1 files changed, 126 insertions, 135 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 49851ab..0b3f691 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -164,9 +164,9 @@
       being published by its owner for resolution by other parties.
       Records are grouped by their label, and encrypted using an encryption
       key derived from the label and the zone public key (see <xref target="records_block"/>).
-       Instead of the zone private key d, the signature MUST
+       Instead of the zone private key d, a GNS zone MUST support the creation
-       be created using a blinded public/private key pair.
+       of signatures using a blinded public/private key pair.
-       This blinding is realized using a deterministic key
+       This blinding is commonly realized using a deterministic key
       derivation scheme.
       Such a scheme allows the deterministic derivation of keys from
       the original public and private zone keys using record label values.
@@ -183,45 +183,88 @@
       without disclosing the originating zone.
     </t>
     <t>
-       Based on the above, the following variables are associated with a zone in GNS:
+       Based on the above, the following variables are associated with a zone in
+       GNS and used in the following throughout this specification.
     </t>
+     <section anchor="ztype" numbered="true" toc="default">
+       <name>Zone Type</name>
+       <t>
+         The Zone Type ztype is the unique zone type of the zone as registered
+         in the GNUnet Assigned Numbers Authority <xref target="GANA" />.
+         The Zone Type determines which cryptosystem is used for the
+         asymmetric and symmetric key operations of the zone.
+         The zone type is identified by a 32-bit number.
+         It always corresponds to a resource record type number identifying a
+         delegation into a zone of this type.
+       </t>
+       <t>
+         For any zone, d is the private zone key. zk is the public zone key.
+         The specific formats depends on the Zone Type.
+         The default zone delegation record types are specified in
+         <xref target="rrecords"/>.
+         New Zone Types may be specified in the future, for example if the
+         cryptographic mechanisms used in this document are broken.
+         Any Zone Type MUST define the following set of cryptographic functions:
+       </t>
     <dl>
-       <dt>ztype</dt>
+       <dt>Private-KeyGen() -> d</dt>
       <dd>
-         is the unique zone type of the zone as registered in the
+         is a function to generate a fresh private zone key d.
-         GNUnet Assigned Numbers Authority <xref target="GANA" />.
-         The zone type determines which cryptosystem is used for the
-         asymmetric and symmetric key operations of the zone. A 32-bit number.
       </dd>
-       <dt>d</dt>
+       <dt>Public-KeyGen(d) -> zk</dt>
       <dd>
-         is the private zone key. The specific format depends on the zone type.
+         is a function to derive a public zone key zk from a private key d.
       </dd>
-       <dt>zk</dt>
+       <dt>ZKDF-Private(d,label) -> d'</dt>
       <dd>
-         is the public zone key. The specific format depends on the zone type.
+         is a zone key derivation function which blinds a private zone key d
+         using label, resulting in another private key which
+         can be used to create cryptographic signatures.
       </dd>
-       <dt>zid</dt>
+       <dt>ZKDF-Public(zk,label) -> zk'</dt>
       <dd>
-         is the zone identifier, a unique public identifier of a zone.
+         is a zone key derivation function which blinds a public zone key zk
-         It consists of the ztype and the public zone key zk.
+         using a label. zk and zk' must be unlinkable. Furthermore,
+         blinding zk with different values for the label must result
+         in unlinkable different resulting values for zk'.
       </dd>
-       <dt>zkl</dt>
+       <dt>S-Encrypt(zk,label,nonce,expiration,rdata) -> bdata</dt>
       <dd>
-         is the zone key label. It is a string representation of the zone identifier.
+         is a deterministic symmetric encryption function which encrypts the record
+         data rdata based on key material derived from the public zone key,
+         a label, a nonce and an expiration.
+         In order to leverage performance-enhancing caching features of certain
+         underlying storages, in particular DHTs, a deterministic encryption
+         scheme is recommended.
       </dd>
-       <dt>zTLD</dt>
+       <dt>S-Decrypt(zk,label,nonce,expiration,bdata) -> rdata</dt>
       <dd>
-         is the Zone Top-Level Domain. It is a string which encodes the zone key
+         is a symmetric encryption function which decrypts the encrypted record
-         label into a domain name.
+         data bdata based on key material derived from the public zone key,
-         The zTLD is used as a globally unique reference to a specific
+         a label, a nonce an expiration.
-         namespace in the process of name resolution.
+       </dd>
+       <dt>Sign(d',bdata) -> sig</dt>
+       <dd>
+         is a function to sign bdata using the (blinded) private key
+         d', yielding an unforgable cryptographic signature.
+       </dd>
+       <dt>Verify(zk',bdata,sig) -> valid</dt>
+       <dd>
+         is a function to verify the signature sig was created by
+         the a private key d' derived from d and a label if
+         zk' was derived from the corresponding zone key
+         zk := Public-Keygen(d) and same label.
