restructure intro

author: Christian Grothoff <christian@grothoff.org> 2022-08-07 20:00:12 +0200
committer: Christian Grothoff <christian@grothoff.org> 2022-08-07 20:00:12 +0200
commit: 07f6bc8646568573cb8aa732701ced2e3692e831 (patch)
tree: be7364eabba12420a0f3cfa7a9a527beb798bacc
parent: 9c73fb68ecdc3122f58b1ca1a750eeb4b6411392 (diff)
download: lsd0001-07f6bc8646568573cb8aa732701ced2e3692e831.tar.gz
lsd0001-07f6bc8646568573cb8aa732701ced2e3692e831.zip
1 files changed, 30 insertions, 32 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 7f99a2b..a90c318 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -111,45 +111,43 @@
   <section anchor="introduction" numbered="true" toc="default">
     <name>Introduction</name>
     <t>
-       The Domain Name System (DNS) <xref target="RFC1035" /> is a unique
+       This specification describes the GNU Name System (GNS), a
-       distributed database and a vital service for most Internet applications.
+       censorship-resistant, privacy-preserving and decentralized
-       However, it was not designed with security in mind. This makes it very
+       domain name resolution protocol.  GNS can bind names to any
-       vulnerable, especially to attackers that have the technical capabilities
+       kind of cryptographically secured token, enabling it to double
-       of an entire nation state at their disposal.
+       in some respects as an alternative to some of today’s public
+       key infrastructures.
     </t>
     <t>
-       This specification describes a censorship-resistant, privacy-preserving
+       In the terminology of the Domain Name System (DNS) <xref
-       and decentralized domain name resolution protocol:
+       target="RFC1035" />, GNS roughly follows the idea of a local
-       The GNU Name System (GNS), a development continuation of
+       root zone deployment (see <xref target="RFC8806"/>), with the
-       previous academic work on secure name systems <xref target="GNS" />.
+       difference that the design encourages alternative roots and
-       GNS can bind names to any kind of
+       does not expect all deployments use the same or any specific
-       cryptographically secured token, enabling it to double in some respects as
+       root zone.  In the GNS reference implementation, users can
-       an alternative to some of today’s Public Key Infrastructures, in
+       autonomously and freely delegate control of names to zones
-       particular X.509 for the Web.
+       through their local configurations.
     </t>
     <t>
-       In DNS terminology, GNS roughly follows the idea of a local
+       Name resolution and zone dissemination is based on the
-       root zone deployment (see <xref target="RFC8806"/>), with the difference
+       principle of a petname system where users can assign local
-       that the protocol does not mandate that all deployments use the same
+       names to zones.  The GNS has its roots in ideas from the Simple
-       or any specific root zone.
+       Distributed Security Infrastructure <xref target="SDSI" />,
-       Users can autonomously and freely delegate control of names to
+       enabling the decentralized mapping of secure identifiers to
-       zones through their local configurations.
+       memorable names.  A first academic description of the
+       cryptographic ideas behind GNS can be found in <xref
+       target="GNS" />.
     </t>
     <t>
-       Name resolution and zone dissemination is based on the principle of a
+       This document defines the normative wire format of resource
-       petname system where users can assign local names to zones.
+       records, resolution processes, cryptographic routines and
-       It builds on ideas from the Simple Distributed Security
+       security considerations for use by implementers.
-       Infrastructure <xref target="SDSI" />, enabling the decentralized
-       mapping of secure identifiers to memorable names.
     </t>
     <t>
-       This document defines the normative wire format of resource records, resolution processes,
+       This specification was developed outside the IETF and does not
-       cryptographic routines and security considerations for use by implementers.
+       have IETF consensus.  It is published here to guide
-     </t>
+       implementers of GNS and to ensure interoperability among
-     <t>
+       implementations.
-       This specification was developed outside the IETF and does not have
-       IETF consensus.  It is published here to guide implementation of GNS
-       and to ensure interoperability among implementations.
     </t>
     <section numbered="true" toc="default">
       <name>Requirements Notation</name>
@@ -2561,7 +2559,7 @@ NICK: john (Supplemental)
           by a single microsecond even if the user did not request a change.
           In case of deletion of all resource records under a label, the
           implementation <bcp14>MUST</bcp14> keep track of the last absolute expiration time
-           of the last published resource block.  Implementations <bcp14>MAY</bcp14> define 
+           of the last published resource block.  Implementations <bcp14>MAY</bcp14> define
           and use a special record type as a tombstone that preserves the last
           absolute expiration time, but then <bcp14>MUST</bcp14> take care to not publish a
           block with this record.
