diff options
Diffstat (limited to 'doc/rfc/rfc3597.txt')
-rw-r--r-- | doc/rfc/rfc3597.txt | 451 |
1 files changed, 451 insertions, 0 deletions
diff --git a/doc/rfc/rfc3597.txt b/doc/rfc/rfc3597.txt new file mode 100644 index 0000000..19e9a55 --- /dev/null +++ b/doc/rfc/rfc3597.txt @@ -0,0 +1,451 @@ + + + + + + +Network Working Group A. Gustafsson +Request for Comments: 3597 Nominum Inc. +Category: Standards Track September 2003 + + + Handling of Unknown DNS Resource Record (RR) Types + +Status of this Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2003). All Rights Reserved. + +Abstract + + Extending the Domain Name System (DNS) with new Resource Record (RR) + types currently requires changes to name server software. This + document specifies the changes necessary to allow future DNS + implementations to handle new RR types transparently. + +1. Introduction + + The DNS is designed to be extensible to support new services through + the introduction of new resource record (RR) types. In practice, + deploying a new RR type currently requires changes to the name server + software not only at the authoritative DNS server that is providing + the new information and the client making use of it, but also at all + slave servers for the zone containing it, and in some cases also at + caching name servers and forwarders used by the client. + + Because the deployment of new server software is slow and expensive, + the potential of the DNS in supporting new services has never been + fully realized. This memo proposes changes to name servers and to + procedures for defining new RR types aimed at simplifying the future + deployment of new RR types. + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this + document are to be interpreted as described in [RFC 2119]. + + + + + + +Gustafsson Standards Track [Page 1] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + +2. Definition + + An "RR of unknown type" is an RR whose RDATA format is not known to + the DNS implementation at hand, and whose type is not an assigned + QTYPE or Meta-TYPE as specified in [RFC 2929] (section 3.1) nor + within the range reserved in that section for assignment only to + QTYPEs and Meta-TYPEs. Such an RR cannot be converted to a type- + specific text format, compressed, or otherwise handled in a type- + specific way. + + In the case of a type whose RDATA format is class specific, an RR is + considered to be of unknown type when the RDATA format for that + combination of type and class is not known. + +3. Transparency + + To enable new RR types to be deployed without server changes, name + servers and resolvers MUST handle RRs of unknown type transparently. + That is, they must treat the RDATA section of such RRs as + unstructured binary data, storing and transmitting it without change + [RFC1123]. + + To ensure the correct operation of equality comparison (section 6) + and of the DNSSEC canonical form (section 7) when an RR type is known + to some but not all of the servers involved, servers MUST also + exactly preserve the RDATA of RRs of known type, except for changes + due to compression or decompression where allowed by section 4 of + this memo. In particular, the character case of domain names that + are not subject to compression MUST be preserved. + +4. Domain Name Compression + + RRs containing compression pointers in the RDATA part cannot be + treated transparently, as the compression pointers are only + meaningful within the context of a DNS message. Transparently + copying the RDATA into a new DNS message would cause the compression + pointers to point at the corresponding location in the new message, + which now contains unrelated data. This would cause the compressed + name to be corrupted. + + To avoid such corruption, servers MUST NOT compress domain names + embedded in the RDATA of types that are class-specific or not well- + known. This requirement was stated in [RFC1123] without defining the + term "well-known"; it is hereby specified that only the RR types + defined in [RFC1035] are to be considered "well-known". + + + + + + +Gustafsson Standards Track [Page 2] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + + The specifications of a few existing RR types have explicitly allowed + compression contrary to this specification: [RFC2163] specified that + compression applies to the PX RR, and [RFC2535] allowed compression + in SIG RRs and NXT RRs records. Since this specification disallows + compression in these cases, it is an update to [RFC2163] (section 4) + and [RFC2535] (sections 4.1.7 and 5.2). + + Receiving servers MUST decompress domain names in RRs of well-known + type, and SHOULD also decompress RRs of type RP, AFSDB, RT, SIG, PX, + NXT, NAPTR, and SRV (although the current specification of the SRV RR + in [RFC2782] prohibits compression, [RFC2052] mandated it, and some + servers following that earlier specification are still in use). + + Future specifications for new RR types that contain domain names + within their RDATA MUST NOT allow