1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
|
Network Working Group M. Mealling
Request for Comments: 3402 Verisign
Obsoletes: 2915, 2168 October 2002
Category: Standards Track
Dynamic Delegation Discovery System (DDDS)
Part Two: The Algorithm
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract
This document describes the Dynamic Delegation Discovery System
(DDDS) algorithm for applying dynamically retrieved string
transformation rules to an application-unique string. Well-formed
transformation rules will reflect the delegation of management of
information associated with the string. This document is also part
of a series that is completely specified in "Dynamic Delegation
Discovery System (DDDS) Part One: The Comprehensive DDDS" (RFC 3401).
It is very important to note that it is impossible to read and
understand any document in this series without reading the others.
Mealling Standards Track [Page 1]
^L
RFC 3402 DDDS - The Algorithm October 2002
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The Algorithm . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1 Components of a Rule . . . . . . . . . . . . . . . . . . . . . 6
3.2 Substitution Expression Syntax . . . . . . . . . . . . . . . . 6
3.3 The Complete Algorithm . . . . . . . . . . . . . . . . . . . . 8
4. Specifying An Application . . . . . . . . . . . . . . . . . . 9
5. Specifying A Database . . . . . . . . . . . . . . . . . . . . 11
6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.1 An Automobile Parts Identification System . . . . . . . . . . 12
6.2 A Document Identification Service . . . . . . . . . . . . . . 14
7. Security Considerations . . . . . . . . . . . . . . . . . . . 15
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Author's Address . . . . . . . . . . . . . . . . . . . . . . . 16
Full Copyright Statement . . . . . . . . . . . . . . . . . . . 17
1. Introduction
The Dynamic Delegation Discovery System (DDDS) is used to implement
lazy binding of strings to data, in order to support dynamically
configured delegation systems. The DDDS functions by mapping some
unique string to data stored within a DDDS Database by iteratively
applying string transformation rules until a terminal condition is
reached.
This document describes the general DDDS algorithm, not any
particular application or usage scenario. The entire series of
documents is specified in "Dynamic Delegation Discovery System (DDDS)
Part One: The Comprehensive DDDS" (RFC 3401) [1]. It is very
important to note that it is impossible to read and understand a
single document in that series without reading the related documents.
The DDDS's history is an evolution from work done by the Uniform
Resource Name Working Group. When Uniform Resource Names (URNs) [6]
were originally formulated there was the desire to locate an
authoritative server for a URN that (by design) contained no
information about network locations. A system was formulated that
could use a database of rules that could be applied to a URN to find
out information about specific chunks of syntax. This system was
originally called the Resolver Discovery Service (RDS) [7] and only
applied to URNs.
Mealling Standards Track [Page 2]
^L
RFC 3402 DDDS - The Algorithm October 2002
Over time other systems began to apply this same algorithm and
infrastructure to other, non-URN related, systems (see Section 6 for
examples of other ways of using the DDDS). This caused some of the
underlying assumptions to change and need clarification. These
documents are an update of those original URN specifications in order
to allow new applications and rule databases to be developed in a
standardized manner.
This document obsoletes RFC 2168 [11] and RFC 2915 [9] as well as
updates RFC 2276 [7].
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
Application Unique String
A string that is the initial input to a DDDS application. The
lexical structure of this string must imply a unique delegation
path, which is analyzed and traced by the repeated selection and
application of Rewrite Rules.
Rewrite Rule
A rule that is applied to an Application Unique String to produce
either a new key to select a new rewrite rule from the rule
database, or a final result string that is returned to the calling
application. Also simply known as a Rule.
First Well Known Rule
This is a rewrite rule that is defined by the application and not
actually in the Rule Database. It is used to produce the first
valid key.
Terminal Rule
A Rewrite Rule that, when used, yields a string that is the final
result of the DDDS process, rather than another database key.
Application
A set of protocols and specifications that specify actual values
for the various generalized parts of the DDDS algorithm. An
Application must define the syntax and semantics of the
Application Unique String, the First Well Known Rule, and one or
more Databases that are valid for the Application.
Mealling Standards Track [Page 3]
^L
RFC 3402 DDDS - The Algorithm October 2002
Rule Database
Any store of Rules such that a unique key can identify a set of
Rules that specify the delegation step used when that particular
Key is used.