author	Christian Grothoff <christian@grothoff.org>	2022-08-07 20:00:12 +0200
committer	Christian Grothoff <christian@grothoff.org>	2022-08-07 20:00:12 +0200
commit	07f6bc8646568573cb8aa732701ced2e3692e831 (patch)
tree	be7364eabba12420a0f3cfa7a9a527beb798bacc
parent	9c73fb68ecdc3122f58b1ca1a750eeb4b6411392 (diff)
download	lsd0001-07f6bc8646568573cb8aa732701ced2e3692e831.tar.gz lsd0001-07f6bc8646568573cb8aa732701ced2e3692e831.zip

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 7f99a2b..a90c318 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml
@@ -111,45 +111,43 @@
111	<section anchor="introduction" numbered="true" toc="default">	111	<section anchor="introduction" numbered="true" toc="default">
112	<name>Introduction</name>	112	<name>Introduction</name>
113	<t>	113	<t>
114	The Domain Name System (DNS) <xref target="RFC1035" /> is a unique	114	This specification describes the GNU Name System (GNS), a
115	distributed database and a vital service for most Internet applications.	115	censorship-resistant, privacy-preserving and decentralized
116	However, it was not designed with security in mind. This makes it very	116	domain name resolution protocol. GNS can bind names to any
117	vulnerable, especially to attackers that have the technical capabilities	117	kind of cryptographically secured token, enabling it to double
118	of an entire nation state at their disposal.	118	in some respects as an alternative to some of today’s public
		119	key infrastructures.
119	</t>	120	</t>
120	<t>	121	<t>
121	This specification describes a censorship-resistant, privacy-preserving	122	In the terminology of the Domain Name System (DNS) <xref
122	and decentralized domain name resolution protocol:	123	target="RFC1035" />, GNS roughly follows the idea of a local
123	The GNU Name System (GNS), a development continuation of	124	root zone deployment (see <xref target="RFC8806"/>), with the
124	previous academic work on secure name systems <xref target="GNS" />.	125	difference that the design encourages alternative roots and
125	GNS can bind names to any kind of	126	does not expect all deployments use the same or any specific
126	cryptographically secured token, enabling it to double in some respects as	127	root zone. In the GNS reference implementation, users can
127	an alternative to some of today’s Public Key Infrastructures, in	128	autonomously and freely delegate control of names to zones
128	particular X.509 for the Web.	129	through their local configurations.
129	</t>	130	</t>
130	<t>	131	<t>
131	In DNS terminology, GNS roughly follows the idea of a local	132	Name resolution and zone dissemination is based on the
132	root zone deployment (see <xref target="RFC8806"/>), with the difference	133	principle of a petname system where users can assign local
133	that the protocol does not mandate that all deployments use the same	134	names to zones. The GNS has its roots in ideas from the Simple
134	or any specific root zone.	135	Distributed Security Infrastructure <xref target="SDSI" />,
135	Users can autonomously and freely delegate control of names to	136	enabling the decentralized mapping of secure identifiers to
136	zones through their local configurations.	137	memorable names. A first academic description of the
		138	cryptographic ideas behind GNS can be found in <xref
		139	target="GNS" />.
137	</t>	140	</t>
138	<t>	141	<t>
139	Name resolution and zone dissemination is based on the principle of a	142	This document defines the normative wire format of resource
140	petname system where users can assign local names to zones.	143	records, resolution processes, cryptographic routines and
141	It builds on ideas from the Simple Distributed Security	144	security considerations for use by implementers.
142	Infrastructure <xref target="SDSI" />, enabling the decentralized
143	mapping of secure identifiers to memorable names.
144	</t>	145	</t>
145	<t>	146	<t>
146	This document defines the normative wire format of resource records, resolution processes,	147	This specification was developed outside the IETF and does not
147	cryptographic routines and security considerations for use by implementers.	148	have IETF consensus. It is published here to guide
148	</t>	149	implementers of GNS and to ensure interoperability among
149	<t>	150	implementations.
150	This specification was developed outside the IETF and does not have
151	IETF consensus. It is published here to guide implementation of GNS
152	and to ensure interoperability among implementations.
153	</t>	151	</t>
154	<section numbered="true" toc="default">	152	<section numbered="true" toc="default">
155	<name>Requirements Notation</name>	153	<name>Requirements Notation</name>
@@ -2561,7 +2559,7 @@ NICK: john (Supplemental)
2561	by a single microsecond even if the user did not request a change.	2559	by a single microsecond even if the user did not request a change.
2562	In case of deletion of all resource records under a label, the	2560	In case of deletion of all resource records under a label, the
2563	implementation <bcp14>MUST</bcp14> keep track of the last absolute expiration time	2561	implementation <bcp14>MUST</bcp14> keep track of the last absolute expiration time
2564	of the last published resource block. Implementations <bcp14>MAY</bcp14> define	2562	of the last published resource block. Implementations <bcp14>MAY</bcp14> define
2565	and use a special record type as a tombstone that preserves the last	2563	and use a special record type as a tombstone that preserves the last
2566	absolute expiration time, but then <bcp14>MUST</bcp14> take care to not publish a	2564	absolute expiration time, but then <bcp14>MUST</bcp14> take care to not publish a
2567	block with this record.	2565	block with this record.