+         The function returns a boolean value of "TRUE" if the signature is valid,
+         and otherwise "FALSE".
       </dd>
     </dl>
+   </section>
     <section anchor="zid" numbered="true" toc="default">
       <name>Zone ID</name>
-       <t>
-         The Zone ID wire format is illustrated in <xref target="figure_zid"/>.
+       <t>The Zone ID zid is a unique public identifier of a zone.
+         It consists of the ztype and the public zone key zk.
+         The wire format is illustrated in <xref target="figure_zid"/>.
       </t>
     <figure anchor="figure_zid">
       <artwork name="" type="" align="left" alt=""><![CDATA[
@@ -233,18 +276,27 @@
 /                                               /
         ]]></artwork>
     </figure>
-     <t>
+     </section>
-       The zone key label is derived from the zone identifier using the Crockford Base32
+     <section anchor="zTLD" numbered="true" toc="default">
-       encoding <xref target="CrockfordB32"/> but the letter "U" is decoded to
+       <name>Zone Top-Level Domain</name>
-       the same Base32 value as the letter "V" in order to further increase
-       tolerance for failures in character recognition.
+       <t>
-       The encoding and decoding symbols for Crockford Base32 including this modification are defined in
+         The zTLD is the Zone Top-Level Domain.
-       <xref target="CrockfordB32Encode"/>.
+         It is a string which encodes the zone key into a domain name.
-       The functions for encoding and decoding based on this table are called
+         The zTLD is used as a globally unique reference to a specific
-       GNSCrockfordEncode and GNSCrockfordDecode, respectively.
+         namespace in the process of name resolution.
-     </t>
+         To encode the zone key, a zone key label zkl is derived from the Zone
-     <figure anchor="CrockfordB32Encode">
+         ID using the Crockford Base32
-       <artwork name="" type="" align="left" alt=""><![CDATA[
+         encoding <xref target="CrockfordB32"/> but the letter "U" is decoded to
+         the same Base32 value as the letter "V" in order to further increase
+         tolerance for failures in character recognition.
+         The encoding and decoding symbols for Crockford Base32 including this modification are defined in
+         <xref target="CrockfordB32Encode"/>.
+         The functions for encoding and decoding based on this table are called
+         GNSCrockfordEncode and GNSCrockfordDecode, respectively.
+       </t>
+       <figure anchor="CrockfordB32Encode">
+         <artwork name="" type="" align="left" alt=""><![CDATA[
 Symbol      Decode            Encode
 Value       Symbol            Symbol
 0           0 O o             0
@@ -280,95 +332,33 @@ Value       Symbol            Symbol
 30          Y y               Y
 31          Z z               Z
         ]]></artwork>
-     </figure>
+       </figure>
-     <t>
+       <t>
-       The Base32-Crockford Alphabet Including the Additional U Encode Symbol.
+         The Base32-Crockford Alphabet Including the Additional U Encode Symbol.
-     </t>
+       </t>
-     <t>
+       <t>
-       For the string representation of a zone identifier we define:
+         For the string representation of a zone identifier we define:
-     </t>
+       </t>
-     <artwork name="" type="" align="left" alt=""><![CDATA[
+       <artwork name="" type="" align="left" alt=""><![CDATA[
 zkl := GNSCrockfordEncode(zid)
 zid := GNSCrockfordDecode(zkl)
    ]]></artwork>
-   <t>
+       <t>
-     If zkl is less than 63 characters, it can directly be
+         If zkl is less than 63 characters, it can directly be
-     used as a zTLD.
+         used as a zTLD.
-     If zkl is be longer than 63 characters, the
+         If zkl is be longer than 63 characters, the
-     zTLD is constructed by dividing zkl into smaller labels separated by the
+         zTLD is constructed by dividing zkl into smaller labels separated by the
-     label separator ".".
+         label separator ".".
-     Here, the most significant bytes of the "zid" must be contained
+         Here, the most significant bytes of the "zid" must be contained
-     in the rightmost label of the resulting string and the least significant
+         in the rightmost label of the resulting string and the least significant
-     bytes in the leftmost label of the resulting string. This allows the
+         bytes in the leftmost label of the resulting string. This allows the
-     resolver to determine the zone type and zkl length from the rightmost label.
+         resolver to determine the zone type and zkl length from the rightmost label.
