[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated (7b79c73 -> 9b1b246)
From: |
gnunet |
Subject: |
[lsd0001] branch master updated (7b79c73 -> 9b1b246) |
Date: |
Sat, 05 Feb 2022 23:40:57 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a change to branch master
in repository lsd0001.
from 7b79c73 minor
new a6c0867 avoid normative language
new 9b1b246 attempt to fix confusion around empty labels; needs review
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
draft-schanzen-gns.xml | 30 ++++++++++++++++++------------
1 file changed, 18 insertions(+), 12 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 255a5cb..8345eee 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -8,6 +8,7 @@
<!ENTITY RFC3629 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.3629.xml">
<!ENTITY RFC3686 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.3686.xml">
<!ENTITY RFC3826 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.3826.xml">
+<!ENTITY RFC4033 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.4033.xml">
<!--<!ENTITY RFC3912 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml">-->
<!ENTITY RFC5869 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.5869.xml">
<!ENTITY RFC5890 PUBLIC ''
"http://xml.resource.org/public/rfc/bibxml/reference.RFC.5890.xml">
@@ -192,6 +193,12 @@
UTF-8 characters <xref target="RFC8499"/> with a maximum length of
63 bytes. Labels MUST be canonicalized using
Normalization Form C (NFC) <xref target="Unicode-UAX15"/>.
+ The empty label is represented using the character "@" (without
+ quotes).
+ The empty label is used to publish resource
+ records in a zone that can be resolved without providing a specific
+ label. It is the GNS method provide what is the "zone apex" in DNS
+ <xref target="RFC4033"/>.
</dd>
<dt>Name</dt>
<dd>
@@ -214,7 +221,7 @@
<dd>
A GNS zone contains authoritative information (resource records).
A zone is uniquely identified by its zone key. Unlike DNS zones,
- a GNS zone does not need to have a SOA record at its apex.
+ a GNS zone does not need to have a SOA record under the empty label.
</dd>
<dt>Zone Type</dt>
<dd>
@@ -893,8 +900,7 @@ zTLD := zkl[126..129].zkl[63..125].zkl[0..62]
determined to be cryptographically insecure, or if an application has
reasons to not support delegation to DNS for reasons such as complexity
or security. Zone delegation records MUST NOT be stored and published
- under the empty label.
- <!-- FIXME: Empty label and apex label are not well defined -->
+ under the empty label.
A zone delegation record type value is the same as the respective ztype
value.
The ztype defines the cryptographic primitives for the zone that is
@@ -1921,7 +1927,7 @@ example.com = zk2
In each step of the recursive name resolution, there is an
authoritative zone zk and a name to resolve. The name may be empty.
Initially, the authoritative zone is the start zone. If the name
- is empty, it is interpreted as the apex label "@".
+ is empty, it is interpreted as the empty label "@".
</t>
<t>
From here, the following steps are recursively executed, in order:
@@ -2079,7 +2085,7 @@ example.com = zk2
and provide a consistent security profile for all name
resolutions.
Such resolvers would return an empty record set upon encountering
a GNS2DNS record during the recursion. However, if GNS2DNS records
- are encountered in the record set for the apex and a GNS2DNS
record
+ are encountered in the record set for the empty label and a
GNS2DNS record
is explicitly requested by the application, such records MUST
still be returned, even if DNS support is disabled by the
GNS resolver configuration.
@@ -2109,7 +2115,7 @@ example.com = zk2
Implementations MAY support any subset of ztypes.
Handling of
Implementations MUST NOT process zone delegation for the empty
- apex label "@". Upon encountering a zone delegation record under
+ label "@". Upon encountering a zone delegation record under
this label, resolution fails and an error MUST be returned. The
implementation MAY choose not to return the reason for the
failure,
merely impacting troubleshooting information for the user.
@@ -2118,7 +2124,7 @@ example.com = zk2
If the remainder of the name to resolve is empty and we have
received a record set containing only a single delegation record,
the
recursion is continued with the record value as authoritative zone
- and the empty apex label "@" as remaining name.
+ and the empty label "@" as remaining name.
Except in the case where the desired record type as specified by
the client is equal to the ztype, in which case the delegation
record is returned.
@@ -2200,11 +2206,10 @@ NICK: john (Supplemental)
</t>
<t>
Implementations MAY allow users to manage private records in
- their zones.
- Such private records should not be published in the storage,
- making their data completely unavailable to non-local users.
- Private records should still be considered just like
- regular records when resolving labels in local zones.
+ their zones that are not published in the storage.
+ Private records are considered just like
+ regular records when resolving labels in local zones,
+ but their data is completely unavailable to non-local users.
</t>
</section>
<section anchor="security_agility" numbered="true" toc="default">
@@ -3031,6 +3036,7 @@ c9d7b9ab
</references>
<references>
<name>Informative References</name>
+ &RFC4033;
&RFC6781;
&RFC7363;
&RFC8324;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [lsd0001] branch master updated (7b79c73 -> 9b1b246),
gnunet <=