diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
-rw-r--r-- | draft-schanzen-gns.xml | 129 |
1 files changed, 67 insertions, 62 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index d47ae9c..e0b38de 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -187,23 +187,55 @@ | |||
187 | <section> | 187 | <section> |
188 | <name>Terminology</name> | 188 | <name>Terminology</name> |
189 | <dl> | 189 | <dl> |
190 | <dt>Apex Label</dt> | ||
191 | <dd> | ||
192 | This type of label is used to publish resource | ||
193 | records in a zone that can be resolved without providing a specific | ||
194 | label. It is the GNS method to provide what is the "zone apex" in DNS | ||
195 | <xref target="RFC4033"/>. | ||
196 | The apex label is represented using the character U+0040 ("@" without | ||
197 | the quotes). | ||
198 | </dd> | ||
190 | <dt>Application</dt> | 199 | <dt>Application</dt> |
191 | <dd> | 200 | <dd> |
192 | A component which uses a GNS implementation | 201 | A component which uses a GNS implementation |
193 | to resolve names into records and processes its contents. | 202 | to resolve names into records and processes its contents. |
194 | </dd> | 203 | </dd> |
195 | <dt>Resolver</dt> | 204 | <dt>Blinded Zone Key</dt> |
196 | <dd> | 205 | <dd> |
197 | The component of a GNS implementation which provides | 206 | The key derived from a zone key and a label. |
198 | the recursive name resolution logic defined in | 207 | The zone key and the blinded zone key are unlinkable without knowledge of the label. |
199 | <xref target="resolution"/>. | ||
200 | </dd> | 208 | </dd> |
201 | <dt>Zone Master</dt> | 209 | |
210 | <dt>Extension Label</dt> | ||
202 | <dd> | 211 | <dd> |
203 | The component of a GNS implementation which provides | 212 | The primary use for the extension label is in redirections where the redirection |
204 | local zone management and publication as defined in | 213 | target is defined relative to the authoritative zone of the redirection |
205 | <xref target="publish"/>. | 214 | record (<xref target="gnsrecords_redirect"/>). |
215 | The extension label is represented using the character U+002B ("+" | ||
216 | without the quotes). | ||
206 | </dd> | 217 | </dd> |
218 | <dt>Label Separator</dt> | ||
219 | <dd> | ||
220 | Labels in a name are separated using the label separator U+002E | ||
221 | ("." without the quotes). | ||
222 | In GNS, with the exceptions of zone Top-Level Domains | ||
223 | (see below) and boxed records (see <xref target="gnsrecords_box"/>), | ||
224 | every separator label in a name delegates to another zone. | ||
225 | </dd> | ||
226 | <dt>Label</dt> | ||
227 | <dd> | ||
228 | A GNS label is a label as defined in <xref target="RFC8499"/>. | ||
229 | Labels are UTF-8 strings in Unicode | ||
230 | Normalization Form C (NFC) <xref target="Unicode-UAX15"/>. | ||
231 | The apex label, label separator and the extension label have | ||
232 | special purposes in the resolution protocol which are defined | ||
233 | in the rest of the document. | ||
234 | Zone administrators <bcp14>MAY</bcp14> disallow certain labels that | ||
235 | might be easily confused with other labels through registration policies | ||
236 | (see also <xref target="security_abuse"/>). | ||
237 | </dd> | ||
238 | |||
207 | <dt>Name</dt> | 239 | <dt>Name</dt> |
208 | <dd> | 240 | <dd> |
209 | A name in GNS is a domain name as defined in <xref target="RFC8499"/> | 241 | A name in GNS is a domain name as defined in <xref target="RFC8499"/> |
@@ -219,43 +251,28 @@ | |||
219 | specific user expectations, for example according to | 251 | specific user expectations, for example according to |
220 | <xref target="Unicode-UTS46"/>. | 252 | <xref target="Unicode-UTS46"/>. |
221 | </dd> | 253 | </dd> |
222 | <dt>Label</dt> | 254 | <dt>Resolver</dt> |
223 | <dd> | ||
224 | A GNS label is a label as defined in <xref target="RFC8499"/>. | ||
225 | Labels are UTF-8 strings in Unicode | ||
226 | Normalization Form C (NFC) <xref target="Unicode-UAX15"/>. | ||
227 | The apex label, label separator and the extension label have | ||
228 | special purposes in the resolution protocol which are defined | ||
229 | in the rest of the document. | ||
230 | Zone administrators <bcp14>MAY</bcp14> disallow certain labels that | ||
231 | might be easily confused with other labels through registration policies | ||
232 | (see also <xref target="security_abuse"/>). | ||
233 | </dd> | ||
234 | <dt>Apex Label</dt> | ||
235 | <dd> | 255 | <dd> |
236 | This type of label is used to publish resource | 256 | The component of a GNS implementation which provides |
237 | records in a zone that can be resolved without providing a specific | 257 | the recursive name resolution logic defined in |
238 | label. It is the GNS method to provide what is the "zone apex" in DNS | 258 | <xref target="resolution"/>. |
239 | <xref target="RFC4033"/>. | ||