the use of name compression for + those names, and SHOULD explicitly state that the embedded domain + names MUST NOT be compressed. + + As noted in [RFC1123], the owner name of an RR is always eligible for + compression. + +5. Text Representation + + In the "type" field of a master file line, an unknown RR type is + represented by the word "TYPE" immediately followed by the decimal RR + type number, with no intervening whitespace. In the "class" field, + an unknown class is similarly represented as the word "CLASS" + immediately followed by the decimal class number. + + This convention allows types and classes to be distinguished from + each other and from TTL values, allowing the "[<TTL>] [<class>] + <type> <RDATA>" and "[<class>] [<TTL>] <type> <RDATA>" forms of + [RFC1035] to both be unambiguously parsed. + + The RDATA section of an RR of unknown type is represented as a + sequence of white space separated words as follows: + + The special token \# (a backslash immediately followed by a hash + sign), which identifies the RDATA as having the generic encoding + defined herein rather than a traditional type-specific encoding. + + An unsigned decimal integer specifying the RDATA length in octets. + + Zero or more words of hexadecimal data encoding the actual RDATA + field, each containing an even number of hexadecimal digits. + + If the RDATA is of zero length, the text representation contains only + the \# token and the single zero representing the length. + + + +Gustafsson Standards Track [Page 3] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + + An implementation MAY also choose to represent some RRs of known type + using the above generic representations for the type, class and/or + RDATA, which carries the benefit of making the resulting master file + portable to servers where these types are unknown. Using the generic + representation for the RDATA of an RR of known type can also be + useful in the case of an RR type where the text format varies + depending on a version, protocol, or similar field (or several) + embedded in the RDATA when such a field has a value for which no text + format is known, e.g., a LOC RR [RFC1876] with a VERSION other than + 0. + + Even though an RR of known type represented in the \# format is + effectively treated as an unknown type for the purpose of parsing the + RDATA text representation, all further processing by the server MUST + treat it as a known type and take into account any applicable type- + specific rules regarding compression, canonicalization, etc. + + The following are examples of RRs represented in this manner, + illustrating various combinations of generic and type-specific + encodings for the different fields of the master file format: + + a.example. CLASS32 TYPE731 \# 6 abcd ( + ef 01 23 45 ) + b.example. HS TYPE62347 \# 0 + e.example. IN A \# 4 0A000001 + e.example. CLASS1 TYPE1 10.0.0.2 + +6. Equality Comparison + + Certain DNS protocols, notably Dynamic Update [RFC2136], require RRs + to be compared for equality. Two RRs of the same unknown type are + considered equal when their RDATA is bitwise equal. To ensure that + the outcome of the comparison is identical whether the RR is known to + the server or not, specifications for new RR types MUST NOT specify + type-specific comparison rules. + + This implies that embedded domain names, being included in the + overall bitwise comparison, are compared in a case-sensitive manner. + + As a result, when a new RR type contains one or more embedded domain + names, it is possible to have multiple RRs owned by the same name + that differ only in the character case of the embedded domain + name(s). This is similar to the existing possibility of multiple TXT + records differing only in character case, and not expected to cause + any problems in practice. + + + + + + +Gustafsson Standards Track [Page 4] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + +7. DNSSEC Canonical Form and Ordering + + DNSSEC defines a canonical form and ordering for RRs [RFC2535] + (section 8.1). In that canonical form, domain names embedded in the + RDATA are converted to lower case. + + The downcasing is necessary to ensure the correctness of DNSSEC + signatures when case distinctions in domain names are lost due to + compression, but since it requires knowledge of the presence and + position of embedded domain names, it cannot be applied to unknown + types. + + To ensure continued consistency of the canonical form of RR types + where compression is allowed, and for continued interoperability with + existing implementations that already implement the [RFC2535] + canonical form and apply it to their known RR types, the canonical + form remains unchanged for all RR types whose whose initial + publication as an RFC was prior to the initial publication of this + specification as an RFC (RFC 3597). + + As a courtesy to implementors, it is hereby noted that the complete + set of such previously published RR types that contain embedded + domain names, and whose