From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc1816.txt | 451 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 451 insertions(+) create mode 100644 doc/rfc/rfc1816.txt (limited to 'doc/rfc/rfc1816.txt') diff --git a/doc/rfc/rfc1816.txt b/doc/rfc/rfc1816.txt new file mode 100644 index 0000000..9349754 --- /dev/null +++ b/doc/rfc/rfc1816.txt @@ -0,0 +1,451 @@ + + + + + + +Network Working Group Federal Networking Council +Request For Comments: 1816 August 1995 +Obsoletes: 1811 +Category: Informational + + + U.S. Government Internet Domain Names + +Status of this Memo + + This memo provides information for the Internet community. This memo + does not specify an Internet standard of any kind. Distribution of + this memo is unlimited. + +Abstract + + This memo provides an update and clarification to RFC 1811. This + document describes the registration policies for the top-level domain + ".GOV". Thus far, Federal Agencies and their subsidiaries have + registered without any guidance. This has resulted in multiple + registrations for Federal Agencies and naming schemes that do not + facilitate responsiveness to the public. This document fixes this by + restricting registrations to coincide with the approved structure of + the US government. The document cited, FIPS 95-1, provides a + standard recognized structure into which domain registrations for + .GOV can be fit. This policy is exactly comparable to that for the + top-level domains. The IANA requires that an organization/country + apply for and get a 2 letter code from ISO/ITU (e.g., US for United + States) for additional top-level registration. + + As a side effect, this reduces the number of .GOV level registrations + and reduces the workload on the Internic. + +U.S. GOVERNMENT INTERNET DOMAIN NAMES POLICY + + The .GOV domain is delegated from the root authority to the US + Federal Networking Council. The .GOV domain is for registration of + US governmental entities on the federal level only. Registrations + for state and local governmental agencies shall be made under the .US + domain in accordance with the policies for that domain. + + 1) The document "Codes for the Identification of Federal and + Federally Assisted Organizations", FIPS 95-1 (or its successor) + lists the official names of US Government agencies. + + A) Top-level entities (e.g., those with codes ending in 00 such as + "1200 Department of Agriculture"), and independent agencies and + organizations (e.g., "National Science Foundation and other non- + + + +Federal Networking Council Informational [Page 1] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + + indented listings unless prohibited below) as listed in this + document are eligible for registration directly under .GOV. + + B) Autonomous law enforcement components of top-level entities + (e.g., "Federal Bureau of Investigation", "Secret Service", "Coast + Guard") are also eligible for registration. + + C) Cross-agency collaborative organizations (e.g., "Federal + Networking Council", "Information Infrastructure Task Force") are + eligible for registration under .GOV upon presentation of the + chartering document and are the only non-FIPS-listed + organizations eligible for registration under .GOV. + + D) Subsidiary, non-autonomous components of top-level or other + entities are not eligible for separate registration. + International organizations listed in this document are NOT + eligible for registration under .GOV. + + E) Organizations listed as "Federally Aided Organizations" are not + eligible for registration under .GOV and should register under + .ORG or other appropriate top-level domain. + + F) Organizations subsidiary to "Department of Defense" must + register under the ".MIL" domain via the Defense Data Network + Network Information Center - contact registrar@nic.ddn.mil. + + The only standard exceptions to these rules are changes to + governmental structure due to statutory, regulatory or executive + directives not yet reflected in the above document. The requesting + agency should provide documentation in one of the above forms to + request an exception. Other requests for exception should be + referred to the Federal Networking Council. + + 2) A domain name should be derived from the official name for the + organization (e.g., "USDA.Gov" or "Agriculture.GOV".) The + registration shall be listed in the registration database under the + + official name (per FIPS 95-1) for the organization or under the name + in the chartering document. + + 3) Only ONE registration and delegation shall be made per agency. + The .GOV registration authority shall provide registrations on a + first-come first-served basis. It is an individual agency matter as + to which portion of the agency is responsible for managing the domain + space under a delegated agency domain. + + 4) Those agencies and entities that have multiple registrations under + .GOV may retain them for a maximum of 3 years from the publication + + + +Federal Networking Council Informational [Page 2] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + + date of this document. Within 6 months after the publication of this + document, one permanent domain must be selected for the agency. The + other (auxiliary) domains must cease further sub-delegations and + registrations at this time. As of 1 year after the publication of + this document, the auxiliary domains will become undelegated and will + revert to the control of the .GOV owner. As of 2 years after the + publication of this document, all registrations in the auxiliary + domains must be mirrored in the permanent domain and those names should + be used where possible. At the 3 year point, all auxiliary domain + registrations will be deleted. + + 5) Those agencies and entities already registered in .GOV but not + listed in FIPS 95-1 (e.g., DOE labs, state entities) may retain their + registration within the constraint of the single registration rule + (see