aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Schanzenbach <schanzen@gnunet.org>2022-08-07 20:30:51 +0200
committerMartin Schanzenbach <schanzen@gnunet.org>2022-08-07 20:30:51 +0200
commit879a2b052f7bc2e31e4352a90e9f0a7a4f0ec1fc (patch)
treeeeaaa1831df0efa83ac8806dcb381ce7ef6b4656
parent07f6bc8646568573cb8aa732701ced2e3692e831 (diff)
downloadlsd0001-879a2b052f7bc2e31e4352a90e9f0a7a4f0ec1fc.tar.gz
lsd0001-879a2b052f7bc2e31e4352a90e9f0a7a4f0ec1fc.zip
v21
-rw-r--r--draft-schanzen-gns.xml38
1 files changed, 21 insertions, 17 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index a90c318..01b0a05 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -37,13 +37,13 @@
37<?rfc sortrefs="yes" ?> 37<?rfc sortrefs="yes" ?>
38<?rfc compact="yes" ?> 38<?rfc compact="yes" ?>
39<?rfc subcompact="no" ?> 39<?rfc subcompact="no" ?>
40<rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info" docName="draft-schanzen-gns-20" ipr="trust200902" obsoletes="" updates="" submissionType="IETF" xml:lang="en" version="3"> 40<rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info" docName="draft-schanzen-gns-21" ipr="trust200902" obsoletes="" updates="" submissionType="IETF" xml:lang="en" version="3">
41 <!-- xml2rfc v2v3 conversion 2.26.0 --> 41 <!-- xml2rfc v2v3 conversion 2.26.0 -->
42 <front> 42 <front>
43 <title abbrev="The GNU Name System"> 43 <title abbrev="The GNU Name System">
44 The GNU Name System 44 The GNU Name System
45 </title> 45 </title>
46 <seriesInfo name="Internet-Draft" value="draft-schanzen-gns-20"/> 46 <seriesInfo name="Internet-Draft" value="draft-schanzen-gns-21"/>
47 <author fullname="Martin Schanzenbach" initials="M." surname="Schanzenbach"> 47 <author fullname="Martin Schanzenbach" initials="M." surname="Schanzenbach">
48 <organization>Fraunhofer AISEC</organization> 48 <organization>Fraunhofer AISEC</organization>
49 <address> 49 <address>
@@ -2749,16 +2749,20 @@ NICK: john (Supplemental)
2749 "Single Hierarchy with a Centrally Controlled Root" and 2749 "Single Hierarchy with a Centrally Controlled Root" and
2750 "Distribution and Management of Root Servers" as raised in 2750 "Distribution and Management of Root Servers" as raised in
2751 <xref target="RFC8324"/>. 2751 <xref target="RFC8324"/>.
2752 In the Domain Name System root zone governance is centralized at the 2752 In DNS, those issues are a direct result from the centralized root
2753 Internet Corporation for Assigned Names and Numbers (ICANN). 2753 zone governance at the Internet Corporation for Assigned Names and
2754 GNS can be used to leverage the transitivity in the SDSI design to 2754 Numbers (ICANN) which allows it to provide globally unique names.
2755 replace the trusted root with secure delegation of authority thus 2755 </t>
2756 making petnames useful to other users while operating under a very 2756 <t>
2757 strong adversary model. 2757 In GNS, start zones give users local authority over their preferred
2758 By building on the ideas from SDSI, GNS allows to address a central 2758 root zone governance.
2759 issue with the decentralized mapping of secure identifiers to memorable 2759 It enables users to replace or enhance a trusted root zone
2760 names: namely the impossiblity of providing a global, secure and 2760 configuration provided by a third party (e.g. the implementer or a
2761 memorable mapping without a trusted authority. 2761 multi-stakeholder governance body like ICANN) with secure delegation of
2762 authority using local petnames while operating under a
2763 very strong adversary model.
2764 In combination with zTLDs, this provides users of GNS with a global,
2765 secure and memorable mapping without a trusted authority.
2762 </t> 2766 </t>
2763 <t> 2767 <t>
2764 Any GNS implementation <bcp14>MAY</bcp14> provide a default 2768 Any GNS implementation <bcp14>MAY</bcp14> provide a default
@@ -2771,15 +2775,15 @@ NICK: john (Supplemental)
2771 Technically, the GNS protocol can be used to resolve names in the 2775 Technically, the GNS protocol can be used to resolve names in the
2772 namespace of the global DNS. 2776 namespace of the global DNS.
2773 However, this would require the respective governance bodies and 2777 However, this would require the respective governance bodies and
2774 stakeholders to standardize the use of GNS for this particular use 2778 stakeholders (e.g. IETF and ICANN) to standardize the use of GNS for this particular use
2775 case and publish their zones accordingly. 2779 case.
2776 </t> 2780 </t>
2777 <t> 2781 <t>
2778 However, this capability means that by definition GNS names may be 2782 However, this capability implies that GNS names may be
2779 indistinguishable from DNS names in their 2783 indistinguishable from DNS names in their
2780 respective common display format <xref target="RFC8499"/> or 2784 respective common display format <xref target="RFC8499"/> or
2781 other special-use domain names <xref target="RFC6761"/> given 2785 other special-use domain names <xref target="RFC6761"/> if
2782 a local GNS start zone configuration that maps suffixes from the 2786 a local start zone configuration maps suffixes from the
2783 global DNS to GNS zones. 2787 global DNS to GNS zones.
2784 For applications, it is then ambiguous which name system should be 2788 For applications, it is then ambiguous which name system should be
2785 used in order to resolve a given name. 2789 used in order to resolve a given name.