-     For example, assuming a zkl of 130 characters, the encoding would be:
+         For example, assuming a zkl of 130 characters, the encoding would be:
-     </t>
+       </t>
-     <artwork name="" type="" align="left" alt=""><![CDATA[
+       <artwork name="" type="" align="left" alt=""><![CDATA[
 zTLD := zkl[126:129].zkl[63:125].zkl[0:62]
       ]]></artwork>
-   </section>
+     </section>
-   <section anchor="zone_types" numbered="true" toc="default">
-     <name>Zone Type</name>
-     <t>
-       The zone type is identified by a 32-bit number. The zone type number
-       always corresponds to a resource record type number identifying a
-       delegation into a zone of this type.
-       Resource record types are discussed in the Section <xref target="rrecords"/>.
-       A zone type defines a family of eight functions:
-     </t>
-     <dl>
-       <dt>Private-KeyGen() -> d</dt>
-       <dd>
-         is a function to generate a fresh private zone key d.
-       </dd>
-       <dt>Public-KeyGen(d) -> zk</dt>
-       <dd>
-         is a function to derive a public zone key zk from a private key d.
-       </dd>
-       <dt>ZKDF-Private(d,label) -> d'</dt>
-       <dd>
-         is a zone key derivation function which blinds a private zone key d
-         using label, resulting in another private key which
-         can be used to create cryptographic signatures.
-       </dd>
-       <dt>ZKDF-Public(zk,label) -> zk'</dt>
-       <dd>
-         is a zone key derivation function which blinds a public zone key zk
-         using a label. zk and zk' must be unlinkable. Furthermore,
-         blinding zk with different values for the label must result
-         in unlinkable different resulting values for zk'.
-       </dd>
-       <dt>S-Encrypt(zk,label,nonce,expiration,rdata) -> bdata</dt>
-       <dd>
-         is a deterministic symmetric encryption function which encrypts the record
-         data rdata based on key material derived from the public zone key,
-         a label, a nonce and an expiration.
-         In order to leverage performance-enhancing caching features of certain
-         underlying storages, in particular DHTs, a deterministic encryption
-         scheme is recommended.
-       </dd>
-       <dt>S-Decrypt(zk,label,nonce,expiration,bdata) -> rdata</dt>
-       <dd>
-         is a symmetric encryption function which decrypts the encrypted record
-         data bdata based on key material derived from the public zone key,
-         a label, a nonce an expiration.
-       </dd>
-       <dt>Sign(d',bdata) -> sig</dt>
-       <dd>
-         is a function to sign bdata using the (blinded) private key
-         d', yielding an unforgable cryptographic signature.
-       </dd>
-       <dt>Verify(zk',bdata,sig) -> valid</dt>
-       <dd>
-         is a function to verify the signature sig was created by
-         the a private key d' derived from d and a label if
-         zk' was derived from the corresponding zone key
-         zk := Public-Keygen(d) and same label.
-         The function returns a boolean value of "TRUE" if the signature is valid,
-         and otherwise "FALSE".
-       </dd>
-     </dl>
-   </section>
   </section>
   <section anchor="rrecords" numbered="true" toc="default">
     <name>Resource Records</name>
@@ -973,8 +963,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
         Nickname records can be used by zone administrators to publish an
         the label that a zone prefers to have used when it is referred to.
         This is a suggestion to other zones what label to use when creating a
-         delegation record (<xref target="zone_types" />) containing this zone's
+         delegation record (<xref target="gnsrecords_delegation" />) containing
-         public zone key.
+         this zone's public zone key.
         This record SHOULD only be stored under the empty label "@" but MAY be
         returned with record sets under any label as a supplemental record.
         <xref target="nick_processing"/> details how a resolver must process
@@ -1056,12 +1046,13 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
     <section anchor="gnsrecords_vpn" numbered="true" toc="default">
       <name>GTS</name>
       <t>
-         The GNUnet Tunnel Record <xref target="GNUnet"/> can
+         The GNUnet Tunnel Service record is used by
-         establish a tunnel between two peers in the peer-to-peer network.
+         applications to establish a tunnel between two peers in the
+         peer-to-peer network (see <xref target="GNUnet"/>).
         In order to facilitate the use of such tunnels, the
-         GTS record allows resolvers to automatically initiate its establishment
+         The GTS record serves as an example to how resolvers may automatically
-         and provide IP address information in the resolution process as
+         initiate tunnel establishment and provide IP address information in the
-         specified in <xref target="resolution"/>.
+         resolution process as specified in <xref target="resolution"/>.
       </t>
       <t>
           A GTS DATA entry wire format is illustrated in 
@@ -1093,7 +1084,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
         </dd>
         <dt>PROTO</dt>
         <dd>
-           the 16-bit protocol number, e.g. 6 for TCP. In network byte order.
+           the 16-bit tunnel protocol number. In network byte order.
+           The possible values are defined by the GNUnet Tunnel Service.
         </dd>
         <dt>SERVICE NAME</dt>
         <dd>
@@ -1216,7 +1208,7 @@ q := SHA512 (HDKD-Public(zk, label))
           the PUBLIC KEY field.
