idnits 2.17.1 draft-durand-doa-over-dns-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 06, 2017) is 2387 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Independent Submission A. Durand 3 Internet-Draft ICANN 4 Intended status: Experimental R. Bellis 5 Expires: April 9, 2018 ISC 6 October 06, 2017 8 DOA over DNS 9 draft-durand-doa-over-dns-03 11 Abstract 13 Abstract 15 This document defines a DOA RR type to implement the Digital Object 16 Architecture over DNS. 18 Status of This Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on April 9, 2018. 35 Copyright Notice 37 Copyright (c) 2017 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 53 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 54 3. The DOA Resource Record . . . . . . . . . . . . . . . . . . . 2 55 3.1. Description . . . . . . . . . . . . . . . . . . . . . . . 2 56 3.1.1. Enterprise and Type fields . . . . . . . . . . . . . 3 57 3.1.2. Location field . . . . . . . . . . . . . . . . . . . 3 58 3.1.3. Media Type . . . . . . . . . . . . . . . . . . . . . 4 59 3.1.4. Data . . . . . . . . . . . . . . . . . . . . . . . . 4 60 3.2. DOA RDATA Wire Format . . . . . . . . . . . . . . . . . . 4 61 3.3. DOA RDATA Presentation Format . . . . . . . . . . . . . . 5 62 4. Security Considerations . . . . . . . . . . . . . . . . . . . 5 63 5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 5 64 6. Operational consideration . . . . . . . . . . . . . . . . . . 5 65 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 66 7.1. DOA Type Registry . . . . . . . . . . . . . . . . . . . . 6 67 7.2. DOA Location Type Registry . . . . . . . . . . . . . . . 6 68 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 69 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 70 9.1. Normative References . . . . . . . . . . . . . . . . . . 7 71 9.2. Informative References . . . . . . . . . . . . . . . . . 8 72 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 74 1. Introduction 76 This document defines an RR type to implement an architecture similar 77 to the Digital Object Architecture [ITU-X.1255] within the DNS. Each 78 DOA RR contains an object type that might be opaque and private to 79 the producer and the consumer of the data and either the data (if 80 small enough to fit in the RR) or a pointer on how to retrieve the 81 actual data. 83 2. Terminology 85 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 86 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 87 "OPTIONAL" in this document are to be interpreted as described in BCP 88 14 [RFC2119] [RFC8174] when, and only when, they appear in all 89 capitals, as shown here. 91 3. The DOA Resource Record 93 3.1. Description 95 The Type value for the DOA RR is TBD. The DOA RR is class 96 independent. No special processing is required within DNS servers or 97 libraries. 99 The RDATA of the resource record comprises of five fields: DOA- 100 ENTERPRISE, DOA-TYPE, DOA-MEDIA-TYPE, DOA-LOCATION and DOA-DATA. 102 3.1.1. Enterprise and Type fields 104 The DOA-ENTERPRISE and DOA-TYPE fields are combined to indicate the 105 semantic type of the DOA record being represented by the RR. That 106 semantic is private to the producer of data hosted on an 107 authoritative DNS server and the application software using a DNS 108 stub resolver to retrieve it. 110 The DOA-ENTERPRISE field uses values as specified in the IANA SMI 111 Network Management Private Enterprise Codes Registry 112 [IANA-ENTERPRISE]. An exception to that is that the reserved value 113 of zero (0) is used to indicate that the the DOA-ENTERPRISE is not 114 set. 116 Some commonly used values of DOA-TYPE are registered in the IANA DOA 117 Type Registry Section 7.1, others are privately defined. As those 118 private types might be used in cross-organization systems, use of the 119 DOA-ENTERPRISE field is RECOMMENDED to disambiguate types. 121 3.1.2. Location field 123 The DOA-LOCATION signals how the DOA-DATA field should be interpreted 124 using the values specified in the DOA Location Type Registry 125 Section 7.2. 127 The value 0 is reserved. 129 For the value 1 ("Local"), the DOA-DATA contains the actual DOA 130 object. 132 For the value 2 ("URI") the DOA-DATA contains a UTF-8 encoded string 133 representing the URI from which the DOA object can be obtained. 135 For the value 3 ("HDL") the DOA-DATA contains a UTF-8 encoded string 136 representing the handle from the Handle System [RFC3650] from which 137 the DOA object can be obtained. 139 Other values might be defined in the future, for example for NFS, 140 LDAP, etc... 142 DNS software implementing the DOA RR type MUST NOT drop or otherwise 143 refuse to handle the DOA RRs containing an unknown or unsupported 144 DOA-location and MUST treat the DOA-DATA portion of the RR as an 145 abstract opaque field. 147 3.1.3. Media Type 149 The DOA-MEDIA-TYPE field contains the Internet media type [RFC6838] 150 for the DOA object represented by this record. 152 If a non-Local object is retrieved over a protocol that supports 153 inclusion of a media type value (e.g. an HTTP Content-Type header) 154 then the client MUST use that value (if supplied) in preference to 155 any value specified inside this resource record. In such case, the 156 DOA-MEDIA-TYPE MAY be set to NULL, length 0. 158 3.1.4. Data 160 The DOA-DATA field contains either the object's data, or some form of 161 reference specifying from where the data can be obtained, per the 162 DOA-LOCATION field above. 