para 4). No further non-FIPS-listed registrations will be made. + State and local entities are strongly encouraged to re-register under + .US, but this is not mandatory. + +References + + [1] Federal Information Processing Standards Publication 95-1 (FIPS + PUB 95-1, "Codes for the Identification of Federal and Federally + Assisted Organizations", U.S. Department of Commerce, National + Institute of Standards and Technology, January 4, 1993. + + [2] Postel, J., "Domain Name System Structure and Delegation", RFC + 1591, USC/Information Sciences Institute, March 1994. + +Addendum + +CLARIFICATION + + * All current registrations in .GOV are grandfathered and do NOT + require re-registration with the exception of duplicate registrations + for the SAME organization at the same level. E.g., two registrations + which represent the Department of Transportation would be duplicates; + registrations for each of the Department of Transportation and the + FAA would not (The FAA is an autonomous component contained within + the DOT). + + * The policy requires resolution of all duplicate registrations + within the next three years. + + * Local and state agencies registered under the ".GOV" domain may + remain there. However, they are strongly encouraged to transfer to + the US domain. + + * Cross-agency collaborative efforts may register under ".ORG" or + + + +Federal Networking Council Informational [Page 3] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + + ".US" as an alternative to asking for an exception to the policy. + +FREQUENTLY ASKED QUESTIONS / ANSWERS + +EXISTING .GOV REGISTRATIONS + + Q. What are examples of FIPS-95-1 Departments possessing duplicate + top level domain names, and what guidance has been given to them + regarding these names? + + A. Examples of FIPS-95-1 Departments with duplicate DNS' include + "STATE.GOV" and "LABOR.GOV". These departments have six months to + determine which name is permanent and which is auxiliary and three + years to drop the auxiliary registration. + + + Q. Currently, our services are defined as www.cdc.gov, ftp.cdc.gov, + and gopher.cdc.gov. Does this proposal mean that our names will now + be: www.ntb.ops.cdc.phs.dhhs.gov, etc or at a minimum: + www.cdc.phs.dhhs.gov, ftp.cdc.phs.dhhs.gov, and + gopher.cdc.phs.dhhs.gov? + + A. In the case of CDC, NIST, NIH, FDA, and the numerous other non- + FIPS-95-1 agencies registered with ".GOV" domains, there will be no + changes. The existing DNSs of these agencies are grandfathered under + this policy. In addition, the policy effects only the domains + allowed to be registered directly under .GOV; further delegations are + under the control of the subdomain owner. For the above, assuming + the HHS subdomain owner concurs, there is no problem with the HHS + registering "cdc.dhhs.gov" as a subdomain of "dhhs.gov". + + + Q. How will registrations by Federal Laboratories be addressed? + + A. The existing domain names will be grandfathered, i.e., LBL.GOV. + Any new registrations will generally be within the domain of the + sponsoring agency (and subject to that agencies policies), within the + .US domain as a geographic entity, or within the .ORG domain. + + + Q. What are some examples of state government agencies registered + under ".GOV" domain? Will they need to change their DNS? + + A. Examples of cities and states that originally registered under + the ".GOV" include: + + WA.GOV Department of Information Services, State of Washington + LA.GOV Bureau of Sanitation, City of Los Angeles + + + +Federal Networking Council Informational [Page 4] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + + These entities are strongly encouraged to reregister in the ".US" + domain but this is NOT mandatory. No further state and local + agencies will be registered under .GOV. + + + Q. It is not in anyone's best interest to name things by + organizational boundaries as these things change. Internet domain + names and host names, once defined and used, become so widely + distributed that they become virtually impossible to change. + Organizational structure changes but not the underlying networking + structure. + + A. The policy does not require organizations to change their names + once established, but individual agency policies may. The DNS system + contains some capabilities to assist in name transition - the CNAME + record provides a capability for cross-domain aliases which can be + used to ease a transition between one name space and another. As + noted in the clarifications, naming and subdomain conventions WITHIN + an agency or department DNS delegation are solely the province of + that entity. + + + Q. How can two entities have the same name registered? How does + this apply to NIH.GOV, FDA.GOV, and CDC.GOV, all of which are large + components of DHHS/PHS? NCIFCRF.GOV is a component of NIH. Does it + have to change? I don't understand how a distinction is made if some + are grandfathered and some are not. + + A. US-STATE.GOV and STATE.GOV for example. The problem is actually + one entity with two names. NIH.GOV and FDA.GOV represent separate + entities (albeit within DHHS). If there were an NIH.GOV and an NIH- + EAST.GOV for example, NIH would have to eliminate one of them + (probably moving NIH-EAST.GOV to EAST.NIH.GOV). + + + Q. How much is the taxpayer being asked to spend to alter tens of + thousands of existing computer and telecommunications systems to + support RFC 1816? + + A. There are currently less that half-a-dozen duplicate DNS names at + the FIPS-95-1 level which will need to be changed. Given the fact + that this will be accomplished over the next three years, the costs + should be minimal. + + + + + + + + +Federal Networking Council Informational [Page 5] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + +CROSS-AGENCY COLLABORATIONS + + Q. An organization maintains a domain name which represents a + cross-agency community, IC.GOV, which represents members of