[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [lsd0001] branch master updated: continue spec
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [lsd0001] branch master updated: continue spec |
|
Date: |
Sat, 05 Oct 2019 10:39:03 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new 50248ef continue spec
50248ef is described below
commit 50248ef20609e793355f92cd76d25f381803a72e
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Sat Oct 5 10:36:52 2019 +0200
continue spec
---
draft-schanzen-gns.html | 110 ++++++++++++++++-------
draft-schanzen-gns.txt | 234 ++++++++++++++++++++++++------------------------
draft-schanzen-gns.xml | 27 +++++-
3 files changed, 219 insertions(+), 152 deletions(-)
diff --git a/draft-schanzen-gns.html b/draft-schanzen-gns.html
index ca80214..d8e173a 100644
--- a/draft-schanzen-gns.html
+++ b/draft-schanzen-gns.html
@@ -1113,6 +1113,14 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
</li>
<li class="toc ulEmpty" id="section-boilerplate.3-1.6">
<p id="section-boilerplate.3-1.6.1"><a href="#section-6"
class="xref">6</a>. <a href="#name-record-resolution" class="xref">Record
Resolution</a><a href="#section-boilerplate.3-1.6.1" class="pilcrow">¶</a></p>
+<ul class="toc ulEmpty">
+<li class="toc ulEmpty" id="section-boilerplate.3-1.6.2.1">
+ <p id="section-boilerplate.3-1.6.2.1.1"><a href="#section-6.1"
class="xref">6.1</a>. <a href="#name-entry-zone" class="xref">Entry Zone</a><a
href="#section-boilerplate.3-1.6.2.1.1" class="pilcrow">¶</a></p>
+</li>
+ <li class="toc ulEmpty" id="section-boilerplate.3-1.6.2.2">
+ <p id="section-boilerplate.3-1.6.2.2.1"><a href="#section-6.2"
class="xref">6.2</a>. <a href="#name-recursive-resolution"
class="xref">Recursive Resolution</a><a href="#section-boilerplate.3-1.6.2.2.1"
class="pilcrow">¶</a></p>
+</li>
+ </ul>
</li>
<li class="toc ulEmpty" id="section-boilerplate.3-1.7">
<p id="section-boilerplate.3-1.7.1"><a href="#section-7"
class="xref">7</a>. <a href="#name-namespace-revocation"
class="xref">Namespace Revocation</a><a href="#section-boilerplate.3-1.7.1"
class="pilcrow">¶</a></p>
@@ -1232,11 +1240,18 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
<a href="#section-3" class="section-number selfRef">3. </a><a
href="#name-resource-records" class="section-name selfRef">Resource records</a>
</h2>
<p id="section-3-1">
+ A GNS implementor MUST provide a mechanism to create and manage resource
+ records for local zones. A local zone is established by creating a zone
+ key pair. Records may be added to each zone, hence a (local) persistency
+ mechanism for resource records and zones must be provided.
+ This local zone database is used by the GNS resolver implementation
+ and to publish record information.<a href="#section-3-1"
class="pilcrow">¶</a></p>
+<p id="section-3-2">
A GNS resource record holds the data of a specific record in a zone.
- The resource record format is defined as follows:<a href="#section-3-1"
class="pilcrow">¶</a></p>
+ The resource record format is defined as follows:<a href="#section-3-2"
class="pilcrow">¶</a></p>
<div id="figure_gnsrecord">
<figure id="figure-1">
- <div class="artwork art-text alignLeft" id="section-3-2.1">
+ <div class="artwork art-text alignLeft" id="section-3-3.1">
<pre>
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -1252,47 +1267,47 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
</div>
<figcaption><a href="#figure-1" class="selfRef">Figure
1</a></figcaption></figure>
</div>
-<p id="section-3-3">where:<a href="#section-3-3" class="pilcrow">¶</a></p>
-<dl class="dlParallel" id="section-3-4">
- <dt id="section-3-4.1">EXPIRATION</dt>
- <dd id="section-3-4.2">
+<p id="section-3-4">where:<a href="#section-3-4" class="pilcrow">¶</a></p>
+<dl class="dlParallel" id="section-3-5">
+ <dt id="section-3-5.1">EXPIRATION</dt>
+ <dd id="section-3-5.2">
denotes the absolute 64-bit expiration date of the record.