           The signature is created using the Sign() function of
           the cryptosystem of the zone and the derived private key
-           "ZKDF-Private(d, label)" (see <xref target="zone_types" />).
+           "ZKDF-Private(d, label)" (see <xref target="ztype" />).
         </dd>
         <dt>SIZE</dt>
         <dd>
@@ -1505,7 +1497,7 @@ q := SHA512 (HDKD-Public(zk, label))
           which is revoked and corresponds to the key used in the PoW.
           The signature is created using the Sign() function of
           the cryptosystem of the zone and the private zone key
-           (see <xref target="zone_types" />).
+           (see <xref target="ztype" />).
         </dd>
       </dl>
      <t>
@@ -1585,7 +1577,7 @@ q := SHA512 (HDKD-Public(zk, label))
       provided by the client.
       The GNS resolver will use the desired record type to guide
       processing, for example by providing conversion of GTS records to A
-       or AAAA records, if that is desired.
+       or AAAA records.
       However, filtering of record sets according to the required record
       types MUST still be done by the client after the resource record set
@@ -1863,12 +1855,11 @@ example.com = zk2
         <section anchor="vpn_processing" numbered="true" toc="default">
           <name>GTS</name>
           <t>
-       At the end of the recursion,
+             At the end of the recursion,
             if the queried record type is either A or AAAA and the retrieved
             record set contains at least one GTS record, the resolver SHOULD
             open a tunnel and return the IPv4 or IPv6 tunnel address,
             respectively.
-             The type of tunnel depends on the contents of the GTS record data.
             If the implementation does not have the capacity to establish
             a GTS tunnel, for example because it is not connected to the GNUnet
             network, the record set MUST be returned as retrieved from the network.
@@ -2148,7 +2139,7 @@ Number | Name    | Contact | References | Description
 65536  | PKEY    | N/A     | [This.I-D] | GNS zone delegation (PKEY)
 65537  | NICK    | N/A     | [This.I-D] | GNS zone nickname
 65538  | LEHO    | N/A     | [This.I-D] | GNS legacy hostname
-65539  | GTS     | N/A     | [This.I-D] | GTS resolution
+65539  | GTS     | N/A     | [This.I-D] | GTS tunnel metadata
 65540  | GNS2DNS | N/A     | [This.I-D] | Delegation to DNS
 65556  | EDKEY   | N/A     | [This.I-D] | GNS zone delegation (EDKEY)

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 49851ab..0b3f691 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml
@@ -164,9 +164,9 @@
164	being published by its owner for resolution by other parties.	164	being published by its owner for resolution by other parties.
165	Records are grouped by their label, and encrypted using an encryption	165	Records are grouped by their label, and encrypted using an encryption
166	key derived from the label and the zone public key (see <xref target="records_block"/>).	166	key derived from the label and the zone public key (see <xref target="records_block"/>).
167	Instead of the zone private key d, the signature MUST	167	Instead of the zone private key d, a GNS zone MUST support the creation
168	be created using a blinded public/private key pair.	168	of signatures using a blinded public/private key pair.
169	This blinding is realized using a deterministic key	169	This blinding is commonly realized using a deterministic key
170	derivation scheme.	170	derivation scheme.
171	Such a scheme allows the deterministic derivation of keys from	171	Such a scheme allows the deterministic derivation of keys from
172	the original public and private zone keys using record label values.	172	the original public and private zone keys using record label values.
@@ -183,45 +183,88 @@
183	without disclosing the originating zone.	183	without disclosing the originating zone.
184	</t>	184	</t>
185	<t>	185	<t>
186	Based on the above, the following variables are associated with a zone in GNS:	186	Based on the above, the following variables are associated with a zone in
		187	GNS and used in the following throughout this specification.
187	</t>	188	</t>
		189	<section anchor="ztype" numbered="true" toc="default">
		190	<name>Zone Type</name>
		191	<t>
		192	The Zone Type ztype is the unique zone type of the zone as registered
		193	in the GNUnet Assigned Numbers Authority <xref target="GANA" />.
		194	The Zone Type determines which cryptosystem is used for the
		195	asymmetric and symmetric key operations of the zone.
		196	The zone type is identified by a 32-bit number.
		197	It always corresponds to a resource record type number identifying a
		198	delegation into a zone of this type.
		199	</t>
		200	<t>
		201	For any zone, d is the private zone key. zk is the public zone key.
		202	The specific formats depends on the Zone Type.
		203	The default zone delegation record types are specified in
		204	<xref target="rrecords"/>.
		205	New Zone Types may be specified in the future, for example if the
		206	cryptographic mechanisms used in this document are broken.
