idnits 2.17.1 

draft-agl-dane-serializechain-01.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** You're using the IETF Trust Provisions' Section 6.b License Notice from
     12 Sep 2009 rather than the newer Notice from 28 Dec 2009.  (See
     https://trustee.ietf.org/license-info/)


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack a Security Considerations section.

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  == Line 452 has weird spacing: '...c 65 be  e5 89...'

  == Line 478 has weird spacing: '...7 31 dc  da ec...'

  == Line 502 has weird spacing: '...4 05 cf  df 10...'

  == Line 539 has weird spacing: '...d 97 ec  ee 71...'

  == Line 540 has weird spacing: '...b 2b ac  e6 3c...'

  == (1 more instance...)

  -- The document date (July 1, 2011) is 4684 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  ** Obsolete normative reference: RFC 2672 (Obsoleted by RFC 6672)


     Summary: 4 errors (**), 0 flaws (~~), 8 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                         A. Langley
3	Internet-Draft                                                Google Inc
4	Expires: January 2, 2012                                    July 1, 2011

6	           Serializing DNS Records with DNSSEC Authentication
7	                    draft-agl-dane-serializechain-01

9	Abstract

11	   This document describes a format for serializing a DNS record with
12	   accompanying DNSSEC information such that a verifier can be convinced
13	   that the DNS record is authentic without performing DNS queries
14	   itself.

16	Status of this Memo

18	   This Internet-Draft is submitted to IETF in full conformance with the
19	   provisions of BCP 78 and BCP 79.

21	   Internet-Drafts are working documents of the Internet Engineering
22	   Task Force (IETF), its areas, and its working groups.  Note that
23	   other groups may also distribute working documents as Internet-
24	   Drafts.

26	   Internet-Drafts are draft documents valid for a maximum of six months
27	   and may be updated, replaced, or obsoleted by other documents at any
28	   time.  It is inappropriate to use Internet-Drafts as reference
29	   material or to cite them other than as "work in progress."

31	   The list of current Internet-Drafts can be accessed at
32	   http://www.ietf.org/ietf/1id-abstracts.txt.

34	   The list of Internet-Draft Shadow Directories can be accessed at
35	   http://www.ietf.org/shadow.html.

37	   This Internet-Draft will expire on January 2, 2012.

39	Copyright Notice

41	   Copyright (c) 2011 IETF Trust and the persons identified as the
42	   document authors.  All rights reserved.

44	   This document is subject to BCP 78 and the IETF Trust's Legal
45	   Provisions Relating to IETF Documents
46	   (http://trustee.ietf.org/license-info) in effect on the date of
47	   publication of this document.  Please review these documents
48	   carefully, as they describe your rights and restrictions with respect
49	   to this document.  Code Components extracted from this document must
50	   include Simplified BSD License text as described in Section 4.e of
51	   the Trust Legal Provisions and are provided without warranty as
52	   described in the BSD License.

54	Table of Contents

56	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
57	   2.  Requirements Notation  . . . . . . . . . . . . . . . . . . . .  4
58	   3.  Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .  5
59	   4.  Verification . . . . . . . . . . . . . . . . . . . . . . . . .  8
60	     4.1.  The INITIAL State  . . . . . . . . . . . . . . . . . . . .  8
61	     4.2.  The ENTERING State . . . . . . . . . . . . . . . . . . . .  8
62	     4.3.  The LEAVING State  . . . . . . . . . . . . . . . . . . . .  9
63	   5.  Construction . . . . . . . . . . . . . . . . . . . . . . . . . 11
64	   6.  Deficiencies . . . . . . . . . . . . . . . . . . . . . . . . . 13
65	   7.  Test vectors . . . . . . . . . . . . . . . . . . . . . . . . . 14
66	   8.  Normative References . . . . . . . . . . . . . . . . . . . . . 18
67	   Appendix A.  Changes . . . . . . . . . . . . . . . . . . . . . . . 19
68	   Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 20

70	1.  Introduction

72	   RFC 1035 [RFC1035] describes the Domain Name System, a distributed
73	   database.  For many years the authenticity of the contents of this
74	   database were founded on trust and small amounts of entropy in
75	   queries that frustrated efforts of attackers to blindly generate
76	   acceptable responses.  In RFC 4033 [RFC4033] (and many others), a
77	   system of cryptographic signatures for DNS (called DNSSEC) was
78	   specified.  DNS clients can now query DNS servers and strongly
79	   establish the authenticity of the resulting responses.

81	   This memo specifies a format for serializing a DNS record and all the
82	   DNSSEC signatures needed to strongly establish the authenticity of
83	   that record.  This may be useful for clients who cannot query the DNS
84	   directly, or for when such queries would not be performant.

86	2.  Requirements Notation

88	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
89	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
90	   document are to be interpreted as described in RFC 2119 [RFC2119].