the + intelligence community. As a cross-agency collaborative effort, does + the domain have to be reregistered? + + A. The policy states that "Cross-agency collaborative organizations + (e.g., "Federal Networking Council", "Information Infrastructure Task + Force") are eligible for registration under .GOV upon presentation of + the chartering document and are the only non-FIPS-listed + organizations eligible for registration under .GOV." "IC.GOV" + however, is grandfathered since it is an existing domain. + Nevertheless, it would be appropriate to provide a copy of the + chartering document to the FNC for the record. This would ease + future changes to the IC.GOV domain if necessary. + +FUTURE .GOV REGISTRATIONS + + Q. Top level domains are roughly equivalent to the cabinet-level + agencies identified in FIPS-95-1. What will happen if non-FIPS-95-1 + entities apply for the ".GOV" registration in the future? + + A. The Internic will use RFC 1816 as guidance and will not grant the + ".GOV" to any new entity which is not listed in the FIPS-95-1 or + which has not been granted an exception status by the FNC Executive + Committee. + + + Q. Suppose NIH were moved to a new Dept. of Science? Would our + domain name have to be changed? + + A. NIH.GOV is grandfathered under the existing policy and would not + change. The "Department of Science" under its own policies may + require you to re-register though. + +FNC INTENT + + Q. It is unclear how this will policy will facilitate access by the + public to our information, especially since most of the public + doesn't know our organizational structure or that CDC is part of + DHHS/PHS. + + A. The policy attempts to avoid confusion as an increasing number of + entities register under the ".GOV" domain and to transfer authority + and responsibility for domain name space to the appropriate agencies + and away from a centralized authority. For facilitating access, + various tools and capabilities are coming into use on the Internet + + + +Federal Networking Council Informational [Page 6] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + + all the time. Most of these tools provide a fairly strong search + capability which should obviate most concerns of finding resources + based on domain names. + + + Q. Section 1D of RFC 1816 unfairly constrains the organizations + within the .gov domain in stark contrast to Section 1F which grants + .mil domain organizations full freedom to operate subdomains in any + manner chosen. + + A. The Federal Networking Council has jurisdiction over the ".GOV" + domain names; ".MIL" domain names fall within the jurisdiction of the + Department of Defense. The .MIL domain has had a written policy + delimiting which DOD agencies get registered directly under .MIL + since about 1987 when the DNS first started to come into use. + Individual agencies under the .MIL domain (e.g., AF.MIL/US Air Force) + are responsible for setting policy within their domains and for + registrations within those domains. This is exactly equivalent to + the .GOV domain - an individual agency (e.g., Treasury.GOV/Dept of + Treasury) may and should set policy for subregistrations within their + domain. + + + Q. Section 1B identifies several law enforcement agencies as being + "autonomous" for the purposes of domain registration. What is the + selection criteria for an "autonomous law enforcement" agency? For + instance, the Internal Revenue Service (IRS) is responsible for law + enforcement as is the Bureau of Alcohol, Tobacco, and Firearms (ATF). + + A. The selection criteria for "law enforcement agency" is based on + primary mission. A case could be made for either or both of these + being law enforcement agencies, although the IRS' primary mission is + tax revenue collection and has few armed officers relative to its + size. An "autonomous" agency is one with mission and role distinct + and (possibly) separate from its containing department. + Unfortunately, 95-1 does not do a good job of identifying + "autonomous" entities. In the event of problems with registration, + ask the registrar to get a ruling from the FNC. + + + + + + + + + + + + + +Federal Networking Council Informational [Page 7] + +RFC 1816 U.S. Government Internet Domain Names August 1995 + + +ROUTING QUESTIONS + + Q. How will Domain Name Service resolution on the Net work? Instead + of a root DNS server returning the address of cdc.gov and immediately + directing inquires to our DNS servers, will the root server return a + DNS pointer to DHHS, then DHHS will resolve to PHS, then a fourth DNS + query to get to CDC? This will add unnecessary traffic to the Net. + (example is host.CDC.PHS.DHHS.GOV) + + A. The answer is based on how you (personally and agency wide) + configure your servers. First, most servers cache previous answers - + they may have to ask once, but generally remember the answer if they + need it again. Information directly under .GOV will be fairly long- + lived which substantially reduces the requirement to query .GOV + server. Secondly, multiple levels of the DNS tree MAY reside on the + same server. In the above example the information for DHHS.GOV, + PHS.DHHS.GOV and CDC.PHS.DHHS.GOV could all reside on the same + server. Assuming the location of the DHHS.GOV server was not cached, + it would require 2 queries. Further queries would cache the location + of this server and the servers associated with the domains it serves. + Lastly, the individual agencies may structure their domains as they + please. CDC could reside directly under DHHS.GOV as CDC.DHHS.GOV + subject to HHS's own policies. + +Security Considerations + + Security issues are not discussed in this memo. + +Author's Address + + Federal Networking Council + 4001 N. Fairfax Drive + Arlington, VA 22203 + + Phone: (703) 522-6410 + EMail: execdir@fnc.gov + URL: http://www.fnc.gov + + + + + + + + + + + + + + +Federal Networking Council Informational [Page 8] + -- cgit v1.2.3