In microseconds since midnight (0 hour), January 1, 1970 in network
- byte order.<a href="#section-3-4.2" class="pilcrow">¶</a>
+ byte order.<a href="#section-3-5.2" class="pilcrow">¶</a>
</dd>
- <dt id="section-3-4.3">DATA SIZE</dt>
- <dd id="section-3-4.4">
+ <dt id="section-3-5.3">DATA SIZE</dt>
+ <dd id="section-3-5.4">
denotes the 32-bit size of the DATA field in bytes and in network byte
- order.<a href="#section-3-4.4" class="pilcrow">¶</a>
+ order.<a href="#section-3-5.4" class="pilcrow">¶</a>
</dd>
- <dt id="section-3-4.5">TYPE</dt>
- <dd id="section-3-4.6">
+ <dt id="section-3-5.5">TYPE</dt>
+ <dd id="section-3-5.6">
is the 32-bit resource record type. This type can be one of the GNS
resource
records as defined in <a href="#rrecords" class="xref">Section 3</a>
or a DNS record
type as defined in <span>[<a href="#RFC1035"
class="xref">RFC1035</a>]</span> or any of the
complementary standardized DNS resource record types. This value must
be
stored in network byte order. Note that values
- below 2^16 are reserved for allocation via IANA (<span>[<a
href="#RFC6895" class="xref">RFC6895</a>]</span>).<a href="#section-3-4.6"
class="pilcrow">¶</a>
+ below 2^16 are reserved for allocation via IANA (<span>[<a
href="#RFC6895" class="xref">RFC6895</a>]</span>).<a href="#section-3-5.6"
class="pilcrow">¶</a>
</dd>
- <dt id="section-3-4.7">FLAGS</dt>
- <dd id="section-3-4.8">
- is a 32-bit resource record flags field (see below).<a
href="#section-3-4.8" class="pilcrow">¶</a>
+ <dt id="section-3-5.7">FLAGS</dt>
+ <dd id="section-3-5.8">
+ is a 32-bit resource record flags field (see below).<a
href="#section-3-5.8" class="pilcrow">¶</a>
</dd>
- <dt id="section-3-4.9">DATA</dt>
- <dd id="section-3-4.10">
+ <dt id="section-3-5.9">DATA</dt>
+ <dd id="section-3-5.10">
the variable-length resource record data payload. The contents are
defined
by the
- respective type of the resource record.<a href="#section-3-4.10"
class="pilcrow">¶</a>
+ respective type of the resource record.<a href="#section-3-5.10"
class="pilcrow">¶</a>
</dd>
</dl>
-<p id="section-3-5">
+<p id="section-3-6">
Flags indicate metadata surrounding the resource record. A flag
value of 0 indicates that all flags are unset. The following
illustrates the flag distribution in the 32-bit flag value of a
- resource record:<a href="#section-3-5" class="pilcrow">¶</a></p>
+ resource record:<a href="#section-3-6" class="pilcrow">¶</a></p>
<div id="figure_flag">
<figure id="figure-2">
- <div class="artwork art-text alignLeft" id="section-3-6.1">
+ <div class="artwork art-text alignLeft" id="section-3-7.1">
<pre>
... 5 4 3 2 1 0
------+--------+--------+--------+--------+--------+
@@ -1302,31 +1317,31 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
</div>
<figcaption><a href="#figure-2" class="selfRef">Figure
2</a></figcaption></figure>
</div>
-<p id="section-3-7">
- where:<a href="#section-3-7" class="pilcrow">¶</a></p>
-<dl class="dlParallel" id="section-3-8">
- <dt id="section-3-8.1">SHADOW</dt>
- <dd id="section-3-8.2">
+<p id="section-3-8">
+ where:<a href="#section-3-8" class="pilcrow">¶</a></p>
+<dl class="dlParallel" id="section-3-9">
+ <dt id="section-3-9.1">SHADOW</dt>
+ <dd id="section-3-9.2">
If this flag is set, this record should be ignored by resolvers
unless all (other)
records of the same record type have expired. Used to allow zone
publishers to
facilitate good performance when records change by allowing them to
put future
values of records into the DHT. This way, future values can propagate
and may be
- cached before the transition becomes active.<a href="#section-3-8.2"
class="pilcrow">¶</a>
+ cached before the transition becomes active.<a href="#section-3-9.2"
class="pilcrow">¶</a>
</dd>
- <dt id="section-3-8.3">EXPREL</dt>
- <dd id="section-3-8.4">
+ <dt id="section-3-9.3">EXPREL</dt>
+ <dd id="section-3-9.4">
The expiration time value of the record is a relative time (still in
microseconds)
and not an absolute time. This flag should never be encountered by a
resolver
for records obtained from the DHT, but might be present when a
resolver looks up
- private records of a zone hosted locally.<a href="#section-3-8.4"
class="pilcrow">¶</a>
+ private records of a zone hosted locally.<a href="#section-3-9.4"
class="pilcrow">¶</a>
</dd>
- <dt id="section-3-8.5">PRIVATE</dt>
- <dd id="section-3-8.6">
+ <dt id="section-3-9.5">PRIVATE</dt>
+ <dd id="section-3-9.6">
This is a private record of this peer and it should thus not be
published in the DHT. Thus, this flag should never be encountered by
a resolver for records obtained from the DHT.
