idnits 2.17.1 draft-mglt-dprive-dns-uri-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The abstract seems to contain references ([RFC7858], [RFC1034], [RFC1035], [RFC8484]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 18, 2020) is 1472 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC3986' is defined on line 249, but no explicit reference was found in the text == Unused Reference: 'RFC5234' is defined on line 258, but no explicit reference was found in the text Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 dprive D. Migault 3 Internet-Draft Ericsson 4 Intended status: Informational March 18, 2020 5 Expires: September 19, 2020 7 Domain Name System Uniform Resource Identifiers for DNS over HTTPS and 8 DNS over TLS 9 draft-mglt-dprive-dns-uri-00 11 Abstract 13 Today DNS resources may also be accessed using multiple transport 14 which includes DNS over UDP/TCP port 53 [RFC1034],[RFC1035]. DNS 15 over TLS [RFC7858] or DNS over HTTPS [RFC8484]. This document 16 describes URIs that describes the DNS resource as well as indicate 17 the transport to access the resource. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on September 19, 2020. 36 Copyright Notice 38 Copyright (c) 2020 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (https://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Requirements Notation . . . . . . . . . . . . . . . . . . . . 2 54 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 3. DNS over UDP/TCP 53 . . . . . . . . . . . . . . . . . . . . . 2 56 4. DNS over TLS URI Registration . . . . . . . . . . . . . . . . 4 57 5. DNS over HTTPS URI registration . . . . . . . . . . . . . . . 5 58 6. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . 6 59 7. Normative References . . . . . . . . . . . . . . . . . . . . 6 60 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 62 1. Requirements Notation 64 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 65 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 66 "OPTIONAL" in this document are to be interpreted as described in 67 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 68 capitals, as shown here. 70 2. Introduction 72 [RFC4501] defines an URI [RFC7553] for DNS resources accessed but 73 does not specify the transport used to access the DNS resource. 75 Today DNS resources may also be accessed using multiple transport 76 layers which includes DNS over UDP/TCP port 53 [RFC1034],[RFC1035]. 77 DNS over TLS [RFC7858] or DNS over HTTPS [RFC8484]. This document 78 describes URIs that describes the DNS resource as well as indicate 79 the transport to access the resource. 81 3. DNS over UDP/TCP 53 83 This section describes the URI template for the registration of the 84 URI as described in [RFC7595] to describe DNS resources being 85 accessed using DNS over TLS. 87 URL scheme name: "dns53". 89 URL scheme syntax: A DNS URI designates a DNS resource record set, 90 referenced by domain name, class, type, and, optionally, the 91 authority. The DNS URI follows the generic syntax from {{RFC3986}} 92 and is described using ABNF {{RFC5234}}. Strings are not case 93 sensitive, and free insertion of linear-white-space is not permitted. 95 dnsurl = "dns53:" [ "//" dnsauthority "/" ] 96 dnsname ["?" dnsquery] 98 dnsauthority = host [ ":" port ] 99 ; See RFC 3986 for the 100 ; definition of "host" and "port". 102 dnsname = *pchar 103 ; See RFC 3986 for the 104 ; definition of "pchar". 106 ; The "dnsname" field may be a 107 ; "relative" or "absolute" name, 108 ; as per RFC 1034, section 3.1. 110 ; Note further that an empty 111 ; "dnsname" value is to be 112 ; interpreted as the root itself. 113 ; See below on relative dnsnames. 115 dnsquery = dnsqueryelement [";" dnsquery] 117 dnsqueryelement = ( "CLASS=" dnsclassval ) / ( "TYPE=" dnstypeval ) 118 ; Each clause MUST NOT be used more 119 ; than once. 121 dnsclassval = 1*digit / "IN" / "CH" / 122 124 dnstypeval = 1*digit / "A" / "NS" / "MD" / 125 127 The DNS resource follows [RFC4501] but indicates the DNS resource 128 MUST be accessed using UDP or TCP as described in [RFC1034] or 129 [RFC1035]. 131 4. DNS over TLS URI Registration 133 This section describes the URI template for the registration of the 134 URI as described in [RFC7595] to describe DNS resources being 135 accessed using DNS over TLS. 137 URL scheme name: "dot". 139 URL scheme syntax: A DNS URI designates a DNS resource record set, 140 referenced by domain name, class, type, and, optionally, the 141 authority. The DNS URI follows the generic syntax from {{RFC3986}} 142 and is described using ABNF {{RFC5234}}. Strings are not case 143 sensitive, and free insertion of linear-white-space is not permitted. 