commit 4186423efd391711126ee93c41822707fcac4534
parent c58286d2cab2cc8c6f1998ba1b5ad8b4980aa845
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 30 Jun 2023 23:21:47 +0200
move RDATA into its own section *before* RRBLOCK to define it before using it
Diffstat:
1 file changed, 75 insertions(+), 71 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -974,12 +974,12 @@ zTLD[126..129].zTLD[63..125].zTLD[0..62]
<dt>EXPIRATION</dt>
<dd>
denotes the absolute 64-bit expiration date of the record.
- In microseconds since midnight (0 hour), January 1, 1970 UTC stored in network
+ In microseconds since midnight (0 hour), January 1, 1970 UTC in network
byte order.
</dd>
<dt>SIZE</dt>
<dd>
- denotes the 16-bit size of the DATA field in bytes stored in network byte
+ denotes the 16-bit size of the DATA field in bytes in network byte
order.
</dd>
<dt>FLAGS</dt>
@@ -989,7 +989,7 @@ zTLD[126..129].zTLD[63..125].zTLD[0..62]
</dd>
<dt>TYPE</dt>
<dd>
- is the 32-bit resource record type stored in
+ is the 32-bit resource record type in
network byte order. This type can be one of the GNS resource
records as defined in <xref target="rrecords" /> or a DNS record
type as defined in <xref target="RFC1035" /> or any of the
@@ -1734,7 +1734,7 @@ S-Decrypt(zk,label,expiration,ciphertext):
<dl>
<dt>PROTO</dt>
<dd>
- the 16-bit protocol number stored in network byte order.
+ the 16-bit protocol number in network byte order.
Values
below 2^8 are reserved for 8-bit Internet Protocol numbers allocated by IANA <xref target="RFC5237" />
(e.g. 6 for TCP).
@@ -1743,12 +1743,12 @@ S-Decrypt(zk,label,expiration,ciphertext):
</dd>
<dt>SVC</dt>
<dd>
- the 16-bit service value of the boxed record stored in network byte order. In case of
+ the 16-bit service value of the boxed record in network byte order. In case of
TCP and UDP it is the port number.
</dd>
<dt>TYPE</dt>
<dd>
- is the 32-bit record type of the boxed record stored in network byte order.
+ is the 32-bit record type of the boxed record in network byte order.
</dd>
<dt>RECORD DATA</dt>
<dd>
@@ -1891,15 +1891,70 @@ q := SHA-512 (ZKDF(zk, label))
</dd>
</dl>
</section>
+ <section anchor="rdata" numbered="true" toc="default">
+ <name>Plaintext Record Data (RDATA)</name>
+ <t>
+ GNS records from a zone are grouped by their labels such that all
+ records under the same label published together as a single
+ block in the storage. Such grouped record sets <bcp14>MAY</bcp14> be paired with
+ supplemental records. Supplemental records <bcp14>MUST</bcp14> have the
+ supplemental flag set (see <xref target="rrecords"/>).
+ </t>
+ <t>
+ Record data (RDATA) is the format used to encode such a group of GNS records.
+ The binary format of RDATA is illustrated in
+ <xref target="figure_rdata"/>.
+ </t>
+ <figure anchor="figure_rdata" title="The RDATA Wire Format.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+0 8 16 24 32 40 48 56
++-----+-----+-----+-----+-----+-----+-----+-----+
+| EXPIRATION |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | FLAGS | TYPE |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| DATA /
+/ /
+/ /
++-----+-----+-----+-----+-----+-----+-----+-----+
+| EXPIRATION |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| SIZE | FLAGS | TYPE |
++-----+-----+-----+-----+-----+-----+-----+-----+
+| DATA /
+/ /
++-----+-----+-----+-----+-----+-----+-----+-----+
+/ PADDING /
+/ /
++-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ </figure>
+ <dl>
+ <dt>EXPIRATION, SIZE, TYPE, FLAGS and DATA</dt>
+ <dd>
+ These fields were defined
+ in the resource record format in <xref target="rrecords" />.
+ </dd>
+ <dt>PADDING</dt>
+ <dd>
+ When serializing records into RDATA, a GNS implementation <bcp14>MUST</bcp14> ensure that
+ the size of the RDATA is a power of two
+ using the padding field. The field <bcp14>MUST</bcp14> be set to zero and <bcp14>MUST</bcp14> be
+ ignored on receipt.
+ As a special exception, record sets with (only) a zone delegation
+ record type are never padded.
