commit e83e5d81f29dd077a2804fad2233ff7c69c9b459
parent 4a83e4151cf9fe6ca3501f01fb4dbc21c6b34cf5
Author: Sebastian Nadler <sebastian.nadler@tum.de>
Date: Fri, 8 Dec 2023 12:30:34 +0100
Clarifications in the explanations
Diffstat:
1 file changed, 29 insertions(+), 10 deletions(-)
diff --git a/draft-nadler-sbox.xml b/draft-nadler-sbox.xml
@@ -7,7 +7,7 @@
]>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude"
category="info"
- docName="draft-schanzen-gns-28"
+ docName="draft-nadler-sbox-1"
ipr="trust200902"
obsoletes=""
updates=""
@@ -74,6 +74,14 @@
protocol. GNS cryptographically secures the binding of names to arbitrary tokens, enabling
it to double in some respects as an alternative to some of today's public key
infrastructures. </t>
+ <t>
+ This LSD document is an extension to the GNS technical specification <xref target="RFC9498" />.
+ It is intended to be read in conjunction with the GNS technical specification.
+ </t>
+ <t>
+ A new record type is defined to extend the GNS to support a wider range of underscore labels.
+ The new record type is called SBOX and is intended to handle all variations of underscore labels the BOX record type is not able to handle.
+ </t>
<!--<t>
Per Domain Name System (DNS) terminology <xref target="RFC1035"/>, GNS roughly follows the idea of
a local
@@ -139,15 +147,13 @@
with.</t>
<t>This way of handling and storing restricts the allowed and processable underscore
labels to the format of "_SERVICE._PROTOCOL" as well as only services registered in
- the corresponding IANA registry. To support labels
- "c93f1e400f26708f98cb19d936620da35eec8f72e57f9eec01c1afd6._smimecert"
- for the intended use of SMIMEA record, a new SBOX record is proposed. The SBOX
- record is supposed to handle all variations of underscore labels. The underlying idea is
- instead
- of storing the service and protocol numbers, the string representation of the underscore
- label and all subsequent labels is stored. A SBOX record boxes the records type, the
- records
- data and the underscore label and subsequent labels and adds them to the record set
+ the corresponding IANA registry. A new SBOX record is proposed to enable the use of labels
+ such as "c93f1e400f26708f98cb19d936620da35eec8f72e57f9eec01c1afd6._smimecert" and other variations of
+ underscore labels for SMIMEA/URI/SRV, and other records. The SBOX
+ record is supposed to handle all variations of underscore labels. The concept
+ here is to store the string representation of the underscore label and all subsequent
+ labels, instead of the service and protocol numbers.
+ A SBOX record boxes the record's type, data, underscore label, and subsequent labels, and adds them to the record set
of the associated label. For example, a URI record for "_scheme._trust.exampel.com"
will be stored as an SBOX record in the record set of "example.com" with the label
"_schema._trust" and record type URI and the URI records data</t>
@@ -182,6 +188,19 @@
respective TYPE. Thus, for TYPE values below 2<sup>16</sup>, the format is the same as
the respective record type's binary format in DNS. </dd>
</dl>
+ <section anchor="gnsrecords_sbox_box">
+ <name>Overlap of BOX and SBOX records</name>
+ <t>
+ Records saved as BOX records can also be saved as SBOX records.
+ Thus, upon encountering underscore labels processable by BOX records,
+ the resolver must store the labels as their protocol and service numbers,
+ as well as their string representation. This way, the resolver should be able to
+ return all boxed records later, whether they are SBOX or BOX records.
+ More on this in <xref target="resolution" />.
+ BOX records are more efficient for boxing \ac{RR} due to their smaller wire format,
+ so SBOX records are not a replacement for BOX records.
+ </t>
+ </section>
</section>
</section>
</section>