		207	Any Zone Type MUST define the following set of cryptographic functions:
		208	</t>
188	<dl>	209	<dl>
189	<dt>ztype</dt>	210	<dt>Private-KeyGen() -> d</dt>
190	<dd>	211	<dd>
191	is the unique zone type of the zone as registered in the	212	is a function to generate a fresh private zone key d.
192	GNUnet Assigned Numbers Authority <xref target="GANA" />.
193	The zone type determines which cryptosystem is used for the
194	asymmetric and symmetric key operations of the zone. A 32-bit number.
195	</dd>	213	</dd>
196	<dt>d</dt>	214	<dt>Public-KeyGen(d) -> zk</dt>
197	<dd>	215	<dd>
198	is the private zone key. The specific format depends on the zone type.	216	is a function to derive a public zone key zk from a private key d.
199	</dd>	217	</dd>
200	<dt>zk</dt>	218	<dt>ZKDF-Private(d,label) -> d'</dt>
201	<dd>	219	<dd>
202	is the public zone key. The specific format depends on the zone type.	220	is a zone key derivation function which blinds a private zone key d
		221	using label, resulting in another private key which
		222	can be used to create cryptographic signatures.
203	</dd>	223	</dd>
204	<dt>zid</dt>	224	<dt>ZKDF-Public(zk,label) -> zk'</dt>
205	<dd>	225	<dd>
206	is the zone identifier, a unique public identifier of a zone.	226	is a zone key derivation function which blinds a public zone key zk
207	It consists of the ztype and the public zone key zk.	227	using a label. zk and zk' must be unlinkable. Furthermore,
		228	blinding zk with different values for the label must result
		229	in unlinkable different resulting values for zk'.
208	</dd>	230	</dd>
209	<dt>zkl</dt>	231	<dt>S-Encrypt(zk,label,nonce,expiration,rdata) -> bdata</dt>
210	<dd>	232	<dd>
211	is the zone key label. It is a string representation of the zone identifier.	233	is a deterministic symmetric encryption function which encrypts the record
		234	data rdata based on key material derived from the public zone key,
		235	a label, a nonce and an expiration.
		236	In order to leverage performance-enhancing caching features of certain
		237	underlying storages, in particular DHTs, a deterministic encryption
		238	scheme is recommended.
212	</dd>	239	</dd>
213	<dt>zTLD</dt>	240	<dt>S-Decrypt(zk,label,nonce,expiration,bdata) -> rdata</dt>
214	<dd>	241	<dd>
215	is the Zone Top-Level Domain. It is a string which encodes the zone key	242	is a symmetric encryption function which decrypts the encrypted record
216	label into a domain name.	243	data bdata based on key material derived from the public zone key,
217	The zTLD is used as a globally unique reference to a specific	244	a label, a nonce an expiration.
218	namespace in the process of name resolution.	245	</dd>
		246	<dt>Sign(d',bdata) -> sig</dt>
		247	<dd>
		248	is a function to sign bdata using the (blinded) private key
		249	d', yielding an unforgable cryptographic signature.
		250	</dd>
		251	<dt>Verify(zk',bdata,sig) -> valid</dt>
		252	<dd>
		253	is a function to verify the signature sig was created by
		254	the a private key d' derived from d and a label if
		255	zk' was derived from the corresponding zone key
		256	zk := Public-Keygen(d) and same label.
		257	The function returns a boolean value of "TRUE" if the signature is valid,
		258	and otherwise "FALSE".
219	</dd>	259	</dd>
220	</dl>	260	</dl>
		261	</section>
221	<section anchor="zid" numbered="true" toc="default">	262	<section anchor="zid" numbered="true" toc="default">
222	<name>Zone ID</name>	263	<name>Zone ID</name>
223	<t>	264
224	The Zone ID wire format is illustrated in <xref target="figure_zid"/>.	265	<t>The Zone ID zid is a unique public identifier of a zone.
		266	It consists of the ztype and the public zone key zk.
		267	The wire format is illustrated in <xref target="figure_zid"/>.
225	</t>	268	</t>
226	<figure anchor="figure_zid">	269	<figure anchor="figure_zid">
227	<artwork name="" type="" align="left" alt=""><![CDATA[	270	<artwork name="" type="" align="left" alt=""><![CDATA[
@@ -233,18 +276,27 @@
233	/ /	276	/ /
234	]]></artwork>	277	]]></artwork>
235	</figure>	278	</figure>
236	<t>	279	</section>
237	The zone key label is derived from the zone identifier using the Crockford Base32	280	<section anchor="zTLD" numbered="true" toc="default">
238	encoding <xref target="CrockfordB32"/> but the letter "U" is decoded to	281	<name>Zone Top-Level Domain</name>
239	the same Base32 value as the letter "V" in order to further increase	282
240	tolerance for failures in character recognition.	283	<t>
241	The encoding and decoding symbols for Crockford Base32 including this modification are defined in	284	The zTLD is the Zone Top-Level Domain.
