diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
| -rw-r--r-- | draft-schanzen-gns.xml | 47 |
1 files changed, 15 insertions, 32 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 735a594..aab257d 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
| @@ -1285,12 +1285,14 @@ NONCE := HKDF-Expand (PRK_n, label, 128 / 8) | |||
| 1285 | <name>REDIRECT</name> | 1285 | <name>REDIRECT</name> |
| 1286 | <t> | 1286 | <t> |
| 1287 | A REDIRECT record is the GNS equivalent of a CNAME record in DNS. | 1287 | A REDIRECT record is the GNS equivalent of a CNAME record in DNS. |
| 1288 | A REDIRECT DATA entry is illustrated in <xref target="figure_redirectrecord"/>.</t> | 1288 | Details on processing of this record is defined in <xref target="redirect_processing"/>. |
| 1289 | A REDIRECT DATA entry is illustrated in <xref target="figure_redirectrecord"/>. | ||
| 1290 | </t> | ||
| 1289 | <figure anchor="figure_redirectrecord"> | 1291 | <figure anchor="figure_redirectrecord"> |
| 1290 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 1292 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
| 1291 | 0 8 16 24 32 40 48 56 | 1293 | 0 8 16 24 32 40 48 56 |
| 1292 | +-----+-----+-----+-----+-----+-----+-----+-----+ | 1294 | +-----+-----+-----+-----+-----+-----+-----+-----+ |
| 1293 | | GNS NAME | | 1295 | | REDIRECT NAME | |
| 1294 | / / | 1296 | / / |
| 1295 | / / | 1297 | / / |
| 1296 | | | | 1298 | | | |
| @@ -1301,7 +1303,11 @@ NONCE := HKDF-Expand (PRK_n, label, 128 / 8) | |||
| 1301 | <dl> | 1303 | <dl> |
| 1302 | <dt>GNS NAME</dt> | 1304 | <dt>GNS NAME</dt> |
| 1303 | <dd> | 1305 | <dd> |
| 1304 | The name to continue with in GNS. The value is UTF-8 encoded and | 1306 | The name to continue with in GNS. |
| 1307 | The value of a redirect record may be a regular GNS name, or a relative | ||
| 1308 | name. | ||
| 1309 | Relative names are indicated using the suffix ".+". | ||
| 1310 | The string is UTF-8 encoded and | ||
| 1305 | 0-terminated. | 1311 | 0-terminated. |
| 1306 | </dd> | 1312 | </dd> |
| 1307 | </dl> | 1313 | </dl> |
| @@ -1703,15 +1709,6 @@ q := SHA-512 (ZKDF-Public(zk, label)) | |||
| 1703 | The wire format of the RDATA is illustrated in | 1709 | The wire format of the RDATA is illustrated in |
| 1704 | <xref target="figure_rdata"/>. | 1710 | <xref target="figure_rdata"/>. |
| 1705 | </t> | 1711 | </t> |
| 1706 | <!-- FIXME: I (CG) think we can do better here: | ||
| 1707 | use the canonical TYPE-LENGTH-(FLAGS-EXPR)-VALUE | ||
| 1708 | (as in TLV) instead of LENGTH-TYPE-(FLAGS-EXPR)-VALUE; | ||
| 1709 | we should consider using 16 bit for DATA SIZE and | ||
| 1710 | FLAGS (improves alignment, hardly a good use for 32-bit | ||
| 1711 | flags or values); | ||
| 1712 | We MAY also consider removing RRCOUNT, just bad | ||
| 1713 | for alignment, and - strictly speaking - redundant, | ||
| 1714 | just causes another error check for implementations. --> | ||
| 1715 | <figure anchor="figure_rdata"> | 1712 | <figure anchor="figure_rdata"> |
| 1716 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 1713 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
| 1717 | 0 8 16 24 32 40 48 56 | 1714 | 0 8 16 24 32 40 48 56 |
| @@ -1949,32 +1946,18 @@ example.com = zk2 | |||
| 1949 | <section anchor="redirect_processing" numbered="true" toc="default"> | 1946 | <section anchor="redirect_processing" numbered="true" toc="default"> |
| 1950 | <name>REDIRECT</name> | 1947 | <name>REDIRECT</name> |
| 1951 | <t> | 1948 | <t> |
| 1952 | If a REDIRECT record is encountered, the redirect name is | 1949 | If the remaining name is empty and the desired record type is |
| 1953 | appended to the remaining name, except if the remaining name | 1950 | REDIRECT, in which case the resolution concludes with the REDIRECT record. |
| 1954 | is empty and the desired record type is REDIRECT, in which case | 1951 | If the redirect name ends in ".+", |
| 1955 | the resolution concludes with the REDIRECT record. | ||
| 1956 | If the redirect name ends in ".+", <!-- FIXME Do we need this? --> | ||
| 1957 | resolution continues in GNS with the new name in the | 1952 | resolution continues in GNS with the new name in the |
| 1958 | current zone. Otherwise, the resulting name is resolved via the | 1953 | current zone. Otherwise, the redirect name treated as a GNS name |
| 1959 | default operating system name resolution process. | 1954 | and resolution restarts. |
| 1960 | This may in turn trigger a GNS name resolution process depending | ||
| 1961 | on the system configuration. | ||
| 1962 | <!-- Note: this permits non-DNS resolvers to be triggered via NSS! --> | 1955 | <!-- Note: this permits non-DNS resolvers to be triggered via NSS! --> |
| 1963 | </t> | 1956 | </t> |
| 1964 | <t> | 1957 | <t> |
| 1965 | In order to prevent infinite loops, the resolver MUST | 1958 | In order to prevent infinite loops, the resolver MUST |
| 1966 | implement loop detections or limit the number of recursive | 1959 | implement loop detections or limit the number of recursive |
| 1967 | resolution steps. The loop detection MUST be effective even | 1960 | resolution steps. |
| 1968 | if a REDIRECT found in GNS triggers subsequent GNS lookups via | ||
| 1969 | the default operating system name resolution process. | ||
| 1970 | </t> | ||
| 1971 | <t> | ||
| 1972 | If the last REDIRECT encountered was a DNS name, the resolver | ||
| 1973 | SHOULD return the DNS name | ||
| 1974 | as a supplemental LEHO record (see <xref target="gnsrecords_leho" />) | ||
| 1975 | with a relative expiration time of one hour. | ||
| 1976 | <!-- Note: Martin: do we actually implement this in GNS today? | ||
| 1977 | Seems rather tricky to detect if we go via NSS... --> | ||
| 1978 | </t> | 1961 | </t> |
| 1979 | </section> | 1962 | </section> |
| 1980 | <section anchor="gns2dns_processing" numbered="true" toc="default"> | 1963 | <section anchor="gns2dns_processing" numbered="true" toc="default"> |