commit 79a6958f6c79ff29da1672d0e99777d8d947eda8
parent dd85c56e1a0458c395823dde89cd52fafc3aacf9
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Wed, 22 Dec 2021 16:36:01 +0100
update
Diffstat:
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -208,7 +208,7 @@
</t>
<t>
Starting from a configurable root zone, names are resolved following zone
- delegations which are iteratively queried from the storage (<xref target="resolution"/>).
+ delegations which are recursively queried from the storage (<xref target="resolution"/>).
</t>
<t>
In the remainder of this document, the "implementer" refers to the developer building
@@ -235,9 +235,9 @@
<section anchor="ztype" numbered="true" toc="default">
<name>Zone Type</name>
<t>
- The Zone Type ztype is the unique zone type of the zone as registered
+ The zone type ztype is the unique zone type of the zone as registered
in the GNUnet Assigned Numbers Authority <xref target="GANA" />.
- The Zone Type determines which cryptosystem is used for the
+ The zone type determines which cryptosystem is used for the
asymmetric and symmetric key operations of the zone.
The zone type is identified by a 32-bit number.
It always corresponds to a resource record type number identifying a
@@ -245,12 +245,12 @@
</t>
<t>
For any zone, d is the private zone key. zk is the public zone key.
- The specific formats depends on the Zone Type.
+ The specific formats depends on the zone type.
The default zone delegation record types are specified in
<xref target="rrecords"/>.
- New Zone Types may be specified in the future, for example if the
+ New zone types may be specified in the future, for example if the
cryptographic mechanisms used in this document are broken.
- Any Zone Type MUST define the following set of cryptographic functions:
+ Any zone type MUST define the following set of cryptographic functions:
</t>
<dl>
<dt>Private-KeyGen() -> d</dt>
@@ -308,7 +308,7 @@
<section anchor="zid" numbered="true" toc="default">
<name>Zone ID</name>
- <t>The Zone ID zid is a unique public identifier of a zone.
+ <t>The zone ID zid is a unique public identifier of a zone.
It consists of the ztype and the public zone key zk.
The wire format is illustrated in <xref target="figure_zid"/>.
</t>
@@ -331,7 +331,7 @@
It is a string which encodes the zone key into a domain name.
The zTLD is used as a globally unique reference to a specific
namespace in the process of name resolution.
- To encode the zone key, a zone key label zkl is derived from the Zone
+ To encode the zone key, a zone key label zkl is derived from the zone
ID using the Crockford Base32
encoding <xref target="CrockfordB32"/> but the letter "U" is decoded to
the same Base32 value as the letter "V" in order to further increase
@@ -408,7 +408,7 @@ zTLD := zkl[126:129].zkl[63:125].zkl[0:62]
<section anchor="revocation" numbered="true" toc="default">
<name>Zone Revocation</name>
<t>
- Whenever a recursive resolver encounters a new GNS zone, it MUST
+ Whenever a resolver encounters a new GNS zone, it MUST
check against the local revocation list whether the respective
zone key has been revoked. If the zone key was revoked, the
resolution MUST fail with an empty result set.
@@ -1613,6 +1613,11 @@ q := SHA512 (HDKD-Public(zk, label))
<name>Name Resolution</name>
<t>
Names in GNS are resolved by recursively querying the record storage.
+ Recursive in this context means that a resolver does not provide
+ iterative results for a query (as is the case with iterative DNS resolution).
+ Instead, it MUST respond to a resolution request with either the
+ requested resource record or an error message in case the resolution
+ fails.
In the following, we define how resolution is initiated and each
iteration in the resolution is processed.
</t>
@@ -1724,7 +1729,7 @@ example.com = zk2
<xref target="blinding" />.</li>
<li>Perform a storage query GET(q) to retrieve the RRBLOCK.</li>
<li>Verify and process the RRBLOCK and decrypt the BDATA contained
- in it as defined by its Zone Type (see also <xref target="records_block" />).</li>
+ in it as defined by its zone type (see also <xref target="records_block" />).</li>
</ol>
<t>
Upon receiving the RRBLOCK from the storage, apart from verifying the