Services
A common rule database may be used to associate different services
with a given Application Unique String; e.g., different protocol
functions, different operational characteristics, geographic
segregation, backwards compatibility, etc. Possible service
differences might be message receiving services for email/fax/
voicemail, load balancing over web servers, selection of a nearby
mirror server, cost vs performance trade-offs, etc. These
Services are included as part of a Rule to allow the Application
to make branching decisions based on the applicability of one
branch or the other from a Service standpoint.
Flags
Most Applications will require a way for a Rule to signal to the
Application that some Rules provide particular outcomes that
others do not; e.g., different output formats, extensibility
mechanisms, terminal rule signaling, etc. Most Databases will
define a Flags field that an Application can use to encode various
values that express these signals.
3. The Algorithm
The DDDS algorithm is based on the concept of Rewrite Rules. These
rules are collected into a DDDS Rule Database, and accessed by given
unique keys. A given Rule, when applied to an Application Unique
String, transforms that String into new Key that can be used to
retrieve a new Rule from the Rule Database. This new rule is then
reapplied to the original Application Unique String and the cycle
repeats itself until a terminating condition is reached. An
Application MUST NOT apply a Rule to the output of a previous Rule.
All Rewrite Rules for all Applications must ALWAYS apply to the exact
same Application Unique String that the algorithm started with.
It is a fundamental assumption that the Application Unique String has
some kind of regular, lexical structure that the rules can be applied
to. It is an assumption of the DDDS that the lexical element used to
make a delegation decision is simple enough to be contained within
the Application Unique String itself. The DDDS does not solve the
case where a delegation decision is made using knowledge contained
outside the AUS and the Rule (time of day, financial transactions,
rights management, etc.).
Mealling Standards Track [Page 4]
^L
RFC 3402 DDDS - The Algorithm October 2002
Diagrammatically the algorithm looks like this:
+--------- Application Unique String
| +-----+
| |input|
| +-------+ +---------+
| | First Well Known Rule |
| +-------+ +--------+
| |output|
| +------+
| First Key
| |
| +----<--------------<--------------+
| | |
| key (a DDDS database always |
| +-----+ takes a key and returns |
| |input| a rule) ^
| +---------+ +------------+ |
| | Lookup key in DDDS Database| |
| +---------+ +-----------+ |
| |output| |
| +------+ |
| rule set |
| | |
| | (the input to a rule |
| rule set is the rule and the AUS. ^
| +-----+ The output is always |
+---------------->|input| either a key or the result) |
+---------------+ +------------------+ |
| Apply Rules to Application Unique String| |
| until non-empty result are obtained | |
| that meet the applications requirements | |
+---------------+ +-----------------+ |
|output| |
+------+ ^
key |
| |
v |
+--------------------------------------+ |
| Was the last matching rule terminal? | No >------+
+--------------------------------------+
Yes (if the rule isn't terminal then
| its output is the new key which
| is used to find a new rule set)
+------------------------------------+
| The output of the last rule is the |
| result desired by the application |
+------------------------------------+
Mealling Standards Track [Page 5]
^L
RFC 3402 DDDS - The Algorithm October 2002
3.1 Components of a Rule
A Rule is made up of 4 pieces of information:
A Priority
Simply a number used to show which of two otherwise equal rules
may have precedence. This allows the database to express rules
that may offer roughly the same results but one delegation path
may be faster, better, cheaper than the other.
A Set of Flags
Flags are used to specify attributes of the rule that determine if
this rule is the last one to be applied. The last rule is called
the terminal rule and its output should be the intended result for
the application. Flags are unique across Applications. An
Application may specify that it is using a flag defined by yet
another Application but it must use that other Application's
definition. One Application cannot redefine a Flag used by
another Application. This may mean that a registry of Flags will
be needed in the future but at this time it is not a requirement.
A Description of Services
Services are used to specify semantic attributes of a particular
delegation branch. There are many cases where two delegation
branches are identical except that one delegates down to a result
that provides one set of features while another provides some
other set. Features may include operational issues such as load
balancing, geographically based traffic segregation, degraded but
backwardly compatible functions for older clients, etc. For
example, two rules may equally apply to a specific delegation
decision for a string. One rule can lead to a terminal rule that
produces information for use in high availability environments
while another may lead to an archival service that may be slower
but is more stable over long periods of time.