+ Note that a record set with a delegation record <bcp14>MUST NOT</bcp14>
+ contain other records. If other records are encountered, the whole
+ record block <bcp14>MUST</bcp14> be discarded.
+ </dd>
+ </dl>
+ </section>
<section anchor="records_block" numbered="true" toc="default">
<name>The Records Block</name>
<t>
- GNS records are grouped by their labels and published as a single
- block in the storage. The grouped record sets <bcp14>MAY</bcp14> be paired with any
- number of supplemental records. Supplemental records <bcp14>MUST</bcp14> have the
- supplemental flag set (see <xref target="rrecords"/>).
- The contained resource records are encrypted using the S-Encrypt()
- function defined by the zone type of the zone to which the resource records belong.
+ The resource records grouped in an RDATA are encrypted using the S-Encrypt()
+ function defined by the zone type of the zone to which the resource records belong
+ and prefixed with meta data into a resource record block (RRBLOCK) for remote storage.
The GNS RRBLOCK wire format is illustrated in
<xref target="figure_record_block"/>.
</t>
@@ -1929,21 +1984,20 @@ q := SHA-512 (ZKDF(zk, label))
<dl>
<dt>SIZE</dt>
<dd>
- A 32-bit value containing the length of the block in bytes.
- In network byte order.
- While a 32-bit value is used,
+ A 32-bit value containing the length of the block in bytes in network byte order.
+ Despite the message format's use of a 32-bit value,
implementations <bcp14>MAY</bcp14> refuse to publish blocks beyond a certain
- size significantly below 4 GB.
+ size significantly below the theoretical block size limit of 4 GB.
</dd>
<dt>ZONE TYPE</dt>
<dd>
- is the 32-bit ztype. In network byte order.
+ is the 32-bit ztype in network byte order.
</dd>
- <dt>ZONE KEY</dt>
+ <dt>ZONE KEY (BLINDED)</dt>
<dd>
is the blinded zone key "ZKDF(zk, label)"
to be used to verify SIGNATURE.
- The length and format of the public key depends on the ztype.
+ The length and format of the blinded public key depends on the ztype.
</dd>
<dt>SIGNATURE</dt>
<dd>
@@ -1969,8 +2023,8 @@ q := SHA-512 (ZKDF(zk, label))
</dd>
<dt>BDATA</dt>
<dd>
- The encrypted RDATA. Its size is determined by the S-Encrypt()
- function of the ztype.
+ The encrypted RDATA. Its ultimate size and content are determined by
+ the S-Encrypt() function of the ztype.
</dd>
</dl>
<t>
@@ -2017,56 +2071,6 @@ q := SHA-512 (ZKDF(zk, label))
<dt>BDATA</dt>
<dd>Field as defined in the RRBLOCK message above.</dd>
</dl>
-
- <t>
- A symmetric encryption scheme is used to encrypt the resource records
- set RDATA into the BDATA field of a GNS RRBLOCK.
- The wire format of the RDATA is illustrated in
- <xref target="figure_rdata"/>.
- </t>
- <figure anchor="figure_rdata" title="The RDATA Wire Format.">
- <artwork name="" type="" align="left" alt=""><![CDATA[
-0 8 16 24 32 40 48 56
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| EXPIRATION |
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| SIZE | FLAGS | TYPE |
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| DATA /
-/ /
-/ /
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| EXPIRATION |
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| SIZE | FLAGS | TYPE |
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| DATA /
-/ /
-+-----+-----+-----+-----+-----+-----+-----+-----+
-/ PADDING /
-/ /
-+-----+-----+-----+-----+-----+-----+-----+-----+
- ]]></artwork>
- </figure>
- <dl>
- <dt>EXPIRATION, SIZE, TYPE, FLAGS and DATA</dt>
- <dd>
- These fields were defined
- in the resource record format in <xref target="rrecords" />.
- </dd>
- <dt>PADDING</dt>
- <dd>
- When publishing an RDATA block, the implementation <bcp14>MUST</bcp14> ensure that
- the size of the RDATA is a power of two
- using the padding field. The field <bcp14>MUST</bcp14> be set to zero and <bcp14>MUST</bcp14> be
- ignored on receipt.
- As a special exception, record sets with (only) a zone delegation
- record type are never padded.
- Note that a record set with a delegation record <bcp14>MUST NOT</bcp14>
- contain other records. If other records are encountered, the whole
- record block <bcp14>MUST</bcp14> be discarded.
- </dd>
- </dl>
</section>
</section>
<section anchor="resolution" numbered="true" toc="default">