92	3.  Overview

94	   The serialization holds few surprises and most of the data structures
95	   share a great deal with the wire format of the DNS records from RFC
96	   4034 [RFC4034].  The only tricks are size optimizations: the root key
97	   and the content of some DS records can be omitted.  Additionally, for
98	   zones which don't use a ZSK and KSK, the signature over the "DNSKEY"
99	   can be omitted.

101	   All integers described are unsigned and big-endian. "byte" is used an
102	   a synonym for an unsigned, 8-bit integer when such data might be
103	   better thought of as opaque octets.  There is no alignment; all
104	   structures are packed.

106	   struct Signature {
107	     uint16 length;
108	     uint8 algorithm;
109	     uint8 labels;
110	     uint32 ttl;
111	     uint32 expires;
112	     uint32 begins;
113	     uint16 key_tag;
114	     byte signature[length - 16];
115	   };

117	   A "Signature" structure is the "RRSIG RDATA" wire format from RFC
118	   4034 [RFC4034] section 3.1 with the Type Covered and Signer's Name
119	   omitted.  These values are implied by the context when used in this
120	   serialization format and aren't duplicated for space reasons.

122	   The "length" member may be zero to signify that a signature has been
123	   omitted.  In this case, no further members of the structure will
124	   follow.

126	   struct Key {
127	     uint16 length;
128	     byte rdata[length];
129	   }

131	   struct RRData {
132	     uint16 length;
133	     byte rrdata[length];
134	   }

136	   Resource records are serialized using exactly the DNS wire format.
137	   Keys, likewise, are exactly as specified in RFC 4034 [RFC4034]
138	   section 2.1.

140	   struct Ds {
141	     uint8 digest_type;
142	     uint16 digest_len;
143	     byte digest[digest_len];
144	   }

146	   The Key Tag and Algorithm members of the "DS" record from RFC 4034
147	   [RFC4034] section 5.1 are omitted because they are implied by the
148	   context.  Additionally, the "digest_len" member may be zero to
149	   indicate that the digest itself is also implied by the context.

151	   struct Name;

153	   A "Name" is a series of 8-bit, unsigned, length-prefixed labels
154	   terminated by a the (empty) root label.  Each label MUST be less than
155	   64 bytes and the full name (including lengths and the root label)
156	   MUST be less than 256 bytes.

158	   struct Entry {
159	     uint8 entry_key_index;
160	     struct Signature key_sig;
161	     uint8 num_keys;
162	     struct Key keys[num_keys];
163	   }

165	   The entry to a zone contains a number of keys and an optional
166	   signature over those keys.  One of the keys ("keys[entry_key_index]")
167	   is distinguished and called the entry key.  The entry key is assumed
168	   to be trusted and bit 7 of the flags field MUST be set.  The entry
169	   key may have zero "length", in which case its value is that of the
170	   shared, initial key.

172	   The entry key may sign the resource records for this zone, in which
173	   case "key_sig.length" SHOULD be zero, "entry_key_index" SHOULD be
174	   zero and "num_keys" SHOULD BE one.  Otherwise, "key_sig" is a
175	   signature over "keys", which MUST be in be in canonical order as
176	   specified in RFC 4034 [RFC4034] section 6.3 after any empty keys have
177	   been substituted.

179	   struct Exit {
180	     Name next_name;
181	     uint16 rrtype;
182	     struct Signature rrsig;

184	     select (rrtype) {
185	       case CNAME:
186	         Name cname;
187	       case DS:
188	         uint8 num_ds;
189	         struct Ds ds_records[num_ds];
190	       default:
191	         uint8 num_rrs;
192	         struct RRData rrs[num_rrs];
193	       }
194	     }
195	   }

197	   Leaving a zone involves a number of resource records at a domain in
198	   the zone.  The resource records are signed by "rrsig", which MUST be
199	   a valid signature of them either from the entry key or, if
200	   "key_sig.length" is non-zero, one of the other "keys".

202	   All resource records MUST be in canonical order as specified in RFC
203	   4034 [RFC4034] section 6.3.  If the "digest" member of any "DS"
204	   record is empty, then it's implied that it's the digest of the next
205	   zone's entry key and the order requirement is imposed after such
206	   substitution.

208	   A serialized chain is a "uint16" key tag of the shared, initial key
209	   followed by a series of "Entry" and "Exit" structures.  These
210	   structures alternate except in the case a "CNAME" record, where upon
211	   several "Exit" structures can occur consecutively.

213	4.  Verification

215	   This text describes the process of verifying a serialized DNS record.
216	   Any process that produces a valid input to this process is a valid
217	   encoder.

