diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
-rw-r--r-- | draft-schanzen-gns.xml | 259 |
1 files changed, 145 insertions, 114 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 9a58ceb..ed50901 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -37,13 +37,13 @@ | |||
37 | <?rfc sortrefs="yes" ?> | 37 | <?rfc sortrefs="yes" ?> |
38 | <?rfc compact="yes" ?> | 38 | <?rfc compact="yes" ?> |
39 | <?rfc subcompact="no" ?> | 39 | <?rfc subcompact="no" ?> |
40 | <rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info" docName="draft-schanzen-gns-18" ipr="trust200902" obsoletes="" updates="" submissionType="IETF" xml:lang="en" version="3"> | 40 | <rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="info" docName="draft-schanzen-gns-19" ipr="trust200902" obsoletes="" updates="" submissionType="IETF" xml:lang="en" version="3"> |
41 | <!-- xml2rfc v2v3 conversion 2.26.0 --> | 41 | <!-- xml2rfc v2v3 conversion 2.26.0 --> |
42 | <front> | 42 | <front> |
43 | <title abbrev="The GNU Name System"> | 43 | <title abbrev="The GNU Name System"> |
44 | The GNU Name System | 44 | The GNU Name System |
45 | </title> | 45 | </title> |
46 | <seriesInfo name="Internet-Draft" value="draft-schanzen-gns-18"/> | 46 | <seriesInfo name="Internet-Draft" value="draft-schanzen-gns-19"/> |
47 | <author fullname="Martin Schanzenbach" initials="M." surname="Schanzenbach"> | 47 | <author fullname="Martin Schanzenbach" initials="M." surname="Schanzenbach"> |
48 | <organization>Fraunhofer AISEC</organization> | 48 | <organization>Fraunhofer AISEC</organization> |
49 | <address> | 49 | <address> |
@@ -335,111 +335,142 @@ | |||
335 | </section> | 335 | </section> |
336 | <section anchor="overview" numbered="true" toc="default"> | 336 | <section anchor="overview" numbered="true" toc="default"> |
337 | <name>Overview</name> | 337 | <name>Overview</name> |
338 | <t> | 338 | <t> |
339 | GNS exhibits the three properties of a petname system: | 339 | GNS exhibits the three properties that are commonly used to describe |
340 | </t> | 340 | a petname system: |
341 | <ol> | 341 | </t> |
342 | <li> | 342 | <ol> |
343 | It provides global names through the concept of zone top-level | 343 | <li> |
344 | domains (zTLDs). As zones can be uniquely identified by their zone key | 344 | Global names through the concept of zone top-level |
345 | and are statistically unqiue, GNS names with a zTLD suffix are also | 345 | domains (zTLDs): As zones can be uniquely identified by their zone key |
346 | globally unique. | 346 | and are statistically unique, zTLDs are globally unique mappings to zones. |
347 | </li> | 347 | Consequently, GNS names with a zTLD suffix are also globally unique. |
348 | <li> | 348 | Global GNS names are not human-readable. |
349 | It provides memorable or "human-readable" names by enabling users to | 349 | </li> |
350 | configure local mappings from nicknames to zones. | 350 | <li> |
351 | Zone owners can publish their mappings | 351 | Memorable petnames for zones: |
352 | in order to enable namespace delegation and facilitate resolution of | 352 | Users can configure local petnames for zones. |
353 | memorable names. | 353 | The petnames serve as zTLD monikers in order to support human-readable |
354 | </li> | 354 | names. |
355 | <li> | 355 | The petnames may also be published in order to delegate namespaces |
356 | It provides secure mapping from names to records as zone contents | 356 | of zones. |
357 | are signed using blinded private keys and encrypted using derived | 357 | </li> |
358 | secret keys. | 358 | <li> |
359 | </li> | 359 | A secure mapping from names to records: |
360 | </ol> | 360 | GNS allows zone owners to map petnames to resource records or to |
361 | <t> | 361 | delegate authority of the petname to other zones and publish this |
362 | In GNS, any user can create and manage one or more zones | 362 | information. |
363 | (<xref target="zones"/>) as part of a zone master implementation. | 363 | The mappings are signed and encrypted using keys derived from local |
364 | The zone type determines the respective set of cryptographic operations | 364 | labels. |
365 | and the wire formats for encrypted data, public keys and signatures. | 365 | When names are resolved, resource records including delegations can |
366 | A zone can be populated with mappings from labels to resource records by | 366 | be verified by the implementation. |
367 | its owner (<xref target="rrecords"/>). | 367 | </li> |
368 | A label can be mapped to a delegation record which results in the | 368 | </ol> |
369 | corresponding subdomain being delegated to another zone. Circular | 369 | <t> |
370 | delegations are explicitly allowed, including delegating a subdomain | 370 | It follows from the above that GNS does not support names which are |
371 | to its immediate parent zone. In | 371 | simultaneously global, secure and human-readable. |
