idnits 2.17.1 draft-ietf-dnsop-alt-tld-14.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (15 December 2021) is 863 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 7719 (Obsoleted by RFC 8499) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 dnsop W. Kumari 3 Internet-Draft Google 4 Intended status: Informational 15 December 2021 5 Expires: 18 June 2022 7 The ALT Special Use Top Level Domain 8 draft-ietf-dnsop-alt-tld-14 10 Abstract 12 This document reserves a string (ALT) to be used as a TLD label in 13 non-DNS contexts. It also provides advice and guidance to developers 14 developing alternative namespaces. 16 [Ed note: Text inside square brackets ([]) is additional background 17 information, answers to frequently asked questions, general musings, 18 etc. They will be removed before publication. This document is 19 being collaborated on in Github at: https://github.com/wkumari/draft- 20 wkumari-dnsop-alt-tld. The most recent version of the document, open 21 issues, etc should all be available here. The authors (gratefully) 22 accept pull requests. ] 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on 18 June 2022. 41 Copyright Notice 43 Copyright (c) 2021 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 48 license-info) in effect on the date of publication of this document. 49 Please review these documents carefully, as they describe your rights 50 and restrictions with respect to this document. Code Components 51 extracted from this document must include Revised BSD License text as 52 described in Section 4.e of the Trust Legal Provisions and are 53 provided without warranty as described in the Revised BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 2 59 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 60 2. Background . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. The ALT Namespace . . . . . . . . . . . . . . . . . . . . . . 4 62 3.1. Choice of the ALT Name . . . . . . . . . . . . . . . . . 4 63 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 64 4.1. Domain Name Reservation Considerations . . . . . . . . . 5 65 5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 6 66 6. Security Considerations . . . . . . . . . . . . . . . . . . . 7 67 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 68 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 69 8.1. Normative References . . . . . . . . . . . . . . . . . . 7 70 8.2. Informative References . . . . . . . . . . . . . . . . . 8 71 Appendix A. Changes / Author Notes. . . . . . . . . . . . . . . 8 72 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 74 1. Introduction 76 Many protocols and systems need to name entities. Names that look 77 like DNS names (a series of labels separated with dots) have become 78 common, even in systems that are not part of the global DNS 79 administered by IANA. This document reserves the label "ALT" (short 80 for "Alternative") as a Special Use Domain ([RFC6761]). This label 81 is intended to be used as the final (rightmost) label to signify that 82 the name is not rooted in the DNS, and that it should not be resolved 83 using the DNS protocol. 85 1.1. Requirements Notation 87 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 88 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 89 document are to be interpreted as described in [RFC2119]. 91 1.2. Terminology 93 This document assumes familiarity with DNS terms and concepts. 94 Please see [RFC1034] for background and concepts, and [RFC7719] for 95 terminology. Readers are also expected to be familiar with the 96 discussions in [RFC8244] 97 * DNS name: Domain names that are intended to be used with DNS 98 resolution, either in the global DNS or in some other context 100 * DNS context: The namespace anchored at the globally-unique DNS 101 root. This is the namespace or context that "normal" DNS uses. 103 * non-DNS context: Any other (alternative) namespace. 105 * pseudo-TLD: A label that appears in a fully-qualified domain name 106 in the position of a TLD, but which is not registered in the 107 global DNS. This term is not intended to be pejorative. 109 * TLD: The last visible label in either a fully-qualified domain 110 name or a name that is qualified relative to the root. See the 111 discussion in Section 2. 113 2. Background 115 The success of the DNS makes it a natural starting point for systems 116 that need to name entities in a non-DNS context. 118 In many cases, these systems build a DNS-style tree parallel to, but 119 separate from, the global DNS. They often use a pseudo-TLD to cause 120 resolution in the alternative namespace, using browser plugins, shims 121 in the name resolution process, or simply applications that perform 122 special handling of this particular alternative namespace. An 123 example of such a system is the Tor network's [Dingledine2004] use of 124 the ".onion" Special-Use Top-Level Domain Name (see [RFC7686]). 