-doa-over-dns
draft-durand-doa-over-dns
Independent Submission A. Durand
Internet-Draft ICANN
Intended status: Experimental R. Bellis
Expires: April 9, 2018 ISC
October 06, 2017
DOA over DNS
draft-durand-doa-over-dns-03
Abstract
Abstract
This document defines a DOA RR type to implement the Digital Object
Architecture over DNS.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 9, 2018.
Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Durand & Bellis Expires April 9, 2018 [Page 1]
�
Internet-Draft DOA over DNS October 2017
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. The DOA Resource Record . . . . . . . . . . . . . . . . . . . 2
3.1. Description . . . . . . . . . . . . . . . . . . . . . . . 2
3.1.1. Enterprise and Type fields . . . . . . . . . . . . . 3
3.1.2. Location field . . . . . . . . . . . . . . . . . . . 3
3.1.3. Media Type . . . . . . . . . . . . . . . . . . . . . 4
3.1.4. Data . . . . . . . . . . . . . . . . . . . . . . . . 4
3.2. DOA RDATA Wire Format . . . . . . . . . . . . . . . . . . 4
3.3. DOA RDATA Presentation Format . . . . . . . . . . . . . . 5
4. Security Considerations . . . . . . . . . . . . . . . . . . . 5
5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 5
6. Operational consideration . . . . . . . . . . . . . . . . . . 5
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
7.1. DOA Type Registry . . . . . . . . . . . . . . . . . . . . 6
7.2. DOA Location Type Registry . . . . . . . . . . . . . . . 6
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction
This document defines an RR type to implement an architecture similar
to the Digital Object Architecture [ITU-X.1255] within the DNS. Each
DOA RR contains an object type that might be opaque and private to
the producer and the consumer of the data and either the data (if
small enough to fit in the RR) or a pointer on how to retrieve the
actual data.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
3. The DOA Resource Record
3.1. Description
The Type value for the DOA RR is TBD. The DOA RR is class
independent. No special processing is required within DNS servers or
libraries.
Durand & Bellis Expires April 9, 2018 [Page 2]
�
Internet-Draft DOA over DNS October 2017
The RDATA of the resource record comprises of five fields: DOA-
ENTERPRISE, DOA-TYPE, DOA-MEDIA-TYPE, DOA-LOCATION and DOA-DATA.
3.1.1. Enterprise and Type fields
The DOA-ENTERPRISE and DOA-TYPE fields are combined to indicate the
semantic type of the DOA record being represented by the RR. That
semantic is private to the producer of data hosted on an
authoritative DNS server and the application software using a DNS
stub resolver to retrieve it.
The DOA-ENTERPRISE field uses values as specified in the IANA SMI
Network Management Private Enterprise Codes Registry
[IANA-ENTERPRISE]. An exception to that is that the reserved value
of zero (0) is used to indicate that the the DOA-ENTERPRISE is not
set.
Some commonly used values of DOA-TYPE are registered in the IANA DOA
Type Registry Section 7.1, others are privately defined. As those
private types might be used in cross-organization systems, use of the
DOA-ENTERPRISE field is RECOMMENDED to disambiguate types.
3.1.2. Location field
The DOA-LOCATION signals how the DOA-DATA field should be interpreted
using the values specified in the DOA Location Type Registry
Section 7.2.
The value 0 is reserved.
For the value 1 ("Local"), the DOA-DATA contains the actual DOA
object.
For the value 2 ("URI") the DOA-DATA contains a UTF-8 encoded string
representing the URI from which the DOA object can be obtained.
For the value 3 ("HDL") the DOA-DATA contains a UTF-8 encoded string
representing the handle from the Handle System [RFC3650] from which
the DOA object can be obtained.
Other values might be defined in the future, for example for NFS,
LDAP, etc...
DNS software implementing the DOA RR type MUST NOT drop or otherwise
refuse to handle the DOA RRs containing an unknown or unsupported
DOA-location and MUST treat the DOA-DATA portion of the RR as an
abstract opaque field.
Durand & Bellis Expires April 9, 2018 [Page 3]
�
Internet-Draft DOA over DNS October 2017
3.1.3. Media Type
The DOA-MEDIA-TYPE field contains the Internet media type [RFC6838]
for the DOA object represented by this record.
If a non-Local object is retrieved over a protocol that supports
inclusion of a media type value (e.g. an HTTP Content-Type header)
then the client MUST use that value (if supplied) in preference to
any value specified inside this resource record. In such case, the
DOA-MEDIA-TYPE MAY be set to NULL, length 0.
3.1.4. Data
The DOA-DATA field contains either the object's data, or some form of
reference specifying from where the data can be obtained, per the
DOA-LOCATION field above.
3.2. DOA RDATA Wire Format
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
0: | |
| DOA-ENTERPRISE |
| |
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
4: | |
| DOA-TYPE |
| |
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
8: | DOA-LOCATION | DOA-MEDIA-TYPE /
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
10: / /
/ DOA-MEDIA-TYPE (continued) /
/ /
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
/ /
/ DOA-DATA /
/ /
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
DOA-ENTERPRISE: a 32-bit unsigned integer in network order.
DOA-TYPE: a 32-bit unsigned integer in network order.
DOA-LOCATION: an 8-bit unsigned integer.
