diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
| -rw-r--r-- | draft-schanzen-gns.xml | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 280a85c..9f94e2b 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
| @@ -1543,8 +1543,11 @@ NONCE := HKDF-Expand (PRK_n, label, 128 / 8) | |||
| 1543 | <section anchor="publish" numbered="true" toc="default"> | 1543 | <section anchor="publish" numbered="true" toc="default"> |
| 1544 | <name>Record Storage</name> | 1544 | <name>Record Storage</name> |
| 1545 | <t> | 1545 | <t> |
| 1546 | Any API which allows storing a value under a key and retrieving | 1546 | Any API which allows storing a value under a 512-bit key and retrieving |
| 1547 | a value from the key can be used by an implementation for record storage. | 1547 | one or more values from the key can be used by an implementation for record storage. |
| 1548 | To be useful, the API MUST permit storing at least 164 byte values | ||
| 1549 | to be able to support the defined zone delegation record encodings, | ||
| 1550 | and SHOULD allow at least 1024 byte values. | ||
| 1548 | We assume that an implementation realizes two procedures on top of a | 1551 | We assume that an implementation realizes two procedures on top of a |
| 1549 | storage: | 1552 | storage: |
| 1550 | </t> | 1553 | </t> |
| @@ -1605,13 +1608,14 @@ q := SHA-512 (ZKDF-Public(zk, label)) | |||
| 1605 | <t> | 1608 | <t> |
| 1606 | GNS records are grouped by their labels and published as a single | 1609 | GNS records are grouped by their labels and published as a single |
| 1607 | block in the storage. The grouped record sets MAY be paired with any | 1610 | block in the storage. The grouped record sets MAY be paired with any |
| 1608 | number of supplemental records. Supplemental records must have the | 1611 | number of supplemental records. Supplemental records MUST have the |
| 1609 | supplemental flag set (See <xref target="rrecords"/>). | 1612 | supplemental flag set (See <xref target="rrecords"/>). |
| 1610 | The contained resource records are encrypted using a symmetric | 1613 | The contained resource records are encrypted using a symmetric |
| 1611 | encryption scheme. | 1614 | encryption scheme. |
| 1612 | A GNS implementation must publish RRBLOCKs | 1615 | A GNS implementation publish RRBLOCKs |
| 1613 | in accordance to the properties and recommendations of the underlying | 1616 | in accordance to the properties and recommendations of the underlying |
| 1614 | storage. This may include a periodic refresh publication. | 1617 | storage. This may include a periodic refresh operation to ensure the |
| 1618 | availability of the published RRBLOCKs. | ||
| 1615 | The GNS RRBLOCK wire format is illustrated in | 1619 | The GNS RRBLOCK wire format is illustrated in |
| 1616 | <xref target="figure_record_block"/>. | 1620 | <xref target="figure_record_block"/>. |
| 1617 | </t> | 1621 | </t> |
| @@ -1920,7 +1924,7 @@ example.com = zk2 | |||
| 1920 | <li> | 1924 | <li> |
| 1921 | Case 3: | 1925 | Case 3: |
| 1922 | If the remainder of the name to resolve is not empty and | 1926 | If the remainder of the name to resolve is not empty and |
| 1923 | does not match the "_SERVICE._PROTO" syntax, then the current record set | 1927 | does not match the "_SERVICE._PROTO" syntax, then the current record set |
| 1924 | MUST consist of a single delegation record (<xref target="delegation_processing" />), | 1928 | MUST consist of a single delegation record (<xref target="delegation_processing" />), |
| 1925 | a single CNAME record (<xref target="cname_processing" />), | 1929 | a single CNAME record (<xref target="cname_processing" />), |
| 1926 | or one or more GNS2DNS records (<xref target="gns2dns_processing" />), | 1930 | or one or more GNS2DNS records (<xref target="gns2dns_processing" />), |