242	<xref target="CrockfordB32Encode"/>.	285	It is a string which encodes the zone key into a domain name.
243	The functions for encoding and decoding based on this table are called	286	The zTLD is used as a globally unique reference to a specific
244	GNSCrockfordEncode and GNSCrockfordDecode, respectively.	287	namespace in the process of name resolution.
245	</t>	288	To encode the zone key, a zone key label zkl is derived from the Zone
246	<figure anchor="CrockfordB32Encode">	289	ID using the Crockford Base32
247	<artwork name="" type="" align="left" alt=""><![CDATA[	290	encoding <xref target="CrockfordB32"/> but the letter "U" is decoded to
		291	the same Base32 value as the letter "V" in order to further increase
		292	tolerance for failures in character recognition.
		293	The encoding and decoding symbols for Crockford Base32 including this modification are defined in
		294	<xref target="CrockfordB32Encode"/>.
		295	The functions for encoding and decoding based on this table are called
		296	GNSCrockfordEncode and GNSCrockfordDecode, respectively.
		297	</t>
		298	<figure anchor="CrockfordB32Encode">
		299	<artwork name="" type="" align="left" alt=""><![CDATA[
248	Symbol Decode Encode	300	Symbol Decode Encode
249	Value Symbol Symbol	301	Value Symbol Symbol
250	0 0 O o 0	302	0 0 O o 0
@@ -280,95 +332,33 @@ Value Symbol Symbol
280	30 Y y Y	332	30 Y y Y
281	31 Z z Z	333	31 Z z Z
282	]]></artwork>	334	]]></artwork>
283	</figure>	335	</figure>
284	<t>	336	<t>
285	The Base32-Crockford Alphabet Including the Additional U Encode Symbol.	337	The Base32-Crockford Alphabet Including the Additional U Encode Symbol.
286	</t>	338	</t>
287	<t>	339	<t>
288	For the string representation of a zone identifier we define:	340	For the string representation of a zone identifier we define:
289	</t>	341	</t>
290	<artwork name="" type="" align="left" alt=""><![CDATA[	342	<artwork name="" type="" align="left" alt=""><![CDATA[
291	zkl := GNSCrockfordEncode(zid)	343	zkl := GNSCrockfordEncode(zid)
292	zid := GNSCrockfordDecode(zkl)	344	zid := GNSCrockfordDecode(zkl)
293	]]></artwork>	345	]]></artwork>
294	<t>	346	<t>
295	If zkl is less than 63 characters, it can directly be	347	If zkl is less than 63 characters, it can directly be
296	used as a zTLD.	348	used as a zTLD.
297	If zkl is be longer than 63 characters, the	349	If zkl is be longer than 63 characters, the
298	zTLD is constructed by dividing zkl into smaller labels separated by the	350	zTLD is constructed by dividing zkl into smaller labels separated by the
299	label separator ".".	351	label separator ".".
300	Here, the most significant bytes of the "zid" must be contained	352	Here, the most significant bytes of the "zid" must be contained
301	in the rightmost label of the resulting string and the least significant	353	in the rightmost label of the resulting string and the least significant
302	bytes in the leftmost label of the resulting string. This allows the	354	bytes in the leftmost label of the resulting string. This allows the
303	resolver to determine the zone type and zkl length from the rightmost label.	355	resolver to determine the zone type and zkl length from the rightmost label.
304	For example, assuming a zkl of 130 characters, the encoding would be:	356	For example, assuming a zkl of 130 characters, the encoding would be:
305	</t>	357	</t>
306	<artwork name="" type="" align="left" alt=""><![CDATA[	358	<artwork name="" type="" align="left" alt=""><![CDATA[
307	zTLD := zkl[126:129].zkl[63:125].zkl[0:62]	359	zTLD := zkl[126:129].zkl[63:125].zkl[0:62]
308	]]></artwork>	360	]]></artwork>
309	</section>	361	</section>
310	<section anchor="zone_types" numbered="true" toc="default">
311	<name>Zone Type</name>
312	<t>
313	The zone type is identified by a 32-bit number. The zone type number
314	always corresponds to a resource record type number identifying a
315	delegation into a zone of this type.
316	Resource record types are discussed in the Section <xref target="rrecords"/>.
317	A zone type defines a family of eight functions:
318	</t>
319	<dl>
320	<dt>Private-KeyGen() -> d</dt>
321	<dd>
322	is a function to generate a fresh private zone key d.
323	</dd>
324	<dt>Public-KeyGen(d) -> zk</dt>
325	<dd>
326	is a function to derive a public zone key zk from a private key d.