Private records should still be considered just like
- regular records when resolving labels in local zones.<a
href="#section-3-8.6" class="pilcrow">¶</a>
+ regular records when resolving labels in local zones.<a
href="#section-3-9.6" class="pilcrow">¶</a>
</dd>
</dl>
<div id="gnsrecords_pkey">
@@ -1586,6 +1601,9 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
block in the DHT.
The contained resource records are encrypted using a symmetric
encryption scheme.
+ A GNS implementation must publish resource record blocks in accordance
+ to the properties and recommendations of the underlying DHT. This may
+ include a periodic refresh publication.
A GNS resource records block has the following format:<a
href="#section-4.2-1" class="pilcrow">¶</a></p>
<div id="figure_record_block">
<figure id="figure-7">
@@ -1837,6 +1855,30 @@ async function addMetadata(){try{const
e=document.styleSheets[0].cssRules;for(le
</h2>
<p id="section-6-1">
TODO<a href="#section-6-1" class="pilcrow">¶</a></p>
+<div id="entry_zone">
+<section id="section-6.1">
+ <h3 id="name-entry-zone">
+<a href="#section-6.1" class="section-number selfRef">6.1. </a><a
href="#name-entry-zone" class="section-name selfRef">Entry Zone</a>
+ </h3>
+<p id="section-6.1-1">
+ There are three sources from which the entry zone can be
determined:<a href="#section-6.1-1" class="pilcrow">¶</a></p>
+<ul>
+<li id="section-6.1-2.1">Local zone store<a href="#section-6.1-2.1"
class="pilcrow">¶</a>
+</li>
+ <li id="section-6.1-2.2">External prefix to zone key mappings<a
href="#section-6.1-2.2" class="pilcrow">¶</a>
+</li>
+ <li id="section-6.1-2.3">Zone key TLD<a href="#section-6.1-2.3"
class="pilcrow">¶</a>
+</li>
+ </ul>
+</section>
+</div>
+<div id="recursion">
+<section id="section-6.2">
+ <h3 id="name-recursive-resolution">
+<a href="#section-6.2" class="section-number selfRef">6.2. </a><a
href="#name-recursive-resolution" class="section-name selfRef">Recursive
Resolution</a>
+ </h3>
+</section>
+</div>
</section>
</div>
<div id="revocation">
diff --git a/draft-schanzen-gns.txt b/draft-schanzen-gns.txt
index 46241a9..b44d435 100644
--- a/draft-schanzen-gns.txt
+++ b/draft-schanzen-gns.txt
@@ -62,9 +62,9 @@ Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
- 3. Resource records . . . . . . . . . . . . . . . . . . . . . . 3
+ 3. Resource records . . . . . . . . . . . . . . . . . . . . . . 4
3.1. PKEY . . . . . . . . . . . . . . . . . . . . . . . . . . 5
- 3.2. GNS2DNS . . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3.2. GNS2DNS . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.3. LEHO . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.4. BOX . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4. Publishing records . . . . . . . . . . . . . . . . . . . . . 8
@@ -73,12 +73,14 @@ Table of Contents
4.3. Block data encryption and decryption . . . . . . . . . . 10
5. Internationalization and Character Encoding . . . . . . . . . 13
6. Record Resolution . . . . . . . . . . . . . . . . . . . . . . 13
+ 6.1. Entry Zone . . . . . . . . . . . . . . . . . . . . . . . 13
+ 6.2. Recursive Resolution . . . . . . . . . . . . . . . . . . 13
7. Namespace Revocation . . . . . . . . . . . . . . . . . . . . 13
8. Security Considerations . . . . . . . . . . . . . . . . . . . 13
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
10. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . 13
- 11. Normative References . . . . . . . . . . . . . . . . . . . . 15
- Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
+ 11. Normative References . . . . . . . . . . . . . . . . . . . . 16
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction
@@ -104,8 +106,6 @@ Table of Contents
This document contains the GNU Name System (GNS) technical
specification of the GNU Name System (GNS), a fully decentralized and
- censorship-resistant name system. GNS provides a privacy-enhancing
- alternative to the Domain Name System (DNS). The design of GNS