372 | order to support (legacy) applications as well as to facilitate the use | 372 | Instead, names are either global and not human-readable or not globally |
373 | of petnames, GNS defines auxiliary record types in addition to | 373 | unique and human-readable. |
374 | supporting existing DNS records. | 374 | An example for a global name pointing to the record "example" in |
375 | </t> | 375 | a zone is: |
376 | <t> | 376 | </t> |
377 | Zone contents are encrypted and signed | 377 | <sourcecode> |
378 | before being published in a key-value storage (<xref target="publish"/>) | 378 | example.000G006K2TJNMD9VTCYRX7BRVV3HAEPS15E6NHDXKPJA1KAJJEG9AFF884 |
379 | as illustrated in <xref target="figure_arch_publish"/>. | 379 | </sourcecode> |
380 | In this process, unique zone identification is hidden from the network | 380 | <t> |
381 | through the use of key blinding. | 381 | Now consider the petname "pet" for the example zone |
382 | Key blinding allows the creation of signatures for zone contents | 382 | of the name above. |
383 | using a blinded public/private key pair. | 383 | The following name would point to the same record as the |
384 | This blinding is realized using a deterministic key | 384 | globally unique name above but it is only valid locally: |
385 | derivation from | 385 | </t> |
386 | the original zone key and corresponding private key using record label values | 386 | <sourcecode> |
387 | as blinding factors. | 387 | example.pet |
388 | Specifically, the zone owner can derive blinded private keys for each record | 388 | </sourcecode> |
389 | set published under a label, and a | 389 | <t> |
390 | resolver can derive the corresponding blinded public keys. | 390 | The delegation of petnames and subsequent resolution of delegation |
391 | It is expected that GNS implementations use distributed or decentralized | 391 | builds on ideas from the Simple Distributed Security Infrastructure |
392 | storages such as distributed hash tables (DHT) in order to facilitate | 392 | <xref target="SDSI" />. |
393 | availability within a network without the need for dedicated infrastructure. | 393 | In GNS, any user can create and manage one or more zones |
394 | Specification of such a distributed or decentralized storage is out of | 394 | (<xref target="zones"/>) as part of a zone master implementation. |
395 | scope of this document, but possible existing implementations include those | 395 | The zone type determines the respective set of cryptographic operations |
396 | based on <xref target="RFC7363" />, <xref target="Kademlia" /> or | 396 | and the wire formats for encrypted data, public keys and signatures. |
397 | <xref target="R5N" />. | 397 | A zone can be populated with mappings from labels to resource records by |
398 | </t> | 398 | its owner (<xref target="rrecords"/>). |
399 | <figure anchor="figure_arch_publish" title="An example diagram of two hosts publishing GNS zones."> | 399 | A label can be mapped to a delegation record which results in the |
400 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 400 | corresponding subdomain being delegated to another zone. Circular |
401 | Local Host | Remote | Remote Host | 401 | delegations are explicitly allowed, including delegating a subdomain |
402 | | Storage | | 402 | to its immediate parent zone. In |
403 | | | | 403 | order to support (legacy) applications as well as to facilitate the use |
404 | | +---------+ | | 404 | of petnames, GNS defines auxiliary record types in addition to |
405 | | / /| | | 405 | supporting existing DNS records. |
406 | Publish | +---------+ | | Publish | 406 | </t> |
407 | +---------+ Records | | | | | Records +---------+ | 407 | <t> |
408 | | Zone |----------|->| Record | |<-|----------| Zone | | 408 | Zone contents are encrypted and signed |
409 | | Master | | | Storage | | | | Master | | 409 | before being published in a key-value storage (<xref target="publish"/>) |
410 | +---------+ | | |/ | +---------+ | 410 | as illustrated in <xref target="figure_arch_publish"/>. |
411 | A | +---------+ | A | 411 | In this process, unique zone identification is hidden from the network |
412 | | | | | | 412 | through the use of key blinding. |
413 | +---------+ | | +---------+ | 413 | Key blinding allows the creation of signatures for zone contents |
414 | / | /| | | / | /| | 414 | using a blinded public/private key pair. |
415 | +---------+ | | | +---------+ | | 415 | This blinding is realized using a deterministic key |
416 | | | | | | | | | | 416 | derivation from |
417 | | Local | | | | | Local | | | 417 | the original zone key and corresponding private key using record label values |
418 | | Zones | | | | | Zones | | | 418 | as blinding factors. |
419 | | |/ | | | |/ | 419 | Specifically, the zone owner can derive blinded private keys for each record |
420 | +---------+ | | +---------+ | 420 | set published under a label, and a |
421 | ]]></artwork> | 421 | resolver can derive the corresponding blinded public keys. |
422 | </figure> | 422 | It is expected that GNS implementations use distributed or decentralized |