219	   The verification procedure starts in an initial state, advances to
220	   the "ENTERING" state and then cycles between that and a "LEAVING"
221	   state until a terminal "LEAVING" state, or error, is reached.  A
222	   priori, the verifier is assumed to know the initial key and an
223	   initial zone.  For the purposes of this text, the initial key is
224	   assumed to be the IANA root key and the initial zone is assumed to be
225	   the root zone.  However, the same scheme could be used when starting
226	   in a subzone.  At all times the verifier also holds a target name.
227	   The target name is known a priori but may be updated during the
228	   course of verification.  The target name is the domain name for which
229	   a DNS record is being verified.  The verifier also maintains a stack
230	   of zones.  Each zone has a name and a set of trusted keys for that
231	   zone.

233	4.1.  The INITIAL State

235	   In the "INITIAL" state the verifier reads the following:

237	   uint16 initial_key_tag;

239	   The value of "initial_key_tag" is the key tag (see RFC 4034
240	   [RFC4034], Appendix B) of the initial key.  This serves as a check
241	   that the verifier's initial key and initial zone match that which is
242	   being assumed.  The verifier checks that the entry key of the next
243	   zone matches the initial key.  (Understanding this requires reading
244	   the next section.)

246	   The verifier moves to the "ENTERING" state.

248	4.2.  The ENTERING State

250	   In the "ENTERING" state the verifier reads an "Entry" structure.

252	   The verifier extracts the entry key, which is found in the "Key"
253	   array and indexed by "entry_key_index".  The entry key in the initial
254	   zone may have a zero length, in which case it's assumed to be the
255	   initial key.  Otherwise the "rdata" member of the "Key" structures
256	   MUST have the format for "DNSKEY RRDATA" described in RFC 4034
257	   [RFC4034] section 2.1.  The verifier MUST check that bit 7 of the
258	   "DNSKEY" flags is set.

260	   As a precondition of the "ENTERING" state, the entry key has already
261	   been validated so the verifier adds the entry key to the set of
262	   trusted keys for the current zone.

264	   If "key_sig" is non-empty then the verifier constructs an "RRSIG
265	   RDATA" from the information in the "Signature" structure and the
266	   current zone name.  The verifier constructs an "RRSET" from the
267	   "rdata" member of the "Key" structures.  (The "Key" structures MUST
268	   be in canonical order as specified in RFC 4034 [RFC4034] section
269	   6.3.)

271	   If the constructed "RRSIG" is a valid signature over the constructed
272	   "RRSET" using the entry key, then all the keys from the "Key" array
273	   are added to the set of trusted keys for the current zone.  If
274	   "key_sig" is non-empty and the signature is invalid then the
275	   verification fails.

277	   The verifier moves to the "LEAVING" state.

279	4.3.  The LEAVING State

281	   In the "LEAVING" state the verifier reads a "Exit" structure;

283	   If "rrtype" is "DS" then the verifier fills in any empty digests
284	   based on the entry key of the next "Entry" structure.  (The verifier
285	   has to read ahead in order to calculate this.)  If the verifier
286	   cannot calculate any digests then the verification fails.  The
287	   verifier MUST check that at least one "DS" record is either filled
288	   in, or is a valid digest of the entry key of the next "Entry"
289	   structure.  After substituting any empty digests, the "Ds" structures
290	   MUST be in canonical order as specified in RFC 4034 [RFC4034] section
291	   6.3.

293	   The verifier checks that an "RRSIG RDATA" constructed from "rrsig" is
294	   a valid signature over the "RRDATA"s.  If not, the verification
295	   fails.  The "RRDATA"s MUST be in canonical order as specified in RFC
296	   4034 [RFC4034] section 6.3.

298	   If "rrtype" is "DS" then the verifier MUST check that "next_name"
299	   matches a greater number labels, right-to-left, of the current target
300	   name than the current zone name.  The verifier pushes the current
301	   zone on the stack and moves to the "ENTERING" state with "next_name"
302	   as the zone name.

304	   If "rrtype" is "CNAME" then the verifier MUST check that "next_name"
305	   matches the current target name.  The contents of the "CNAME" record
306	   then become the new target name.  The verifier moves to the "LEAVING"
307	   state and pops the minimum number of zones from the stack so the the
308	   new target name is within the current zone.

310	   If "rrtype" is "NSEC" or "NSEC3" then the verifier MUST check that
311	   "next_name" is within the current zone.  The verifier terminates
312	   successfully and returns the "rrtype" and "RRDATA" of the record.
313	   The record may be used to establish the non-existence of the target
314	   record but that isn't specified in this text.

316	   Otherwise, the verifier MUST check that "next_name" matches the
317	   target name.  The verifier terminates successfully and returns the
318	   "rrtype" and "RRDATA" of the record.

320	5.  Construction

322	   This section describes a possible procedure for building data
323	   structures from which a serialization can be easily marshaled.  It's
324	   assumed that the goal is to serialize a DNS record of some type at a
325	   given domain in the public DNS.