@@ -114,6 +114,8 @@ Schanzenbach, et al. Expires 24 January 2020
[Page 2]
Internet-Draft The GNU Name System July 2019
+ censorship-resistant name system. GNS provides a privacy-enhancing
+ alternative to the Domain Name System (DNS). The design of GNS
incorporates the capability to integrate and coexist with DNS. GNS
is based on the principle of a petname system and builds on ideas
from the Simple Distributed Security Infrastructure (SDSI),
@@ -156,10 +158,8 @@ Internet-Draft The GNU Name System
July 2019
the elliptic curve. The public key is used to uniquely identify a
GNS zone and is referred to as the "zone key".
-3. Resource records
- A GNS resource record holds the data of a specific record in a zone.
- The resource record format is defined as follows:
+
@@ -170,6 +170,18 @@ Schanzenbach, et al. Expires 24 January 2020
[Page 3]
Internet-Draft The GNU Name System July 2019
+3. Resource records
+
+ A GNS implementor MUST provide a mechanism to create and manage
+ resource records for local zones. A local zone is established by
+ creating a zone key pair. Records may be added to each zone, hence a
+ (local) persistency mechanism for resource records and zones must be
+ provided. This local zone database is used by the GNS resolver
+ implementation and to publish record information.
+
+ A GNS resource record holds the data of a specific record in a zone.
+ The resource record format is defined as follows:
+
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
| EXPIRATION |
@@ -206,6 +218,14 @@ Internet-Draft The GNU Name System
July 2019
Flags indicate metadata surrounding the resource record. A flag
value of 0 indicates that all flags are unset. The following
+
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 4]
+�
+Internet-Draft The GNU Name System July 2019
+
+
illustrates the flag distribution in the 32-bit flag value of a
resource record:
@@ -218,14 +238,6 @@ Internet-Draft The GNU Name System
July 2019
where:
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 4]
-�
-Internet-Draft The GNU Name System July 2019
-
-
SHADOW If this flag is set, this record should be ignored by
resolvers unless all (other) records of the same record type have
expired. Used to allow zone publishers to facilitate good
@@ -263,6 +275,13 @@ Internet-Draft The GNU Name System
July 2019
Figure 3
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 5]
+�
+Internet-Draft The GNU Name System July 2019
+
+
3.2. GNS2DNS
It is possible to delegate a label back into DNS through a GNS2DNS
@@ -274,14 +293,6 @@ Internet-Draft The GNU Name System
July 2019
addresses, allowing the resolver to skip this step. The DNS server
names may themselves be names in GNS or DNS. If the DNS server name
ends in ".+", the rest of the name is to be interpreted relative to
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 5]
-�
-Internet-Draft The GNU Name System July 2019
-
-
the zone of the GNS2DNS record. Then, the DNS name from the GNS2DNS
record is appended to the remainder of the name to be resolved, and
resolved by querying the name server(s). Multiple GNS2DNS records
@@ -316,6 +327,17 @@ Internet-Draft The GNU Name System
July 2019
single resource record with an IPv4 or IPv6 address. A LEHO DATA
entry has the following format:
+
+
+
+
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 6]
+�
+Internet-Draft The GNU Name System July 2019
+
+
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
| LEGACY HOSTNAME |
@@ -330,14 +352,6 @@ Internet-Draft The GNU Name System
July 2019
(e.g. "Host:" header) it must be converted to a punycode
representation [RFC3492].
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 6]
-�
-Internet-Draft The GNU Name System July 2019
-
-
3.4. BOX
In GNS, every "." in a name delegates to another zone, and GNS
@@ -371,20 +385,6 @@ Internet-Draft The GNU Name System
July 2019
PROTO the 16-bit protocol number, e.g. 6 for tcp. In network byte
order.