327	</dd>
328	<dt>ZKDF-Private(d,label) -> d'</dt>
329	<dd>
330	is a zone key derivation function which blinds a private zone key d
331	using label, resulting in another private key which
332	can be used to create cryptographic signatures.
333	</dd>
334	<dt>ZKDF-Public(zk,label) -> zk'</dt>
335	<dd>
336	is a zone key derivation function which blinds a public zone key zk
337	using a label. zk and zk' must be unlinkable. Furthermore,
338	blinding zk with different values for the label must result
339	in unlinkable different resulting values for zk'.
340	</dd>
341	<dt>S-Encrypt(zk,label,nonce,expiration,rdata) -> bdata</dt>
342	<dd>
343	is a deterministic symmetric encryption function which encrypts the record
344	data rdata based on key material derived from the public zone key,
345	a label, a nonce and an expiration.
346	In order to leverage performance-enhancing caching features of certain
347	underlying storages, in particular DHTs, a deterministic encryption
348	scheme is recommended.
349	</dd>
350	<dt>S-Decrypt(zk,label,nonce,expiration,bdata) -> rdata</dt>
351	<dd>
352	is a symmetric encryption function which decrypts the encrypted record
353	data bdata based on key material derived from the public zone key,
354	a label, a nonce an expiration.
355	</dd>
356	<dt>Sign(d',bdata) -> sig</dt>
357	<dd>
358	is a function to sign bdata using the (blinded) private key
359	d', yielding an unforgable cryptographic signature.
360	</dd>
361	<dt>Verify(zk',bdata,sig) -> valid</dt>
362	<dd>
363	is a function to verify the signature sig was created by
364	the a private key d' derived from d and a label if
365	zk' was derived from the corresponding zone key
366	zk := Public-Keygen(d) and same label.
367	The function returns a boolean value of "TRUE" if the signature is valid,
368	and otherwise "FALSE".
369	</dd>
370	</dl>
371	</section>
372	</section>	362	</section>
373	<section anchor="rrecords" numbered="true" toc="default">	363	<section anchor="rrecords" numbered="true" toc="default">
374	<name>Resource Records</name>	364	<name>Resource Records</name>
@@ -973,8 +963,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
973	Nickname records can be used by zone administrators to publish an	963	Nickname records can be used by zone administrators to publish an
974	the label that a zone prefers to have used when it is referred to.	964	the label that a zone prefers to have used when it is referred to.
975	This is a suggestion to other zones what label to use when creating a	965	This is a suggestion to other zones what label to use when creating a
976	delegation record (<xref target="zone_types" />) containing this zone's	966	delegation record (<xref target="gnsrecords_delegation" />) containing
977	public zone key.	967	this zone's public zone key.
978	This record SHOULD only be stored under the empty label "@" but MAY be	968	This record SHOULD only be stored under the empty label "@" but MAY be
979	returned with record sets under any label as a supplemental record.	969	returned with record sets under any label as a supplemental record.
980	<xref target="nick_processing"/> details how a resolver must process	970	<xref target="nick_processing"/> details how a resolver must process
@@ -1056,12 +1046,13 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
1056	<section anchor="gnsrecords_vpn" numbered="true" toc="default">	1046	<section anchor="gnsrecords_vpn" numbered="true" toc="default">
1057	<name>GTS</name>	1047	<name>GTS</name>
1058	<t>	1048	<t>
1059	The GNUnet Tunnel Record <xref target="GNUnet"/> can	1049	The GNUnet Tunnel Service record is used by
1060	establish a tunnel between two peers in the peer-to-peer network.	1050	applications to establish a tunnel between two peers in the
		1051	peer-to-peer network (see <xref target="GNUnet"/>).
1061	In order to facilitate the use of such tunnels, the	1052	In order to facilitate the use of such tunnels, the
1062	GTS record allows resolvers to automatically initiate its establishment	1053	The GTS record serves as an example to how resolvers may automatically
1063	and provide IP address information in the resolution process as	1054	initiate tunnel establishment and provide IP address information in the
1064	specified in <xref target="resolution"/>.	1055	resolution process as specified in <xref target="resolution"/>.
1065	</t>	1056	</t>
1066	<t>	1057	<t>
1067	A GTS DATA entry wire format is illustrated in	1058	A GTS DATA entry wire format is illustrated in
@@ -1093,7 +1084,8 @@ NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
1093	</dd>	1084	</dd>
1094	<dt>PROTO</dt>	1085	<dt>PROTO</dt>
1095	<dd>	1086	<dd>
1096	the 16-bit protocol number, e.g. 6 for TCP. In network byte order.	1087	the 16-bit tunnel protocol number. In network byte order.