126 In many cases, the creators of these alternative namespaces have 127 chosen a convenient or descriptive string and started using it. 128 These strings are not registered anywhere nor are they part of the 129 DNS. However, to users and to some applications, they appear to be 130 TLDs; and issues may arise if they are looked up in the DNS. This 131 document suggests that name resolution libraries (stub resolvers) 132 recognize names ending in ".alt" as special, and not attempt to look 133 them up using the DNS protocol in order to limit the effects of 134 queries accidentally leaking into the DNS. 136 The techniques in this document are primarily intended to address the 137 "Experimental Squatting Problem", the "Land Rush Problem", and "Name 138 Collisions" issues discussed in [RFC8244] (which contains much 139 additional background, etc). 141 3. The ALT Namespace 143 This document reserves the ALT label, using the [RFC6761] process, 144 for use as an unmanaged pseudo-TLD namespace. The ALT label MAY be 145 used in any domain name as a pseudo-TLD to signify that this is an 146 alternative (non-DNS) namespace, and should not be looked up in a DNS 147 context. 149 Alternative namespaces should differentiate themselves from other 150 alternative namespaces by choosing a name and using it in the label 151 position just before the pseudo-TLD (ALT). For example, a group 152 wishing to create a namespace for Friends Of Olaf might choose the 153 string "foo" and use any set of labels under foo.alt. 155 As names beneath ALT are in an alternative namespace, they have no 156 significance in the regular DNS context and so should not be looked 157 up in the DNS context. 159 Groups wishing to create new alternative namespaces may create their 160 alternative namespace under a label that names their namespace under 161 the ALT label. They should attempt to choose a label that they 162 expect to be unique and, ideally, descriptive. There is no IANA 163 registry for names under the ALT TLD - it is an unmanaged namespace, 164 and developers are responsible for dealing with any collisions that 165 may occur under .alt. Informal lists of namespaces under .alt may be 166 created to assist the developer community. 168 Currently deployed projects and protocols that are using pseudo-TLDs 169 may choose to move under the ALT TLD, but this is not a requirement. 170 Rather, the ALT TLD is being reserved so that current and future 171 projects of a similar nature have a designated place to create 172 alternative resolution namespaces that will not conflict with the 173 regular DNS context. 175 3.1. Choice of the ALT Name 177 A number of names other than "ALT" were considered and discarded. 178 While these are not DNS names, in order for this technique to be 179 effective the names need to continue to follow both the DNS format 180 and conventions (a prime consideration for alternative name formats 181 is that they can be entered in places that normally take DNS context 182 names); this rules out using suffixes that do not follow the usual 183 letter, digit, and hyphen label convention. 185 A short label was deemed desirable for a number of reasons, 186 including: 188 * this is a switch to other resolution contexts, some of which may 189 have long labels (for example derived from public keys). 191 * some queries will undoubtedly leak into the DNS. As many of these 192 alternate resolution systems are specifically designed for 193 privacy, limiting how far they leak is desirable. 195 * to encourage voluntary usage of the label, it needs to be 196 attractive to implementors of alternate resolution contexts so 197 that they are willing to use it. 199 4. IANA Considerations 201 The IANA is requested to add the ALT string to the "Special-Use 202 Domain Name" registry ([RFC6761], and reference this document. 204 4.1. Domain Name Reservation Considerations 206 This section is to satisfy the requirement in Section 5 of RFC6761. 208 The string ".alt." (and names ending with the string .alt) are 209 special in the following ways: 211 1. Users are expected to know that strings that end in .alt behave 212 differently to normal DNS names. Users are expected to have 213 applications running on their machines that intercept strings of 214 the form .alt and perform special handling of them, or 215 that applications themselves will recognize the strings as 216 special, and perform special handling. If the user tries to 217 resolve a name of the form .alt without the 218 plugin installed (or in the wrong application), the 219 request will leak into the DNS, receive a negative response, and 220 the resolution will fail. 222 2. Writers of application software that implement a non-DNS 223 namespace are expected to intercept names of the form 224 .alt and perform application specific handling with 225 them. Other applications are not required to perform any special 226 handling (but may choose to provide helpful informational 227 messages if able). 