diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-07 19:45:59 +0100 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-07 19:45:59 +0100 |
commit | 40d0e28b5be15ff798a94b993dcf48de52393f7c (patch) | |
tree | 567670af686eb4535c40ee1ff66aafeda3835fa4 | |
parent | 8d8134fb7d41748bca8510055ba7f56fdc64017f (diff) | |
download | lsd0001-40d0e28b5be15ff798a94b993dcf48de52393f7c.tar.gz lsd0001-40d0e28b5be15ff798a94b993dcf48de52393f7c.zip |
-leakage consideration
-rw-r--r-- | draft-schanzen-gns.xml | 41 |
1 files changed, 39 insertions, 2 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index ab423e3..e978671 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -15,7 +15,7 @@ | |||
15 | <!ENTITY RFC5890 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5890.xml"> | 15 | <!ENTITY RFC5890 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5890.xml"> |
16 | <!ENTITY RFC5895 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5895.xml"> | 16 | <!ENTITY RFC5895 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5895.xml"> |
17 | <!ENTITY RFC6234 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6234.xml"> | 17 | <!ENTITY RFC6234 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6234.xml"> |
18 | <!-- <!ENTITY RFC6781 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6781.xml"> --> | 18 | <!ENTITY RFC6761 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6761.xml"> |
19 | <!ENTITY RFC6895 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6895.xml"> | 19 | <!ENTITY RFC6895 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6895.xml"> |
20 | <!ENTITY RFC6979 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6979.xml"> | 20 | <!ENTITY RFC6979 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6979.xml"> |
21 | <!ENTITY RFC7363 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.7363.xml"> | 21 | <!ENTITY RFC7363 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.7363.xml"> |
@@ -2538,6 +2538,41 @@ NICK: john (Supplemental) | |||
2538 | zone keys do become public during revocation. | 2538 | zone keys do become public during revocation. |
2539 | </t> | 2539 | </t> |
2540 | </section> | 2540 | </section> |
2541 | <section> | ||
2542 | <name>Name Leakage</name> | ||
2543 | <t> | ||
2544 | GNS names are indistiguishable from DNS names or other special-use | ||
2545 | domain names <xref target="RFC6761"/>. | ||
2546 | This poses a risk when trying to resolve a name through DNS when | ||
2547 | it is actually a GNS name. | ||
2548 | In such a case, the GNS name would be leaked as part of the DNS | ||
2549 | resolution. | ||
2550 | This risk is also present for special-use domain names which must be | ||
2551 | handled before starting a DNS resolution request by the application. | ||
2552 | </t> | ||
2553 | <t> | ||
2554 | Any application MUST take into consideration the user configuration | ||
2555 | of resolution precedence when trying to resolve a name. | ||
2556 | One example of such a configuration which at the same time allows | ||
2557 | applications to delegate the resolution itself is the | ||
2558 | Name Service Switch (NSS) of Unix-like operating systems. | ||
2559 | It allows system administrators to configure host name resolution | ||
2560 | precedence and is integrated with the system resolver implementation. | ||
2561 | </t> | ||
2562 | <t> | ||
2563 | The order of resolution mechanisms to try is under the discretion | ||
2564 | of the user or system administrator. | ||
2565 | In the absence of an explicit configuration it is | ||
2566 | <bcp14>RECOMMENDED</bcp14> that applications try to resolve | ||
2567 | a given name in GNS before any other method in order to honor | ||
2568 | potential TLD overrides in GNS by the user. | ||
2569 | If no suffix-to-zone mapping for the name exists, resolution | ||
2570 | <bcp14>MAY</bcp14> continue with other methods. | ||
2571 | If a suffix-to-zone mapping exists for the name and the query | ||
2572 | succeeds, fails or returns no results, resolution <bcp14>MUST NOT</bcp14> | ||
2573 | continue by other means. | ||
2574 | </t> | ||
2575 | </section> | ||
2541 | </section> | 2576 | </section> |
2542 | <section anchor="gana" numbered="true" toc="default"> | 2577 | <section anchor="gana" numbered="true" toc="default"> |
2543 | <name>GANA Considerations</name> | 2578 | <name>GANA Considerations</name> |
@@ -2682,7 +2717,6 @@ Purpose | Name | References | Comment | |||
2682 | &RFC6234; | 2717 | &RFC6234; |
2683 | &RFC6895; | 2718 | &RFC6895; |
2684 | &RFC6979; | 2719 | &RFC6979; |
2685 | &RFC7706; | ||
2686 | &RFC7748; | 2720 | &RFC7748; |
2687 | &RFC8032; | 2721 | &RFC8032; |
2688 | &RFC8126; | 2722 | &RFC8126; |
@@ -2788,6 +2822,9 @@ Purpose | Name | References | Comment | |||
2788 | <!-- &RFC6781; --> | 2822 | <!-- &RFC6781; --> |
2789 | &RFC7363; | 2823 | &RFC7363; |
2790 | &RFC8324; | 2824 | &RFC8324; |
2825 | &RFC7706; | ||
2826 | &RFC6761; | ||
2827 | |||
2791 | <!-- &RFC3912;--> | 2828 | <!-- &RFC3912;--> |
2792 | 2829 | ||
2793 | <reference anchor="Tor224" target="https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt#n2135"> | 2830 | <reference anchor="Tor224" target="https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt#n2135"> |