327	   First, make a request for a "CNAME" record at the domain.  If a
328	   "CNAME" record exists, then it's the terminal record.  Otherwise
329	   resolve a record of a desired type at the domain.  If neither record
330	   exists, fail.

332	   Now find the chain of zone names leading to that domain.  The parent
333	   zone of a domain is typically returned as an "SOA" record in the
334	   authority section for any query to that domain, unless the domain is
335	   a zone cut itself.  In the event that a domain has an SOA record,
336	   then simply remove the left-most label from the name and try again.

338	   Construct an array of zone records, one for each zone leading to the
339	   domain name, including the root zone.  For each zone, fetch the set
340	   of "DNSKEY" records (with "DO" flag to get the "RRSIG"s) and, for
341	   every zone expect the last one, fetch the "DS" records for the next
342	   zone (also with "DO").  If any zones don't have either of those
343	   record types then there isn't a DNSSEC chain to the desired record
344	   and the construction fails.  The "DS" records are the exit records
345	   for all zones save the last.  For the last zone, the exit record is
346	   the terminal record.  Sort all records so that they are in canonical
347	   order as specified in RFC 4034 [RFC4034] section 6.3.

349	   For each zone, verify the signature on the exit records with each
350	   possible key (using key tags to skip some keys).  The set of keys
351	   that sign the exit records are called exit keys.

353	   For the root zone, the entry key is the shared root key.  For all
354	   other zones, look at the parent zone's "DS" records and mark keys as
355	   possible entry keys if there's a "DS" record for them and the hash
356	   function is commonly accepted.  (At the time of writing, "SHA1" and
357	   "SHA256" are such hash functions.)  Filter the possible entry keys to
358	   only include those that have the SEP bit set in the flags.  If any
359	   zone has no possible entry keys then the construction fails.

361	   For each zone, take the intersection of possible entry keys and exit
362	   keys.  If the intersection is non-empty, pick one of those keys and
363	   discard the rest along with the signature over the keys.  Otherwise,
364	   filter the acceptable entry keys by considering only those for which
365	   a valid signature over the "DNSKEY RRSET" can be found.  Pick an
366	   acceptable entry and exit key.

368	   Serialize the current zones.  If the target record is a "CNAME" then
369	   repeat this procedure for the new name.  Before serializing the
370	   zones, find the most junior zone that is shared with the previous set
371	   of zones.  Discard all zones senior to it and omit its "Entry"
372	   structure when serializing.

374	6.  Deficiencies

376	   This text does not deal with DNAME records [RFC2672], unless the
377	   "DNAME" records are used to synthesize "CNAME" records.

379	7.  Test vectors

381	   The following serialization involves assumes the the initial zone is
382	   the root and that the initial key is the IANA root key (key tag
383	   19036).  The initial key is given here for completeness:

385	   00000000  01 01 03 08 03 01 00 01  a8 00 20 a9 55 66 ba 42
386	   00000010  e8 86 bb 80 4c da 84 e4  7e f5 6d bd 7a ec 61 26
387	   00000020  15 55 2c ec 90 6d 21 16  d0 ef 20 70 28 c5 15 54
388	   00000030  14 4d fe af e7 c7 cb 8f  00 5d d1 82 34 13 3a c0
389	   00000040  71 0a 81 18 2c e1 fd 14  ad 22 83 bc 83 43 5f 9d
390	   00000050  f2 f6 31 32 51 93 1a 17  6d f0 da 51 e5 4f 42 e6
391	   00000060  04 86 0d fb 35 95 80 25  0f 55 9c c5 43 c4 ff d5
392	   00000070  1c be 3d e8 cf d0 67 19  23 7f 9f c4 7e e7 29 da
393	   00000080  06 83 5f a4 52 e8 25 e9  a1 8e bc 2e cb cf 56 34
394	   00000090  74 65 2c 33 cf 56 a9 03  3b cd f5 d9 73 12 17 97
395	   000000a0  ec 80 89 04 1b 6e 03 a1  b7 2d 0a 73 5b 98 4e 03
396	   000000b0  68 73 09 33 23 24 f2 7c  2d ba 85 e9 db 15 e8 3a
397	   000000c0  01 43 38 2e 97 4b 06 21  c1 8e 62 5e ce c9 07 57
398	   000000d0  7d 9e 7b ad e9 52 41 a8  1e bb e8 a9 01 d4 d3 27
399	   000000e0  6e 40 b1 14 c0 a2 e6 fc  38 d1 9c 2e 6a ab 02 64
400	   000000f0  4b 28 13 f5 75 fc 21 60  1e 0d ee 49 cd 9e e9 6a
401	   00000100  43 10 3e 52 4d 62 87 3d

403	   The target name for this test vector is "www.dnssec-exp.org".  The
404	   serialization establishes that "www.dnssec-exp.org" is a "CNAME" for
405	   "dnssec-exp.org" and then results in a "TXT" record at that name.
406	   Since DNSSEC signatures expire, time based validation needs to be
407	   disabled for this test vector.