- SVC the 16-bit service value of the boxed record, i.e. the port
- number. In network byte order.
-
- TYPE is the 32-bit record type of the boxed record. In network byte
- order.
-
- RECORD DATA is a variable length field containing the "DATA" format
- of TYPE as defined for the respective TYPE in DNS.
-
-
-
-
-
-
@@ -394,6 +394,15 @@ Schanzenbach, et al. Expires 24 January 2020
[Page 7]
Internet-Draft The GNU Name System July 2019
+ SVC the 16-bit service value of the boxed record, i.e. the port
+ number. In network byte order.
+
+ TYPE is the 32-bit record type of the boxed record. In network byte
+ order.
+
+ RECORD DATA is a variable length field containing the "DATA" format
+ of TYPE as defined for the respective TYPE in DNS.
+
4. Publishing records
GNS resource records are published in a distributed hash table (DHT).
@@ -434,15 +443,6 @@ Internet-Draft The GNU Name System
July 2019
zk_h is a 256-bit public key derived from the zone key "zk" using
the keying material "h".
- L is the prime-order subgroup as defined in Section 2.
-
- q Is the 512-bit DHT key under which the resource records block is
- published. It is the SHA512 hash over the public key "zk_h"
- corresponding to the derived private key "d_h".
-
- We point out that the multiplication of "zk" with "h" is a point
-
-
Schanzenbach, et al. Expires 24 January 2020 [Page 8]
@@ -450,6 +450,13 @@ Schanzenbach, et al. Expires 24 January 2020
[Page 8]
Internet-Draft The GNU Name System July 2019
+ L is the prime-order subgroup as defined in Section 2.
+
+ q Is the 512-bit DHT key under which the resource records block is
+ published. It is the SHA512 hash over the public key "zk_h"
+ corresponding to the derived private key "d_h".
+
+ We point out that the multiplication of "zk" with "h" is a point
multiplication, while the multiplication of "d" with "h" is a scalar
multiplication.
@@ -457,8 +464,11 @@ Internet-Draft The GNU Name System
July 2019
GNS records are grouped by their labels and published as a single
block in the DHT. The contained resource records are encrypted using
- a symmetric encryption scheme. A GNS resource records block has the
- following format:
+ a symmetric encryption scheme. A GNS implementation must publish
+ resource record blocks in accordance to the properties and
+ recommendations of the underlying DHT. This may include a periodic
+ refresh publication. A GNS resource records block has the following
+ format:
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -489,6 +499,13 @@ Internet-Draft The GNU Name System
July 2019
where:
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 9]
+�
+Internet-Draft The GNU Name System July 2019
+
+
SIGNATURE A 512-bit ECDSA deterministic signature compliant with
[RFC6979]. The signature is computed over the data following the
PUBLIC KEY field. The signature is created using the derived
@@ -498,14 +515,6 @@ Internet-Draft The GNU Name System
July 2019
SIGNATURE. The wire format of this value is defined in [RFC8032],
Section 5.1.5.
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 9]
-�
-Internet-Draft The GNU Name System July 2019
-
-
SIZE A 32-bit value containing the length of the signed data
following the PUBLIC KEY field in network byte order. This value
always includes the length of the fields SIZE (4), PURPOSE (4) and
@@ -547,15 +556,6 @@ Internet-Draft The GNU Name System
July 2019
-
-
-
-
-
-
-
-
-
Schanzenbach, et al. Expires 24 January 2020 [Page 10]
�
@@ -694,6 +694,18 @@ Internet-Draft The GNU Name System
July 2019
TODO
+6.1. Entry Zone
+
+ There are three sources from which the entry zone can be determined:
+
+ * Local zone store
+
+ * External prefix to zone key mappings
+
+ * Zone key TLD
+
+6.2. Recursive Resolution
+
7. Namespace Revocation
TODO
@@ -711,6 +723,13 @@ Internet-Draft The GNU Name System
July 2019
The following represents a test vector for a record of type MX with a
priority of 10 and the mail hostname mail.example.com.