A Substitution Expression
This is the actual string modification part of the rule. It is a
combination of a POSIX Extended Regular Expression [8] and a
replacement string similar to Unix sed-style substitution
expression.
3.2 Substitution Expression Syntax
The character set(s) that the substitution expression is in and can
act on are dependent both on the Application and on the Database
being used. An Application must define what the allowed character
sets are for the Application Unique String. A DDDS Database
specification must define what character sets are required for
Mealling Standards Track [Page 6]
^L
RFC 3402 DDDS - The Algorithm October 2002
producing its keys and for how the substitution expression itself is
encoded. The grammar-required characters below only have meaning
once a specific character set is defined for the Database and/or
Application.
The syntax of the Substitution Expression part of the rule is a
sed-style substitution expression. True sed-style substitution
expressions are not appropriate for use in this application for a
variety of reasons, therefore the contents of the regexp field MUST
follow this grammar:
subst-expr = delim-char ere delim-char repl delim-char *flags
delim-char = "/" / "!" / <Any octet not in 'POS-DIGIT' or 'flags'>
; All occurrences of a delim_char in a subst_expr
; must be the same character.>
ere = <POSIX Extended Regular Expression>
repl = *(string / backref)
string = *(anychar / escapeddelim)
anychar = <any character other than delim-char>
escapeddelim = "\" delim-char
backref = "\" POS-DIGIT
flags = "i"
POS-DIGIT = "1" / "2" / "3" / "4" / "5" / "6" / "7" / "8" / "9"
The result of applying the substitution expression to the String MUST
result in a key which obeys the rules of the Database (unless of
course it is a Terminal Rule in which case the output follows the
rules of the application). Since it is possible for the regular
expression to be improperly specified, such that a non-conforming key
can be constructed, client software SHOULD verify that the result is
a legal database key before using it.
Backref expressions in the repl portion of the substitution
expression are replaced by the (possibly empty) string of characters
enclosed by '(' and ')' in the ERE portion of the substitution
expression. N is a single digit from 1 through 9, inclusive. It
specifies the N'th backref expression, the one that begins with the
N'th '(' and continues to the matching ')'. For example, the ERE
(A(B(C)DE)(F)G)
has backref expressions:
\1 = ABCDEFG
\2 = BCDE
\3 = C
\4 = F
\5..\9 = error - no matching subexpression
Mealling Standards Track [Page 7]
^L
RFC 3402 DDDS - The Algorithm October 2002
The "i" flag indicates that the ERE matching SHALL be performed in a
case-insensitive fashion. Furthermore, any backref replacements MAY
be normalized to lower case when the "i" flag is given. This flag
has meaning only when both the Application and Database define a
character set where case insensitivity is valid.
The first character in the substitution expression shall be used as
the character that delimits the components of the substitution
expression. There must be exactly three non-escaped occurrences of
the delimiter character in a substitution expression. Since escaped
occurrences of the delimiter character will be interpreted as
occurrences of that character, digits MUST NOT be used as delimiters.
Backrefs would be confused with literal digits were this allowed.
Similarly, if flags are specified in the substitution expression, the
delimiter character must not also be a flag character.
3.3 The Complete Algorithm
The following is the exact DDDS algorithm:
1. The First Well Known Rule is applied to the Application Unique
String which produces a Key.
2. The Application asks the Database for the ordered set of Rules
that are bound to that Key (see NOTE below on order details).
3. The Substitution Expression for each Rule in the list is applied,
in order, to the Application Unique String until a non-empty
string is produced. The position in the list is noted and the
Rule that produced the non-empty string is used for the next
step. If the next step rejects this rule and returns to this
step then the Substitution Expression application process
continues at the point where it left off. If the list is
exhausted without a valid match then the application is notified
that no valid output was available.
4. If the Service description of the rule does not meet the client's
requirements, go back to step 3 and continue through the already
retrieved list of rules. If it does match the client's
requirements then this Rule is used for the next step. If and
only if the client is capable of handling it and if it is deemed
safe to do so by the Application's specification, the client may
make a note of the current Rule but still return to step 3 as
though it had rejected it. In either case, the output of this
step is one and only one Rule.