423 | <t> | 423 | storages such as distributed hash tables (DHT) in order to facilitate |
424 | Applications use the resolver to lookup GNS names. | 424 | availability within a network without the need for dedicated infrastructure. |
425 | Starting from a configurable start zone, names are resolved by following zone | 425 | Specification of such a distributed or decentralized storage is out of |
426 | delegations recursively as illustrated in <xref target="figure_arch_resolv"/>. | 426 | scope of this document, but possible existing implementations include those |
427 | For each label in a name, the recursive GNS resolver | 427 | based on <xref target="RFC7363" />, <xref target="Kademlia" /> or |
428 | fetches the respective record from the storage layer (<xref target="resolution"/>). | 428 | <xref target="R5N" />. |
429 | Without knowledge of the label values and the zone keys, the | 429 | </t> |
430 | different derived keys are unlinkable both to the original zone key and to each | 430 | <figure anchor="figure_arch_publish" title="An example diagram of two hosts publishing GNS zones."> |
431 | other. | 431 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
432 | This prevents zone enumeration (except via impractical online brute | 432 | Local Host | Remote | Remote Host |
433 | force attacks) and requires knowledge | 433 | | Storage | |
434 | of both the zone key and the label to confirm affiliation of a | 434 | | | |
435 | query or the corresponding encrypted record set with a | 435 | | +---------+ | |
436 | specific zone. At the same time, the blinded zone key provides | 436 | | / /| | |
437 | resolvers | 437 | Publish | +---------+ | | Publish |
438 | with the ability to verify the integrity of the published information | 438 | +---------+ Records | | | | | Records +---------+ |
439 | without disclosing the originating zone. | 439 | | Zone |----------|->| Record | |<-|----------| Zone | |
440 | </t> | 440 | | Master | | | Storage | | | | Master | |
441 | <figure anchor="figure_arch_resolv" title="High-level view of the GNS resolution process."> | 441 | +---------+ | | |/ | +---------+ |
442 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 442 | A | +---------+ | A |
443 | | | | | | ||
444 | +---------+ | | +---------+ | ||
445 | / | /| | | / | /| | ||
446 | +---------+ | | | +---------+ | | ||
447 | | | | | | | | | | ||
448 | | Local | | | | | Local | | | ||
449 | | Zones | | | | | Zones | | | ||
450 | | |/ | | | |/ | ||
451 | +---------+ | | +---------+ | ||
452 | ]]></artwork> | ||
453 | </figure> | ||
454 | <t> | ||
455 | Applications use the resolver to lookup GNS names. | ||
456 | Starting from a configurable start zone, names are resolved by following zone | ||
457 | delegations recursively as illustrated in <xref target="figure_arch_resolv"/>. | ||
458 | For each label in a name, the recursive GNS resolver | ||
459 | fetches the respective record from the storage layer (<xref target="resolution"/>). | ||
460 | Without knowledge of the label values and the zone keys, the | ||
461 | different derived keys are unlinkable both to the original zone key and to each | ||
462 | other. | ||
463 | This prevents zone enumeration (except via impractical online brute | ||
464 | force attacks) and requires knowledge | ||
465 | of both the zone key and the label to confirm affiliation of a | ||
466 | query or the corresponding encrypted record set with a | ||
467 | specific zone. At the same time, the blinded zone key provides | ||
468 | resolvers | ||
469 | with the ability to verify the integrity of the published information | ||
470 | without disclosing the originating zone. | ||
471 | </t> | ||
472 | <figure anchor="figure_arch_resolv" title="High-level view of the GNS resolution process."> | ||
473 | <artwork name="" type="" align="left" alt=""><![CDATA[ | ||
443 | Local Host | Remote | 474 | Local Host | Remote |
444 | | Storage | 475 | | Storage |
445 | | | 476 | | |
@@ -461,13 +492,13 @@ | |||
461 | | Zones | | | | 492 | | Zones | | | |
462 | | |/ | | 493 | | |/ | |
463 | +---------+ | | 494 | +---------+ | |
464 | ]]></artwork> | 495 | ]]></artwork> |
465 | </figure> | 496 | </figure> |
466 | <t> | 497 | <t> |
467 | In the remainder of this document, the "implementer" refers to the developer building | 498 | In the remainder of this document, the "implementer" refers to the developer building |
468 | a GNS implementation including the resolver, zone master, and | 499 | a GNS implementation including the resolver, zone master, and |
469 | supporting configuration such as start zones (<xref target="governance"/>). | 500 | supporting configuration such as start zones (<xref target="governance"/>). |
470 | </t> | 501 | </t> |
471 | </section> | 502 | </section> |
472 | <section anchor="zones" numbered="true" toc="default"> | 503 | <section anchor="zones" numbered="true" toc="default"> |
473 | <name>Zones</name> | 504 | <name>Zones</name> |