DOA-MEDIA-TYPE: A <character-string> (see [RFC1035]). The first
octet of the <character-string> contains the number of characters to
follow.
Durand & Bellis Expires April 9, 2018 [Page 4]
�
Internet-Draft DOA over DNS October 2017
DOA-DATA: A variable length blob of binary data. The length of the
DOA-DATA is not contained within the wire format of the RR and has to
be computed from the RDLENGTH of the entire RR once other fields have
been taken into account.
3.3. DOA RDATA Presentation Format
The DOA-ENTERPRISE field is presented as an unsigned 32-bit decimal
integer with range 0 - 4,294,967,295.
The DOA-TYPE field is presented as an unsigned 32-bit decimal integer
with range 0 - 4,294,967,295.
The DOA-LOCATION field is presented as an unsigned 8-bit decimal
integer with range 0 - 255.
The DOA-MEDIA-TYPE field is presented as a single <character-string>.
The DOA-DATA is presented as Base64 encoded data [RFC4648] unless the
DOA-DATA is empty in which case it is presented as a single dash
character ("-", ASCII 45). White space is permitted within Base64
data.
4. Security Considerations
The use of DNSSEC is encouraged to protect the integrity of the data
contained in the DOA RR type.
5. Privacy Considerations
Personally identifiable information (PII) data appearing in the DOA-
DATA field SHOULD be encrypted.
6. Operational consideration
Some DOA records might contain large data that is only of interest to
a single party, as such, caching those records does not provide much
benefits and could be considered a denial of service attack on the
caching resolver infrastructure. It is thus RECOMMENDED that the TTL
associated with large DOA RRs be set as small as possible to avoid
caching.
7. IANA Considerations
Durand & Bellis Expires April 9, 2018 [Page 5]
�
Internet-Draft DOA over DNS October 2017
7.1. DOA Type Registry
IANA are requested to create the DOA Type Registry with initial
contents as follows:
+--------------+-------------------------------+---------------+
| Value | Name | Specification |
+--------------+-------------------------------+---------------+
| 0 | Reserved - cannot be assigned | RFC-TBD1 |
| | | |
| 1 | contact email | RFC-TBD1 |
| | | |
| 2 | contact website | RFC-TBD1 |
| | | |
| 3 | contact telephone | RFC-TBD1 |
| | | |
| 4 - 99 | Unassigned | |
| | | |
| 100 | public key | RFC-TBD1 |
| | | |
| 101 - 99,999 | Unassigned | |
| | | |
| 100000 - | Reserved for Private Use | RFC-TBD1 |
+--------------+-------------------------------+---------------+
Assignments in the 1-99,999 range in this registry require Expert
Review.
7.2. DOA Location Type Registry
IANA are requested to create the DOA Location Type Registry with
initial contents as follows:
Durand & Bellis Expires April 9, 2018 [Page 6]
�
Internet-Draft DOA over DNS October 2017
+-----------+-------------------------------+---------------+
| Value | Location | Specification |
+-----------+-------------------------------+---------------+
| 0 | Reserved - cannot be assigned | RFC-TBD1 |
| | | |
| 1 | Local | RFC-TBD1 |
| | | |
| 2 | URI | RFC-TBD1 |
| | | |
| 3 | HDL | RFC-TBD1 |
| | | |
| 4 - 199 | Unassigned | |
| | | |
| 200 - 254 | Reserved for Private Use | RFC-TBD1 |
| | | |
| 255 | Reserved - cannot be assigned | RFC-TBD1 |
+-----------+-------------------------------+---------------+
Assignments in the 4-199 range in this registry require Expert
Review.
8. Acknowledgments
9. References
9.1. Normative References
[IANA-ENTERPRISE]
IANA, "SMI Network Management Private Enterprise Codes
Registry", n.d., <https://www.iana.org/assignments/
enterprise-numbers/enterprise-numbers>.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <https://www.rfc-editor.org/info/rfc1035>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/
RFC2119, March 1997, <https://www.rfc-editor.org/info/
rfc2119>.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
<https://www.rfc-editor.org/info/rfc4648>.
Durand & Bellis Expires April 9, 2018 [Page 7]
�
Internet-Draft DOA over DNS October 2017
[RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type
Specifications and Registration Procedures", BCP 13, RFC
6838, DOI 10.17487/RFC6838, January 2013,
<https://www.rfc-editor.org/info/rfc6838>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
9.2. Informative References
[ITU-X.1255]
ITU, "Framework for discovery of identity management
information", n.d.,
<http://www.itu.int/rec/T-REC-X.1255-201309-I>.
[RFC3650] Sun, S., Lannom, L., and B. Boesch, "Handle System
Overview", RFC 3650, DOI 10.17487/RFC3650, November 2003,
<https://www.rfc-editor.org/info/rfc3650>.
Authors' Addresses
Alain Durand
Internet Corporation for Assigned Names and Numbers
801 17th St NW Suite 400
Washington DC 20006
USA
Email: Alain.Durand@icann.org
Ray Bellis
Internet Systems Consortium, Inc.
950 Charter Street
Redwood City CA 94063
USA
Phone: +1 650 423 1200
Email: ray@isc.org
Durand & Bellis Expires April 9, 2018 [Page 8]