240 | The apex label is represented using the character U+0040 ("@" without | ||
241 | the quotes). | ||
242 | </dd> | 259 | </dd> |
243 | <dt>Extension Label</dt> | 260 | <dt>Resource Record</dt> |
244 | <dd> | 261 | <dd> |
245 | The primary use for the extension label is in redirections where the redirection | 262 | A GNS resource record is the information associated with a label in a |
246 | target is defined relative to the authoritative zone of the redirection | 263 | GNS zone. |
247 | record (<xref target="gnsrecords_redirect"/>). | 264 | A GNS resource record contains information as defined by its |
248 | The extension label is represented using the character U+002B ("+" | 265 | resource record type. |
249 | without the quotes). | ||
250 | </dd> | 266 | </dd> |
251 | <dt>Label Separator</dt> | 267 | <dt>Start Zone</dt> |
252 | <dd> | 268 | <dd> |
253 | Labels in a name are separated using the label separator U+002E | 269 | In order to resolve any given GNS name an initial start zone must be |
254 | ("." without the quotes). | 270 | determined for this name. |
255 | In GNS, with the exceptions of zone Top-Level Domains | 271 | The start zone can be explicitly defined through a zTLD. |
256 | (see below) and boxed records (see <xref target="gnsrecords_box"/>), | 272 | Otherwise, it is determined through a local suffix-to-zone mapping |
257 | every separator label in a name delegates to another zone. | 273 | (see <xref target="governance"/>). |
258 | </dd> | 274 | </dd> |
275 | |||
259 | <dt>Top-Level Domain</dt> | 276 | <dt>Top-Level Domain</dt> |
260 | <dd> | 277 | <dd> |
261 | The rightmost part of a GNS name is a GNS Top-Level Domain (TLD). | 278 | The rightmost part of a GNS name is a GNS Top-Level Domain (TLD). |
@@ -272,25 +289,22 @@ | |||
272 | A zone is uniquely identified by its zone key. Unlike DNS zones, | 289 | A zone is uniquely identified by its zone key. Unlike DNS zones, |
273 | a GNS zone does not need to have a SOA record under the apex label. | 290 | a GNS zone does not need to have a SOA record under the apex label. |
274 | </dd> | 291 | </dd> |
275 | <dt>Zone Type</dt> | ||
276 | <dd> | ||
277 | The type of a GNS zone determines the cipher system and binary encoding | ||
278 | format of the zone key, blinded zone keys, and signatures. | ||
279 | </dd> | ||
280 | <dt>Zone Key</dt> | 292 | <dt>Zone Key</dt> |
281 | <dd> | 293 | <dd> |
282 | A key which uniquely identifies a zone. | 294 | A key which uniquely identifies a zone. |
283 | It is usually a public key of an asymmetric key pair. | 295 | It is usually a public key of an asymmetric key pair. |
284 | </dd> | 296 | </dd> |
285 | <dt>Blinded Zone Key</dt> | ||
286 | <dd> | ||
287 | The key derived from a zone key and a label. | ||
288 | The zone key and the blinded zone key are unlinkable without knowledge of the label. | ||
289 | </dd> | ||
290 | <dt>Zone Key Derivation Function</dt> | 297 | <dt>Zone Key Derivation Function</dt> |
291 | <dd> | 298 | <dd> |
292 | The zone key derivation function (ZKDF) blinds a zone key using a label. | 299 | The zone key derivation function (ZKDF) blinds a zone key using a label. |
293 | </dd> | 300 | </dd> |
301 | |||
302 | <dt>Zone Master</dt> | ||
303 | <dd> | ||
304 | The component of a GNS implementation which provides | ||
305 | local zone management and publication as defined in | ||
306 | <xref target="publish"/>. | ||
307 | </dd> | ||
294 | <dt>Zone Owner</dt> | 308 | <dt>Zone Owner</dt> |
295 | <dd> | 309 | <dd> |
296 | The holder of the secret (typically a private key) | 310 | The holder of the secret (typically a private key) |
@@ -306,20 +320,11 @@ | |||
306 | A zTLD label sequence can only be distinguished from ordinary TLD label sequences | 320 | A zTLD label sequence can only be distinguished from ordinary TLD label sequences |
307 | by attempting to decode the labels into a zone type and zone key. | 321 | by attempting to decode the labels into a zone type and zone key. |
308 | </dd> | 322 | </dd> |
309 | <dt>Start Zone</dt> | 323 | |
310 | <dd> | 324 | <dt>Zone Type</dt> |
311 | In order to resolve any given GNS name an initial start zone must be | ||
312 | determined for this name. | ||
313 | The start zone can be explicitly defined through a zTLD. | ||
314 | Otherwise, it is determined through a local suffix-to-zone mapping | ||
315 | (see <xref target="governance"/>). | ||
316 | </dd> | ||
317 | <dt>Resource Record</dt> | ||
318 | <dd> | 325 | <dd> |
319 | A GNS resource record is the information associated with a label in a | 326 | The type of a GNS zone determines the cipher system and binary encoding |
320 | GNS zone. | 327 | format of the zone key, blinded zone keys, and signatures. |
321 | A GNS resource record contains information as defined by its | ||
322 | resource record type. | ||
323 | </dd> | 328 | </dd> |
324 | </dl> | 329 | </dl> |
325 | </section> | 330 | </section> |