145 dnsurl = "dot:" [ "//" dnsauthority "/" ] 146 dnsname ["?" dnsquery] 148 dnsauthority = host [ ":" port ] 149 ; See RFC 3986 for the 150 ; definition of "host" and "port". 152 dnsname = *pchar 153 ; See RFC 3986 for the 154 ; definition of "pchar". 156 ; The "dnsname" field may be a 157 ; "relative" or "absolute" name, 158 ; as per RFC 1034, section 3.1. 160 ; Note further that an empty 161 ; "dnsname" value is to be 162 ; interpreted as the root itself. 163 ; See below on relative dnsnames. 165 dnsquery = dnsqueryelement [";" dnsquery] 167 dnsqueryelement = ( "CLASS=" dnsclassval ) / ( "TYPE=" dnstypeval ) 168 ; Each clause MUST NOT be used more 169 ; than once. 171 dnsclassval = 1*digit / "IN" / "CH" / 172 174 dnstypeval = 1*digit / "A" / "NS" / "MD" / 175 177 The DNS resource follows [RFC4501] but indicates the DNS resource 178 MUST be accessed using TCP over TLS as described in [RFC7858]. 180 5. DNS over HTTPS URI registration 182 This section describes the URI template for the registration of the 183 URI as described in [RFC8484] to describe DNS resources being 184 accessed using DNS over HTTPS. 186 URL scheme name: "doh". 188 URL scheme syntax: A DNS URI designates a DNS resource record set, 189 referenced by domain name, class, type, and, optionally, the 190 authority. The DNS URI follows the generic syntax from {{RFC3986}} 191 and is described using ABNF {{RFC5234}}. Strings are not case 192 sensitive, and free insertion of linear-white-space is not permitted. 194 dnsurl = "doh:" [ "//" dnsauthority "/" ] 195 dnsname ["?" dnsquery] 197 dnsauthority = host [ ":" port ] [ "/" abs_path ] 198 ; See RFC 3986 for the 199 ; definition of "host" and "port" 200 ; "abs_path" 202 dnsname = *pchar 203 ; See RFC 3986 for the 204 ; definition of "pchar". 206 ; The "dnsname" field may be a 207 ; "relative" or "absolute" name, 208 ; as per RFC 1034, section 3.1. 210 ; Note further that an empty 211 ; "dnsname" value is to be 212 ; interpreted as the root itself. 213 ; See below on relative dnsnames. 215 dnsquery = dnsqueryelement [";" dnsquery] 217 dnsqueryelement = ( "CLASS=" dnsclassval ) / ( "TYPE=" dnstypeval ) 218 ; Each clause MUST NOT be used more 219 ; than once. 221 dnsclassval = 1*digit / "IN" / "CH" / 222 224 dnstypeval = 1*digit / "A" / "NS" / "MD" / 225 227 The DNS resource follows [RFC4501] but indicates the DNS resource 228 MUST be accessed using HTTPS as described in [RFC8484]. 230 6. Acknowledgment 232 The URI template are largly inspired from [RFC4501]. 234 7. Normative References 236 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 237 STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, 238 . 240 [RFC1035] Mockapetris, P., "Domain names - implementation and 241 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 242 November 1987, . 244 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 245 Requirement Levels", BCP 14, RFC 2119, 246 DOI 10.17487/RFC2119, March 1997, 247 . 249 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 250 Resource Identifier (URI): Generic Syntax", STD 66, 251 RFC 3986, DOI 10.17487/RFC3986, January 2005, 252 . 254 [RFC4501] Josefsson, S., "Domain Name System Uniform Resource 255 Identifiers", RFC 4501, DOI 10.17487/RFC4501, May 2006, 256 . 258 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 259 Specifications: ABNF", STD 68, RFC 5234, 260 DOI 10.17487/RFC5234, January 2008, 261 . 263 [RFC7553] Faltstrom, P. and O. Kolkman, "The Uniform Resource 264 Identifier (URI) DNS Resource Record", RFC 7553, 265 DOI 10.17487/RFC7553, June 2015, 266 . 268 [RFC7595] Thaler, D., Ed., Hansen, T., and T. Hardie, "Guidelines 269 and Registration Procedures for URI Schemes", BCP 35, 270 RFC 7595, DOI 10.17487/RFC7595, June 2015, 271 . 273 [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., 274 and P. Hoffman, "Specification for DNS over Transport 275 Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May 276 2016, . 278 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 279 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 280 May 2017, . 282 [RFC8484] Hoffman, P. and P. McManus, "DNS Queries over HTTPS 283 (DoH)", RFC 8484, DOI 10.17487/RFC8484, October 2018, 284 . 286 Author's Address 288 Daniel Migault 289 Ericsson 290 8275 Trans Canada Route 291 Saint Laurent, QC 4S 0B6 292 Canada 294 EMail: daniel.migault@ericsson.com