1 files changed, 14 insertions, 7 deletions

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index f30d84b..8345eee 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -8,6 +8,7 @@
 <!ENTITY RFC3629 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3629.xml">
 <!ENTITY RFC3686 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3686.xml">
 <!ENTITY RFC3826 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3826.xml">
+<!ENTITY RFC4033 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4033.xml">
 <!--<!ENTITY RFC3912 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml">-->
 <!ENTITY RFC5869 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5869.xml">
 <!ENTITY RFC5890 PUBLIC '' "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5890.xml">
@@ -192,6 +193,12 @@
          UTF-8 characters <xref target="RFC8499"/> with a maximum length of
          63 bytes. Labels MUST be canonicalized using
          Normalization Form C (NFC) <xref target="Unicode-UAX15"/>.
+         The empty label is represented using the character "@" (without
+         quotes).
+         The empty label is used to publish resource
+         records in a zone that can be resolved without providing a specific
+         label. It is the GNS method provide what is the "zone apex" in DNS
+         <xref target="RFC4033"/>.
        </dd>
        <dt>Name</dt>
        <dd>
@@ -214,7 +221,7 @@
        <dd>
          A GNS zone contains authoritative information (resource records).
          A zone is uniquely identified by its zone key.  Unlike DNS zones,
-         a GNS zone does not need to have a SOA record at its apex.
+         a GNS zone does not need to have a SOA record under the empty label.
        </dd>
        <dt>Zone Type</dt>
        <dd>
@@ -893,8 +900,7 @@ zTLD := zkl[126..129].zkl[63..125].zkl[0..62]
        determined to be cryptographically insecure, or if an application has
        reasons to not support delegation to DNS for reasons such as complexity
        or security. Zone delegation records MUST NOT be stored and published
-         under the empty label.
-     <!-- FIXME: Empty label and apex label are not well defined -->
+       under the empty label.
        A zone delegation record type value is the same as the respective ztype
        value.
        The ztype defines the cryptographic primitives for the zone that is
@@ -1921,7 +1927,7 @@ example.com = zk2
            In each step of the recursive name resolution, there is an
            authoritative zone zk and a name to resolve. The name may be empty.
            Initially, the authoritative zone is the start zone. If the name
-           is empty, it is interpreted as the apex label "@".
+           is empty, it is interpreted as the empty label "@".
          </t>
          <t>
            From here, the following steps are recursively executed, in order:
@@ -2079,7 +2085,7 @@ example.com = zk2
              and provide a consistent security profile for all name resolutions.
              Such resolvers would return an empty record set upon encountering
              a GNS2DNS record during the recursion. However, if GNS2DNS records
-             are encountered in the record set for the apex and a GNS2DNS record
+             are encountered in the record set for the empty label and a GNS2DNS record
              is explicitly requested by the application, such records MUST
              still be returned, even if DNS support is disabled by the
              GNS resolver configuration.
@@ -2109,7 +2115,7 @@ example.com = zk2
              Implementations MAY support any subset of ztypes.
              Handling of
              Implementations MUST NOT process zone delegation for the empty
-             apex label "@". Upon encountering a zone delegation record under
+             label "@". Upon encountering a zone delegation record under
              this label, resolution fails and an error MUST be returned. The
              implementation MAY choose not to return the reason for the failure,
              merely impacting troubleshooting information for the user.
@@ -2118,7 +2124,7 @@ example.com = zk2
              If the remainder of the name to resolve is empty and we have
              received a record set containing only a single delegation record, the
              recursion is continued with the record value as authoritative zone
-             and the empty apex label "@" as remaining name.
+             and the empty label "@" as remaining name.
              Except in the case where the desired record type as specified by
              the client is equal to the ztype, in which case the delegation
              record is returned.
@@ -3030,6 +3036,7 @@ c9d7b9ab
      </references>
      <references>
        <name>Informative References</name>
+         &RFC4033;
          &RFC6781;
          &RFC7363;
          &RFC8324;