409	   00000000  4a 5c 01 01 10 08 00 00  01 51 80 4c 8e ba ff 4c
410	   00000010  7a f4 80 4a 5c 6d e6 a7  aa 97 ca 48 4a 49 bb ff
411	   00000020  91 1a d8 c2 55 0d 80 1c  83 41 2b 89 70 87 d9 3a
412	   00000030  23 9f dc a4 b6 0c e3 3a  5a be fc 2b cb b7 14 bd
413	   00000040  bf 43 aa 03 34 e8 84 18  2e 95 0e 77 b1 e2 74 86
414	   00000050  d8 c3 9c dc 00 80 8c 92  fc 92 fe 25 e3 6d 94 e5
415	   00000060  c4 08 18 f7 c2 96 de 8c  85 73 22 0d 03 7a e0 a9
416	   00000070  51 27 24 bc f8 bf 63 52  ef bd b8 07 e8 f6 aa 3d
417	   00000080  02 28 fe 44 d4 e4 04 10  61 95 6c 87 06 2a 5c db
418	   00000090  67 0d ac 1a 02 2e 66 35  08 28 29 24 8e ad 4c 3b
419	   000000a0  6a 99 88 d6 32 a6 7d c3  0c 3d bc 0b ff 86 8d c6
420	   000000b0  50 8b ad 1f 1f f7 06 c5  9e 0c 6f bb 3c 02 5c 67
421	   000000c0  a7 af 53 63 5a ae 99 47  93 61 c8 4f fb 03 ec fe
422	   000000d0  a3 c1 ee 45 f8 56 73 88  f4 14 6d 96 7c dc 88 01
423	   000000e0  99 04 18 3d 42 56 57 54  d7 ed f8 6b 46 ff 01 e6
424	   000000f0  1a 75 37 d4 f6 b2 57 61  6b bf 24 99 6d cd 63 c6
425	   00000100  45 d0 0a 93 5c bb d3 36  ac fa 57 51 a0 cf 32 0e
426	   00000110  b3 57 f3 02 77 02 00 88  01 00 03 08 03 01 00 01
427	   00000120  bd 60 70 38 41 94 7f fd  32 58 14 c5 2d 22 93 67
428	   00000130  70 63 f2 62 04 8a 55 f8  48 4a 65 5e cb 71 cc 4d
429	   00000140  73 a4 25 8f 8e bb 42 31  d0 dc 58 26 da 2d 8b 13
430	   00000150  dc 3a 2e a3 c5 0d 29 e0  e6 a5 6a d4 e6 05 c9 30
431	   00000160  6d dc 34 29 a6 a0 e7 00  fa e2 4f 05 b9 a8 84 0d
432	   00000170  0c d1 6f df 8c a8 eb 7b  00 74 17 94 e0 6f 6d bf
433	   00000180  b7 73 4f 9b 0f c8 08 26  56 1e 47 0c 27 be e9 73
434	   00000190  36 f8 87 a5 d7 e9 14 28  27 a5 f0 87 32 d7 d8 51
435	   000001a0  00 00 03 6f 72 67 00 00  2b 00 90 08 01 00 02 a3
436	   000001b0  00 4c 90 0c 80 4c 86 c3  f0 a1 20 10 1a ab 3c 50
437	   000001c0  ae 3f 7f 49 4a 3f fc f1  fb 5c 63 76 7f 60 f8 0e
438	   000001d0  08 30 23 b1 e7 a9 bc 23  a4 1a af c5 99 3e 85 1f
439	   000001e0  0b f3 7f 04 12 5b 7e 26  b1 87 a0 4c d9 af f0 30
440	   000001f0  eb 88 b0 f6 88 b5 10 b7  c9 a8 c8 c0 c0 26 69 16
441	   00000200  90 ec ec 53 f2 c4 24 7c  24 c0 67 09 29 4b cc 80
442	   00000210  92 e5 d9 c4 a3 18 0b 16  65 c2 11 7a 3b b1 c0 af
443	   00000220  0b 93 e6 7b 76 25 18 7a  1e 8e 4f 50 f2 b4 da 72
444	   00000230  72 44 3a 18 f9 ed 72 05  19 77 34 02 01 00 00 02
445	   00000240  00 00 02 01 10 07 01 00  00 03 84 4c 90 ea 0d 4c
446	   00000250  7e 66 fd 53 76 37 11 28  49 49 a9 aa 7e e7 c6 2b
447	   00000260  0f 0e 76 b7 a6 15 4d cf  95 9e 5b 25 5a 52 cc 62
448	   00000270  d7 31 2b 6a 35 f7 9f 5b  c1 5e ba c1 53 98 3e c8
449	   00000280  6c 21 6f f1 93 b6 b7 6e  65 04 30 e2 0c 6d a5 dd
450	   00000290  15 d4 01 b8 d3 9b d2 86  38 24 6f ed 03 47 b4 9e