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 13]
+�
+Internet-Draft The GNU Name System July 2019
+
+
label := "mail"
d :=
@@ -722,14 +741,6 @@ Internet-Draft The GNU Name System
July 2019
zk (public zone key) :=
dff911496d025d7e
0885c03d19153e99
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 13]
-�
-Internet-Draft The GNU Name System July 2019
-
-
4f213f23ea719eca
17fc32dc410e082e
@@ -767,6 +778,14 @@ Internet-Draft The GNU Name System
July 2019
AES_IV :=
a808b929bc9fad7a
+
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 14]
+�
+Internet-Draft The GNU Name System July 2019
+
+
686bbe3432bed77a
TWOFISH_KEY :=
@@ -779,13 +798,6 @@ Internet-Draft The GNU Name System
July 2019
071be189a9d236f9
b4a3654bb8c281d4
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 14]
-�
-Internet-Draft The GNU Name System July 2019
-
-
RDATA :=
0000000100059412 RR COUNT | EXPIRA-
09ddea0f00000014 -TION | DATA SIZE (20)
@@ -823,6 +835,13 @@ Internet-Draft The GNU Name System
July 2019
001fd19a6406a721
713f0a0d
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 15]
+�
+Internet-Draft The GNU Name System July 2019
+
+
11. Normative References
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
@@ -833,15 +852,6 @@ Internet-Draft The GNU Name System
July 2019
specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
November 1987, <https://www.rfc-editor.org/info/rfc1035>.
-
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 15]
-�
-Internet-Draft The GNU Name System July 2019
-
-
[RFC3492] Costello, A., "Punycode: A Bootstring encoding of Unicode
for Internationalized Domain Names in Applications
(IDNA)", RFC 3492, DOI 10.17487/RFC3492, March 2003,
@@ -880,6 +890,14 @@ Internet-Draft The GNU Name System
July 2019
for Security", RFC 7748, DOI 10.17487/RFC7748, January
2016, <https://www.rfc-editor.org/info/rfc7748>.
+
+
+
+Schanzenbach, et al. Expires 24 January 2020 [Page 16]
+�
+Internet-Draft The GNU Name System July 2019
+
+
[RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital
Signature Algorithm (EdDSA)", RFC 8032,
DOI 10.17487/RFC8032, January 2017,
@@ -890,14 +908,6 @@ Internet-Draft The GNU Name System
July 2019
Authors' Addresses
-
-
-
-Schanzenbach, et al. Expires 24 January 2020 [Page 16]
-�
-Internet-Draft The GNU Name System July 2019
-
-
Martin Schanzenbach
GNUnet e.V.
Boltzmannstrasse 3
@@ -933,16 +943,6 @@ Internet-Draft The GNU Name System
July 2019
-
-
-
-
-
-
-
-
-
-
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 500ae5d..edf77f6 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -152,10 +152,17 @@
as the "zone key".
</dd>
</dl>
-
</section>
<section anchor="rrecords" numbered="true" toc="default">
<name>Resource records</name>
+ <t>
+ A GNS implementor MUST provide a mechanism to create and manage resource
+ records for local zones. A local zone is established by creating a zone
+ key pair. Records may be added to each zone, hence a (local) persistency
+ mechanism for resource records and zones must be provided.
+ This local zone database is used by the GNS resolver implementation
+ and to publish record information.
+ </t>
<t>
A GNS resource record holds the data of a specific record in a zone.
The resource record format is defined as follows:
@@ -473,6 +480,9 @@
block in the DHT.
The contained resource records are encrypted using a symmetric
encryption scheme.
+ A GNS implementation must publish resource record blocks in accordance
+ to the properties and recommendations of the underlying DHT. This may
+ include a periodic refresh publication.
A GNS resource records block has the following format:
</t>
<figure anchor="figure_record_block">
@@ -713,6 +723,21 @@
<t>
TODO
</t>
+ <section anchor="entry_zone" numbered="true" toc="default">
+ <name>Entry Zone</name>
+ <t>
+ There are three sources from which the entry zone can be determined:
+ </t>
+ <ul>
+ <li>Local zone store</li>
+ <li>External prefix to zone key mappings</li>
+ <li>Zone key TLD</li>
+ </ul>
+ </section>
+ <section anchor="recursion" numbered="true" toc="default">
+ <name>Recursive Resolution</name>
+ </section>
+
</section>
<section anchor="revocation" numbered="true" toc="default">
<name>Namespace Revocation</name>
--
To stop receiving notification emails like this one, please contact
address@hidden.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [lsd0001] branch master updated: continue spec,
gnunet <=