164 3.2. DOA RDATA Wire Format 166 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 167 0: | | 168 | DOA-ENTERPRISE | 169 | | 170 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 171 4: | | 172 | DOA-TYPE | 173 | | 174 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 175 8: | DOA-LOCATION | DOA-MEDIA-TYPE / 176 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 177 10: / / 178 / DOA-MEDIA-TYPE (continued) / 179 / / 180 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 181 / / 182 / DOA-DATA / 183 / / 184 +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+ 186 DOA-ENTERPRISE: a 32-bit unsigned integer in network order. 188 DOA-TYPE: a 32-bit unsigned integer in network order. 190 DOA-LOCATION: an 8-bit unsigned integer. 192 DOA-MEDIA-TYPE: A (see [RFC1035]). The first 193 octet of the contains the number of characters to 194 follow. 196 DOA-DATA: A variable length blob of binary data. The length of the 197 DOA-DATA is not contained within the wire format of the RR and has to 198 be computed from the RDLENGTH of the entire RR once other fields have 199 been taken into account. 201 3.3. DOA RDATA Presentation Format 203 The DOA-ENTERPRISE field is presented as an unsigned 32-bit decimal 204 integer with range 0 - 4,294,967,295. 206 The DOA-TYPE field is presented as an unsigned 32-bit decimal integer 207 with range 0 - 4,294,967,295. 209 The DOA-LOCATION field is presented as an unsigned 8-bit decimal 210 integer with range 0 - 255. 212 The DOA-MEDIA-TYPE field is presented as a single . 214 The DOA-DATA is presented as Base64 encoded data [RFC4648] unless the 215 DOA-DATA is empty in which case it is presented as a single dash 216 character ("-", ASCII 45). White space is permitted within Base64 217 data. 219 4. Security Considerations 221 The use of DNSSEC is encouraged to protect the integrity of the data 222 contained in the DOA RR type. 224 5. Privacy Considerations 226 Personally identifiable information (PII) data appearing in the DOA- 227 DATA field SHOULD be encrypted. 229 6. Operational consideration 231 Some DOA records might contain large data that is only of interest to 232 a single party, as such, caching those records does not provide much 233 benefits and could be considered a denial of service attack on the 234 caching resolver infrastructure. It is thus RECOMMENDED that the TTL 235 associated with large DOA RRs be set as small as possible to avoid 236 caching. 238 7. IANA Considerations 239 7.1. DOA Type Registry 241 IANA are requested to create the DOA Type Registry with initial 242 contents as follows: 244 +--------------+-------------------------------+---------------+ 245 | Value | Name | Specification | 246 +--------------+-------------------------------+---------------+ 247 | 0 | Reserved - cannot be assigned | RFC-TBD1 | 248 | | | | 249 | 1 | contact email | RFC-TBD1 | 250 | | | | 251 | 2 | contact website | RFC-TBD1 | 252 | | | | 253 | 3 | contact telephone | RFC-TBD1 | 254 | | | | 255 | 4 - 99 | Unassigned | | 256 | | | | 257 | 100 | public key | RFC-TBD1 | 258 | | | | 259 | 101 - 99,999 | Unassigned | | 260 | | | | 261 | 100000 - | Reserved for Private Use | RFC-TBD1 | 262 +--------------+-------------------------------+---------------+ 264 Assignments in the 1-99,999 range in this registry require Expert 265 Review. 267 7.2. DOA Location Type Registry 269 IANA are requested to create the DOA Location Type Registry with 270 initial contents as follows: 272 +-----------+-------------------------------+---------------+ 273 | Value | Location | Specification | 274 +-----------+-------------------------------+---------------+ 275 | 0 | Reserved - cannot be assigned | RFC-TBD1 | 276 | | | | 277 | 1 | Local | RFC-TBD1 | 278 | | | | 279 | 2 | URI | RFC-TBD1 | 280 | | | | 281 | 3 | HDL | RFC-TBD1 | 282 | | | | 283 | 4 - 199 | Unassigned | | 284 | | | | 285 | 200 - 254 | Reserved for Private Use | RFC-TBD1 | 286 | | | | 287 | 255 | Reserved - cannot be assigned | RFC-TBD1 | 288 +-----------+-------------------------------+---------------+ 290 Assignments in the 4-199 range in this registry require Expert 291 Review. 293 8. Acknowledgments 295 9. References 297 9.1. Normative References 299 [IANA-ENTERPRISE] 300 IANA, "SMI Network Management Private Enterprise Codes 301 Registry", n.d., . 304 [RFC1035] Mockapetris, P., "Domain names - implementation and 305 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 306 November 1987, . 308 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 309 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ 310 RFC2119, March 1997, . 313 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 314 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 315 . 317 [RFC6838] Freed, N., Klensin, J., and T. Hansen, "Media Type 318 Specifications and Registration Procedures", BCP 13, RFC 319 6838, DOI 10.17487/RFC6838, January 2013, 320 . 322 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 323 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 324 May 2017, . 326 9.2. Informative References 328 [ITU-X.1255] 329 ITU, "Framework for discovery of identity management 330 information", n.d., 331 . 333 [RFC3650] Sun, S., Lannom, L., and B. Boesch, "Handle System 334 Overview", RFC 3650, DOI 10.17487/RFC3650, November 2003, 335 . 337 Authors' Addresses 339 Alain Durand 340 Internet Corporation for Assigned Names and Numbers 341 801 17th St NW Suite 400 342 Washington DC 20006 343 USA 345 Email: Alain.Durand@icann.org 347 Ray Bellis 348 Internet Systems Consortium, Inc. 349 950 Charter Street 350 Redwood City CA 94063 351 USA 353 Phone: +1 650 423 1200 354 Email: ray@isc.org