451	   000002a0  0b 1a e3 16 7d 20 68 50  e5 b1 2c ae 14 c0 dc 09
452	   000002b0  31 6d a0 4e 55 dc 65 be  e5 89 e4 35 57 3e 2b da
453	   000002c0  06 8d ef c8 df f9 f6 c3  09 39 c7 83 e9 e0 f0 2e
454	   000002d0  ad 21 56 8b 60 f9 84 53  ac 1e 84 42 7a fa a1 bd
455	   000002e0  86 61 12 d0 70 dc 54 50  0e be 1a 47 e4 38 96 b4
456	   000002f0  e7 3c 26 ae 1d 7e 37 28  f5 54 e6 94 63 30 42 7e
457	   00000300  52 b2 8b da 96 44 0c a4  da 33 28 77 02 df cf a0
458	   00000310  c7 14 2b 68 bb 5d 1b 7e  32 5c f2 0e cb 1b e1 6d
459	   00000320  1c b8 96 bf 0d 1a cc 0f  2f fd 25 ff 33 3d 89 6d
460	   00000330  27 9e e0 b9 5a 72 bb 2f  e5 95 bb 40 b6 4c 11 6c
461	   00000340  80 b6 9e a9 d9 31 61 b9  69 9c f2 e8 c5 a0 fd 07
462	   00000350  59 87 38 ff 25 04 00 88  01 00 03 07 03 01 00 01
463	   00000360  80 97 87 f6 40 06 2f 24  88 92 03 5d 89 b2 52 51
464	   00000370  f3 0b 40 87 78 1c ea 72  9c 99 00 88 c2 ed d2 b5
465	   00000380  c2 44 58 55 c5 2f 22 5a  53 3a 99 ce 55 57 dc 0b
466	   00000390  73 f2 f5 48 bf c7 8e 6a  29 bd 0b ca db ca ed 66
467	   000003a0  00 7b 75 b2 38 ec 24 e6  49 70 22 a4 42 ff 4a 78
468	   000003b0  96 e6 9f 6d dd b2 85 13  05 ee ab 8e 05 5a 98 ac
469	   000003c0  ba 07 c2 ff 22 f4 ba d5  fa bf 1d 84 1e eb 5e ff
470	   000003d0  e5 91 34 88 ea 61 19 b2  0e 6b 0d f7 9e f1 8c b5
471	   000003e0  00 88 01 00 03 07 03 01  00 01 c9 06 00 53 45 4a
472	   000003f0  0b b8 e2 b0 4e 29 c8 19  b4 a3 63 27 e2 cd c7 c7
473	   00000400  6d 60 31 eb c0 82 5f 44  14 96 60 4e c8 62 f4 cc
474	   00000410  b9 99 7a 19 f0 af 34 d9  63 ca 40 e3 7b b6 bc fa
475	   00000420  40 08 1d e7 c3 a4 d2 73  3a 32 f2 a4 4c 3c 4f d6
476	   00000430  52 52 c8 6d a5 f6 d9 4d  0c fd b4 93 8b 61 72 db
477	   00000440  6e 5f 2d d9 2d ab 18 2f  87 2d bf 8d 42 37 93 41
478	   00000450  18 f6 93 97 da 27 31 dc  da ec 21 16 61 e1 e0 7a
479	   00000460  53 26 82 c7 62 99 18 81  6a 65 01 08 01 01 03 07
480	   00000470  03 01 00 01 8a 58 7e 3d  da 69 1c f3 93 15 90 a8
481	   00000480  c7 65 ed 81 31 63 cd 4d  75 84 af fa a6 b2 b9 90
482	   00000490  e8 76 76 7d 20 c8 74 6f  03 1c 61 a5 54 77 33 40
483	   000004a0  6d 57 89 f2 07 7a 8e ad  6c 47 75 6f 3f f4 91 df
484	   000004b0  a9 a6 1a cb 1b 57 85 1d  97 93 91 0e da a2 64 fd
485	   000004c0  93 0c d0 c7 c4 49 ca 29  35 fe 8d 67 f2 b5 97 93
486	   000004d0  ed dd c0 6d 2c c1 28 2d  2f ee e6 6b 33 a3 36 7a
487	   000004e0  82 67 97 a8 9d eb aa c4  52 64 02 da 9f 43 ae b0
488	   000004f0  e0 f4 5e ad 5c 2f 42 0f  fc c2 ef fc be 04 d3 69
489	   00000500  88 e7 67 33 90 d7 93 b1  e1 66 6e eb 6b d1 3b 96
490	   00000510  d2 f5 de 1d a6 c7 b9 04  81 4f 1e ea 7a 49 94 2a
491	   00000520  17 8e b6 88 06 05 03 b6  16 2c e3 c5 bf b1 d4 c3
492	   00000530  2e ee cd e7 da e3 08 6f  9b a6 29 7e 73 ca 19 f5
493	   00000540  fe cd 47 7a a6 49 3a 53  3f 59 bc e9 1a 94 42 75