229 3. Writers of name resolution APIs and libraries which operate in 230 the DNS context should not attempt to look these names up in the 231 DNS. If developers of other namespaces implement their namespace 232 through a "shim" or library, they will need to intercept and 233 perform their own handling. 235 4. Caching DNS servers SHOULD NOT recognize these names as special 236 and should not perform any special handling with them. 238 5. Authoritative DNS servers SHOULD NOT recognize these names as 239 special and should not perform any special handling with them. 241 6. DNS server operators SHOULD be aware that queries for names 242 ending in .alt are not DNS names, and were leaked into the DNS 243 context (for example, by a missing browser plugin). This 244 information may be useful for support or debugging purposes. 246 7. DNS Registries/Registrars MUST NOT grant requests to register 247 ".alt" names in the normal way to any person or entity. These 248 ".alt" names are defined by protocol specification to be 249 nonexistent, and they fall outside the set of names available for 250 allocation by registries/registrars. 252 Earlier versions of this document requested that .ALT be added to the 253 "Locally Served Zones" registry, and that a DNSSEC insecure 254 delegation (a delegation with no DS record) be created at the root. 255 Significant discussion on the DNSOP list (and an interim meeting) 256 generated the consensus that these names are specifically not DNS 257 names, and that them leaking into the DNS is an error. This means 258 that the current (non-delegated) response of NXDOMAIN is correct as 259 there is no DNS domain .alt, and so the document was updated to 260 remove these requests. 262 5. Privacy Considerations 264 This document reserves ALT to be used to indicate that a name is not 265 a DNS name, and so should not attempt to be resolved using the DNS. 266 Unfortunately, these queries will undoubtedly leak into the DNS - for 267 example, a user may receive an email containing a hostname which 268 should be resolved using a specific resolution context (implemented 269 by a specific application or resolution mechanism). If the user does 270 not have that particular application installed (and their stub 271 resolver library has not been updated to ignore queries for names 272 ending in .alt), it is likely that this will instead be resolved 273 using the DNS. This DNS query will likely be sent to the configured 274 iterative resolver. If this resolver does not have a cache entry for 275 this name (or, if the resolver implements [RFC8198], an entry for 276 .alt) this query will likely be sent to the DNS root servers. This 277 exposes the (leaked) query name to the operator of the resolver, the 278 operator of the queried DNS root server, and anyone watching queries 279 along the path. This is a general problem with alternative name 280 spaces and not confined to names ending in .alt. 282 6. Security Considerations 284 One of the motivations for the creation of the .alt pseudo-TLD is 285 that unmanaged labels in the managed root name space are subject to 286 unexpected takeover. This could occur if the manager of the root 287 name space decides to delegate the unmanaged label. 289 The unmanaged and "registration not required" nature of labels 290 beneath .alt provides the opportunity for an attacker to re-use the 291 chosen label and thereby possibly compromise applications dependent 292 on the special host name. 294 7. Acknowledgements 296 We would like to thank Joe Abley, Mark Andrews, Erik Auerswald, Marc 297 Blanchet, John Bond, Stephane Bortzmeyer, David Cake, David Conrad, 298 Steve Crocker, Brian Dickson, Ralph Droms, Robert Edmonds, Patrik 299 Faltstrom, Olafur Gudmundsson, Bob Harold, Paul Hoffman, Joel 300 Jaeggli, Ted Lemon, Edward Lewis, John Levine, George Michaelson, Ed 301 Pascoe, Jim Reid, Arturo Servin, Paul Vixie and Suzanne Woolf for 302 feedback. 304 Christian Grothoff was also very helpful and deserves special 305 recognition. 307 In addition, Andrew Sullivan was an author from adoption (2015) 308 through version 14 (2021). 310 8. References 312 8.1. Normative References 314 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 315 STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, 316 . 318 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 319 Requirement Levels", BCP 14, RFC 2119, 320 DOI 10.17487/RFC2119, March 1997, 321 . 323 [RFC6761] Cheshire, S. and M. Krochmal, "Special-Use Domain Names", 324 RFC 6761, DOI 10.17487/RFC6761, February 2013, 325 . 327 [RFC7686] Appelbaum, J. and A. Muffett, "The ".onion" Special-Use 328 Domain Name", RFC 7686, DOI 10.17487/RFC7686, October 329 2015, . 