DNSSEC canonical form therefore involves + downcasing according to the DNS rules for character comparisons, + consists of the RR types NS, MD, MF, CNAME, SOA, MB, MG, MR, PTR, + HINFO, MINFO, MX, HINFO, RP, AFSDB, RT, SIG, PX, NXT, NAPTR, KX, SRV, + DNAME, and A6. + + This document specifies that for all other RR types (whether treated + as unknown types or treated as known types according to an RR type + definition RFC more recent than RFC 3597), the canonical form is such + that no downcasing of embedded domain names takes place, and + otherwise identical to the canonical form specified in [RFC2535] + section 8.1. + + Note that the owner name is always set to lower case according to the + DNS rules for character comparisons, regardless of the RR type. + + The DNSSEC canonical RR ordering is as specified in [RFC2535] section + 8.3, where the octet sequence is the canonical form as revised by + this specification. + +8. Additional Section Processing + + Unknown RR types cause no additional section processing. Future RR + type specifications MAY specify type-specific additional section + processing rules, but any such processing MUST be optional as it can + only be performed by servers for which the RR type in case is known. + + + +Gustafsson Standards Track [Page 5] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + +9. IANA Considerations + + This document does not require any IANA actions. + +10. Security Considerations + + This specification is not believed to cause any new security + problems, nor to solve any existing ones. + +11. Normative References + + [RFC1034] Mockapetris, P., "Domain Names - Concepts and + Facilities", STD 13, RFC 1034, November 1987. + + [RFC1035] Mockapetris, P., "Domain Names - Implementation and + Specifications", STD 13, RFC 1035, November 1987. + + [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts -- + Application and Support", STD 3, RFC 1123, October 1989. + + [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, March 1997. + + [RFC2535] Eastlake, D., "Domain Name System Security Extensions", + RFC 2535, March 1999. + + [RFC2163] Allocchio, C., "Using the Internet DNS to Distribute + MIXER Conformant Global Address Mapping (MCGAM)", RFC + 2163, January 1998. + + [RFC2929] Eastlake, D., Brunner-Williams, E. and B. Manning, + "Domain Name System (DNS) IANA Considerations", BCP 42, + RFC 2929, September 2000. + +12. Informative References + + [RFC1876] Davis, C., Vixie, P., Goodwin, T. and I. Dickinson, "A + Means for Expressing Location Information in the Domain + Name System", RFC 1876, January 1996. + + [RFC2052] Gulbrandsen, A. and P. Vixie, "A DNS RR for specifying + the location of services (DNS SRV)", RFC 2052, October + 1996. + + [RFC2136] Vixie, P., Ed., Thomson, S., Rekhter, Y. and J. Bound, + "Dynamic Updates in the Domain Name System (DNS UPDATE)", + RFC 2136, April 1997. + + + + +Gustafsson Standards Track [Page 6] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + + [RFC2782] Gulbrandsen, A., Vixie, P. and L. Esibov, "A DNS RR for + specifying the location of services (DNS SRV)", RFC 2782, + February 2000. + +13. Intellectual Property Statement + + The IETF takes no position regarding the validity or scope of any + intellectual property or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; neither does it represent that it + has made any effort to identify any such rights. Information on the + IETF's procedures with respect to rights in standards-track and + standards-related documentation can be found in BCP-11. Copies of + claims of rights made available for publication and any assurances of + licenses to be made available, or the result of an attempt made to + obtain a general license or permission for the use of such + proprietary rights by implementors or users of this specification can + be obtained from the IETF Secretariat. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights which may cover technology that may be required to practice + this standard. Please address the information to the IETF Executive + Director. + +14. Author's Address + + Andreas Gustafsson + Nominum, Inc. + 2385 Bay Rd + Redwood City, CA 94063 + USA + + Phone: +1 650 381 6004 + EMail: gson@nominum.com + + + + + + + + + + + + + + + +Gustafsson Standards Track [Page 7] + +RFC 3597 Handling of Unknown DNS RR Types September 2003 + + +15. Full Copyright Statement + + Copyright (C) The Internet Society (2003). All Rights Reserved. + + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph are + included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assignees. + + This document and the information contained herein is provided on an + "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING + TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING + BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION + HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF + MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + + + + + + + + + + + + + +Gustafsson Standards Track [Page 8] + |