494	   00000550  44 ae 27 eb 1f c2 a3 0e  a2 fe df 0c d4 74 5e 40
495	   00000560  0a 46 30 b7 55 e1 3d 53  d4 fb 04 88 97 36 da 01
496	   00000570  03 78 f4 f5 01 08 01 01  03 07 03 01 00 01 94 e3
497	   00000580  6c 83 b9 90 8a 71 59 4b  72 5d cf 1a be c2 b2 1c
498	   00000590  82 19 f8 b8 c2 d8 3b fc  9d a3 be 4f 3e 97 d9 fa
499	   000005a0  b3 0c 2d 5b 76 ae c7 95  9c 2d 91 aa 93 90 c5 55
500	   000005b0  27 ef 20 13 d1 48 ad e1  89 e1 cf 06 d4 67 5b 8d
501	   000005c0  08 1b 3f 53 b2 60 81 bb  38 74 dc e2 1b f9 4f 63
502	   000005d0  65 c9 6a fa 93 a4 05 cf  df 10 e3 3c 05 20 64 c5
503	   000005e0  56 fc 01 86 6a cc 0d 8b  0e 4e d5 da 90 ae 90 c0
504	   000005f0  7a 2f 03 5f bc dc 1b 14  00 2c 65 89 da 70 07 48
505	   00000600  50 69 c6 c3 eb 1f 88 d9  10 83 cd 8b 93 ce 3e b8
506	   00000610  26 fd 3f f5 7b 17 e8 06  15 dd e6 dc 82 7e 21 2f
507	   00000620  58 c8 47 67 89 63 25 e5  ac 0a 16 c5 dc f1 71 6f
508	   00000630  ff e7 27 8b e5 15 56 ba  14 71 7a 39 a7 49 59 c2
509	   00000640  bb 19 1f 4b 80 10 e3 ce  4a 1f 6b 69 75 b5 9c 0a
510	   00000650  8a 4b 25 9b 3a b7 0f 2a  de 35 9c a5 31 b3 76 1f
511	   00000660  ef df 17 58 7c da 50 35  c3 c8 98 59 71 02 e9 f7
512	   00000670  06 d3 91 3c 0d ab f2 d8  ba 30 da 09 10 75 0a 64
513	   00000680  6e 73 73 65 63 2d 65 78  70 03 6f 72 67 00 00 2b
514	   00000690  00 90 07 02 00 01 51 80  4c 90 ea 0d 4c 7e 66 fd
515	   000006a0  93 b4 39 ee 27 29 54 9e  57 41 12 60 19 f6 3f a6
516	   000006b0  ba d6 41 98 57 ec 30 9e  96 08 8c 13 a9 76 95 74
517	   000006c0  cd cd 2e a6 22 21 44 3f  13 df 7a 33 f1 8c 4c f9
518	   000006d0  a3 6d 50 38 fa 71 7b 7a  fe 54 a9 44 81 8c d5 04
519	   000006e0  9e 46 89 da 26 43 40 f6  d7 23 48 07 0e 48 2e 19
520	   000006f0  0d 41 27 85 75 1e a0 a9  ad 39 af 8d c1 ed c5 93
521	   00000700  73 05 09 7a 8f f0 97 c3  98 ab cc 7c bf 48 ef ea
522	   00000710  34 f3 e6 5d 8d 1b be 43  97 56 4e 60 9f dd 1b f5
523	   00000720  15 6c 01 02 00 00 00 00  00 01 00 a8 01 00 03 05
524	   00000730  03 01 00 01 d0 0a 64 8e  b5 90 0b 75 c2 eb 52 5f
525	   00000740  a4 cb eb 1d 77 8d 84 2c  ef b6 88 d4 7c 50 4c 52
526	   00000750  7b 9d 37 31 36 b2 5b 6c  47 b4 21 80 61 46 fa 5b
527	   00000760  44 50 91 9d f8 c1 78 00  78 29 fe e2 08 65 f8 c9
528	   00000770  df 69 0b 59 6b f4 93 9f  8b 25 0b 6b 93 12 06 57
529	   00000780  c8 04 9d 3f 33 bd 2b 35  54 b9 98 75 e4 b0 49 3c
530	   00000790  29 c1 fb 74 bc 91 82 9e  c5 61 a6 16 e1 f0 8f e9
531	   000007a0  e1 23 55 5e fb f1 cc 8a  75 5d f2 86 89 0a 29 cb
532	   000007b0  ca 33 de 9d 74 43 0d de  67 de 71 0f 7f a3 bb 22
533	   000007c0  82 81 66 d1 bd 49 0d 89  45 d7 18 cf 98 2c 19 af
534	   000007d0  63 16 20 91 03 77 77 77  0a 64 6e 73 73 65 63 2d
535	   000007e0  65 78 70 03 6f 72 67 00  00 05 00 b0 05 03 00 00