331 [RFC7719] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS 332 Terminology", RFC 7719, DOI 10.17487/RFC7719, December 333 2015, . 335 8.2. Informative References 337 [Dingledine2004] 338 Dingledine, R., Mathewson, N., and P. Syverson, "Tor: The 339 Second-Generation Onion Router", August 2004, 340 . 343 [RFC8198] Fujiwara, K., Kato, A., and W. Kumari, "Aggressive Use of 344 DNSSEC-Validated Cache", RFC 8198, DOI 10.17487/RFC8198, 345 July 2017, . 347 [RFC8244] Lemon, T., Droms, R., and W. Kumari, "Special-Use Domain 348 Names Problem Statement", RFC 8244, DOI 10.17487/RFC8244, 349 October 2017, . 351 Appendix A. Changes / Author Notes. 353 [RFC Editor: Please remove this section before publication ] 355 From -13 to -14: 357 * Andrew asked to be removed as co-author, due to potential 358 perception of CoI. 360 * Erik Auerswald provided Github issues and comments re: references 361 and grammar. 363 From -12 to -13: 365 * Just bumping versions to prevent expiration. 367 From -08 to -12: 369 * Just bumping versions to prevent expiration. 371 * Updated references (aggressive-nsec is now RFC 8198, draft-ietf- 372 dnsop-sutld-ps is now 8244). 374 From -07 to -08: 376 * Made it clear that this is only for non-DNS. 378 * As per Interim consensus, removed the "add this to local zones" 379 text. 381 * Added a Privacy Considerations section 383 * Grammar fix -- "alternative" is more correct than "alternate", 384 replaced. 386 From -06 to -07: 388 * Rolled up the GItHub releases in to a full release. 390 From -07.2 to -07.3 (GitHub point release): 392 Removed 'sandbox' at Stephane's suggestion - https://www.ietf.org/ 393 mail-archive/web/dnsop/current/msg18495.html 395 Suggested (in 4.1 bullet 3) that DNS libraries ignore these -- Bob 396 Harold - https://mailarchive.ietf.org/arch/msg/dnsop/ 397 a_ruPf8osSzi_hCzCqOxYLXhYoA 399 Added some pointers to the SUTLD document. 401 From -07.1 to -07.2 (Github point release): 403 * Reverted the string (at request of chairs). 405 * Added an editors note explaining the above. 407 * Removed some more background, editorializing, etc. 409 From -06 to -07.1 (https://github.com/wkumari/draft-wkumari-dnsop- 410 alt-tld/tree/7988fcf06100f7a17f21e6993b781690b5774472): 412 * Replaced ALT with at the suggestions of George. 414 From -05 to -06: 416 * Removed a large amount of background - we now have the (adopted) 417 tldr document for that. 419 * Made it clear that pseudo-TLD is not intended to be pejorative. 421 * Tried to make it cleat that this is something people can choose to 422 use - or not. 424 From -04 to -05: 426 * Version bump - we are waiting in the queue for progress on SUN, 427 bumping this to keep it alive. 429 From -03 to -04: 431 * 3 changes - the day, the month and the year (a bump to keep 432 alive). 434 From -02 to -03: 436 * Incorporate suggestions from Stephane and Paul Hoffman. 438 From -01 to -02: 440 * Merged a bunch of changes from Paul Hoffman. Thanks for sending a 441 git pull. 443 From -00 to 01: 445 * Removed the "delegated to new style AS112 servers" text -this was 446 legacy from the omnicient AS112 days. (Joe Abley) 448 * Removed the "Advice to implemntors" section. This used to 449 recommend that people used a subdomain of a domain in the DNS. It 450 was pointed out that this breaks things badly if the domain 451 expires. 453 * Added text about why we don't want to adminster a registry for 454 ALT. 456 From Individual-06 to DNSOP-00 458 * Nothing changed, simply renamed draft-wkumari-dnsop-alt-tld to 459 draft-ietf-dnsop-alt-tld 461 From -05 to -06 463 * Incorporated comments from a number of people, including a number 464 of suggestion heard at the IETF meeting in Dallas, and the DNSOP 465 Interim meeting in May, 2015. 467 * Removed the "Let's have an (optional) IANA registry for people to 468 (opportinistically) register their string, if they want that 469 option" stuff. It was, um, optional.... 471 From -04 to -05 472 * Went through and made sure that I'd captured the feedback 473 received. 475 * Comments from Ed Lewis. 477 * Filled in the "Domain Name Reservation Considerations" section of 478 RFC6761. 480 * Removed examples from .Onion. 482 From -03 to -04 484 * Incorporated some comments from Paul Hoffman 486 From -02 to -03 488 * After discussions with chairs, made this much more generic (not 489 purely non-DNS), and some cleanup. 491 From -01 to -02 493 * Removed some fluffy wording, tightened up the language some. 495 From -00 to -01. 497 * Fixed the abstract. 499 * Recommended that folk root their non-DNS namespace under a DNS 500 namespace that they control (Joe Abley) 502 Author's Address 504 Warren Kumari 505 Google 506 1600 Amphitheatre Parkway 507 Mountain View, CA, 94043 508 United States of America 510 Email: warren@kumari.net