		1088	The possible values are defined by the GNUnet Tunnel Service.
1097	</dd>	1089	</dd>
1098	<dt>SERVICE NAME</dt>	1090	<dt>SERVICE NAME</dt>
1099	<dd>	1091	<dd>
@@ -1216,7 +1208,7 @@ q := SHA512 (HDKD-Public(zk, label))
1216	the PUBLIC KEY field.	1208	the PUBLIC KEY field.
1217	The signature is created using the Sign() function of	1209	The signature is created using the Sign() function of
1218	the cryptosystem of the zone and the derived private key	1210	the cryptosystem of the zone and the derived private key
1219	"ZKDF-Private(d, label)" (see <xref target="zone_types" />).	1211	"ZKDF-Private(d, label)" (see <xref target="ztype" />).
1220	</dd>	1212	</dd>
1221	<dt>SIZE</dt>	1213	<dt>SIZE</dt>
1222	<dd>	1214	<dd>
@@ -1505,7 +1497,7 @@ q := SHA512 (HDKD-Public(zk, label))
1505	which is revoked and corresponds to the key used in the PoW.	1497	which is revoked and corresponds to the key used in the PoW.
1506	The signature is created using the Sign() function of	1498	The signature is created using the Sign() function of
1507	the cryptosystem of the zone and the private zone key	1499	the cryptosystem of the zone and the private zone key
1508	(see <xref target="zone_types" />).	1500	(see <xref target="ztype" />).
1509	</dd>	1501	</dd>
1510	</dl>	1502	</dl>
1511	<t>	1503	<t>
@@ -1585,7 +1577,7 @@ q := SHA512 (HDKD-Public(zk, label))
1585	provided by the client.	1577	provided by the client.
1586	The GNS resolver will use the desired record type to guide	1578	The GNS resolver will use the desired record type to guide
1587	processing, for example by providing conversion of GTS records to A	1579	processing, for example by providing conversion of GTS records to A
1588	or AAAA records, if that is desired.	1580	or AAAA records.
1589		1581
1590	However, filtering of record sets according to the required record	1582	However, filtering of record sets according to the required record
1591	types MUST still be done by the client after the resource record set	1583	types MUST still be done by the client after the resource record set
@@ -1863,12 +1855,11 @@ example.com = zk2
1863	<section anchor="vpn_processing" numbered="true" toc="default">	1855	<section anchor="vpn_processing" numbered="true" toc="default">
1864	<name>GTS</name>	1856	<name>GTS</name>
1865	<t>	1857	<t>
1866	At the end of the recursion,	1858	At the end of the recursion,
1867	if the queried record type is either A or AAAA and the retrieved	1859	if the queried record type is either A or AAAA and the retrieved
1868	record set contains at least one GTS record, the resolver SHOULD	1860	record set contains at least one GTS record, the resolver SHOULD
1869	open a tunnel and return the IPv4 or IPv6 tunnel address,	1861	open a tunnel and return the IPv4 or IPv6 tunnel address,
1870	respectively.	1862	respectively.
1871	The type of tunnel depends on the contents of the GTS record data.
1872	If the implementation does not have the capacity to establish	1863	If the implementation does not have the capacity to establish
1873	a GTS tunnel, for example because it is not connected to the GNUnet	1864	a GTS tunnel, for example because it is not connected to the GNUnet
1874	network, the record set MUST be returned as retrieved from the network.	1865	network, the record set MUST be returned as retrieved from the network.
@@ -2148,7 +2139,7 @@ Number \| Name \| Contact \| References \| Description
2148	65536 \| PKEY \| N/A \| [This.I-D] \| GNS zone delegation (PKEY)	2139	65536 \| PKEY \| N/A \| [This.I-D] \| GNS zone delegation (PKEY)
2149	65537 \| NICK \| N/A \| [This.I-D] \| GNS zone nickname	2140	65537 \| NICK \| N/A \| [This.I-D] \| GNS zone nickname
2150	65538 \| LEHO \| N/A \| [This.I-D] \| GNS legacy hostname	2141	65538 \| LEHO \| N/A \| [This.I-D] \| GNS legacy hostname
2151	65539 \| GTS \| N/A \| [This.I-D] \| GTS resolution	2142	65539 \| GTS \| N/A \| [This.I-D] \| GTS tunnel metadata
2152	65540 \| GNS2DNS \| N/A \| [This.I-D] \| Delegation to DNS	2143	65540 \| GNS2DNS \| N/A \| [This.I-D] \| Delegation to DNS
2153	65556 \| EDKEY \| N/A \| [This.I-D] \| GNS zone delegation (EDKEY)	2144	65556 \| EDKEY \| N/A \| [This.I-D] \| GNS zone delegation (EDKEY)
2154		2145