536	   000007f0  00 3c 4c ae eb fc 4c 87  59 f6 83 7f 01 90 de 40
537	   00000800  a3 42 73 59 b7 c7 3a e1  01 ae 5c 0f d4 22 9d b5
538	   00000810  88 b8 bb 14 95 7f fa a7  ff 48 30 90 4c 1b 71 33
539	   00000820  1c 36 bc af ae 1d 97 ec  ee 71 b8 b1 2a 19 d7 f3
540	   00000830  25 78 94 59 54 bb 2b ac  e6 3c 3e 7e 43 7c 2d c0
541	   00000840  72 58 e8 4a a2 ed 1f 39  5f 6a 98 62 d0 fc 6e be
542	   00000850  01 1f a0 39 f2 b4 4d 33  9b 4d e3 81 65 77 80 3d
543	   00000860  2c 44 ee 1a 65 f7 25 68  95 3f a1 22 d5 9d 59 7e
544	   00000870  a7 a6 f2 7e 4d 47 8b 98  4a 0d 16 a1 78 12 c7 90
545	   00000880  e2 e9 6d e6 89 f3 a1 c4  30 bd e8 f9 75 c6 49 9e
546	   00000890  5f 9c 1e 23 b5 0e 82 70  8e b3 0d 1c 0a 64 6e 73
547	   000008a0  73 65 63 2d 65 78 70 03  6f 72 67 00 0a 64 6e 73
548	   000008b0  73 65 63 2d 65 78 70 03  6f 72 67 00 00 10 00 b0
549	   000008c0  05 02 00 00 00 3c 4c ae  f6 e5 4c 87 5e d9 83 7f
550	   000008d0  2a 88 85 b8 f1 73 93 e3  85 ee c8 93 34 2d d2 47
551	   000008e0  2d 86 e5 c6 18 69 94 94  7a 2d 7e a2 57 f1 75 3e
552	   000008f0  51 bf aa ed dd f8 1a b9  1e 86 6f 7f e9 dc ad 83
553	   00000900  da 7d cd 2d 4d 9b e3 66  92 b9 21 96 bf ea 70 55
554	   00000910  bf b3 b0 85 90 72 5f 09  d1 7c 49 25 07 79 34 48
555	   00000920  e7 1c aa 53 33 cb 62 b9  9f 42 6e 36 00 31 ab 9f
556	   00000930  cc f5 a9 02 2f 75 4c f1  d6 86 3a 7f 08 e4 72 7d
557	   00000940  34 e0 40 76 d1 f0 e3 98  37 e7 93 94 57 95 6c de
558	   00000950  9e 17 57 3a 78 e9 8b 57  7f 74 e2 af f8 af 11 64
559	   00000960  a9 e9 db b2 58 da 7c fe  3f 52 06 39 fc dd 1c 1c
560	   00000970  01 00 3a 39 76 3d 74 6c  73 31 20 68 61 3d 73 68
561	   00000980  61 31 20 68 3d 31 30 39  63 38 31 34 36 33 30 34
562	   00000990  64 65 37 63 34 63 38 37  30 35 62 63 63 31 64 38
563	   000009a0  61 32 63 32 33 37 66 30  35 35 38 64 37

565	8.  Normative References

567	   [RFC1035]  Mockapetris, P., "Domain names - implementation and
568	              specification", STD 13, RFC 1035, November 1987.

570	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
571	              Requirement Levels", BCP 14, RFC 2119, March 1997.

573	   [RFC2672]  Crawford, M., "Non-Terminal DNS Name Redirection",
574	              RFC 2672, August 1999.

576	   [RFC4033]  Arends, R., Austein, R., Larson, M., Massey, D., and S.
577	              Rose, "DNS Security Introduction and Requirements",
578	              RFC 4033, March 2005.

580	   [RFC4034]  Arends, R., Austein, R., Larson, M., Massey, D., and S.
581	              Rose, "Resource Records for the DNS Security Extensions",
582	              RFC 4034, March 2005.

584	Appendix A.  Changes

586	   To be removed by RFC Editor before publication

588	Author's Address

590	   Adam Langley
591	   Google Inc

593	   Email: agl@google.com