Mealling Standards Track [Page 8]
^L
RFC 3402 DDDS - The Algorithm October 2002
5. If the Flags part of the Rule designate that this Rule is NOT
Terminal, go back to step 2 with the substitution result as the
new Key.
6. Notify the Application that the process has finished and provide
the Application with the Flags and Services part of the Rule
along with the output of the last Substitution Expression.
NOTE 1: In some applications and/or databases the result set can
express the case where two or more Rules are considered equal. These
Rules are treated as the same Rule, each one possibly having a
Priority which is used to communicate a preference for otherwise
equivalent Rules. This allows for Rules to act as fallbacks for
others. It should be noted that this is a real Preference, not a
load balancing mechanism. Applications should define the difference
carefully.
NOTE 2: Databases may or may not have rules that determine when and
how records within that database expire (expiration dates, times to
live, etc.). These expiration mechanisms must be adhered to in all
cases. Specifically, since the expiration of a databases record
could cause a new Rule to be retrieved that is inconsistent with
previous Rules, while in the algorithm any attempts to optimize the
process by falling back to previous keys and Rules MUST ensure that
no previously retrieved Rule has expired. If a Rule has expired then
the application MUST start over at Step 1.
4. Specifying an Application
In order for this algorithm to have any usefulness, a specification
must be written describing an application and one or more databases.
In order to specify an application the following pieces of
information are required:
Application Unique String:
This is the only string that the rewrite rules will apply to. The
string must have some regular structure and be unique within the
application such that anyone applying Rules taken from the same
Database will end up with the same Keys. For example, the URI
Resolution application defines the Application Unique String to be
a URI.
No application is allowed to define an Application Unique String
such that the Key obtained by a rewrite rule is treated as the
Application Unique String for input to a new rule. This leads to
sendmail style rewrite rules which are fragile and error prone.
The one single exception to this is when an Application defines
some flag or state where the rules for that application are
Mealling Standards Track [Page 9]
^L
RFC 3402 DDDS - The Algorithm October 2002
suspended and a new DDDS Application or some other arbitrary set
of rules take over. If this is the case then, by definition, none
of these rules apply. One such case can be found in the URI
Resolution application which defines the 'p' flag which states
that the next step is 'protocol specific' and thus outside of the
scope of DDDS.
First Well Known Rule:
This is the first rule that, when applied to the Application
Unique String, produces the first valid Key. It can be expressed
in the same form as a Rule or it can be something more complex.
For example, the URI Resolution application might specify that the
rule is that the sequence of characters in the URI up to but not
including the first colon (the URI scheme) is the first Key.
Valid Databases:
The application can define which Databases are valid. For each
Database the Application must define how the First Well Known
Rule's output (the first Key) is turned into something that is
valid for that Database. For example, the URI Resolution
application could use the Domain Name System (DNS) as a Database.
The operation for turning this first Key into something that was
valid for the database would be to to turn it into some DNS-valid
domain-name. Additionally, for each Database an Application
defines, it must also specify what the valid character sets are
that will produce the correct Keys. In the URI Resolution example
shown here, the character set of a URI is 7 bit ASCII which
matches fairly well with DNS's 8 bit limitation on characters in
its zone files.
Expected Output:
The Application must define what the expected output of the
Terminal Rule should be. For example, the URI Resolution
application is concerned with finding servers that contain
authoritative data about a given URI. Thus the output of the
terminal rule would be information (hosts, ports, protocols, etc.)
that would be used to contact that authoritative server.
In the past there has been some confusion concerning load balancing
and the use of the DDDS 'Priority'. Applications should be aware
that the Priority of a given rule is just that: a way of specifying
that one rule is "better, faster, cheaper" than another. If an
application needs some method of allowing a client to load balance
between servers (i.e., weighted random selection, etc.) then it
should do so outside the DDDS algorithm. For example, Applications
that make use of the DNS Database may use the SRV record as a way of
signifying that a particular service is actually handled by several
hosts cooperating with each other. The difference being that load
Mealling Standards Track [Page 10]
^L
RFC 3402 DDDS - The Algorithm October 2002
balancing is done between hosts that are identical to each other
where as DDDS is concerned with delegation paths that have some
particular feature set or administrative domain.
5. Specifying A Database
Additionally, any Application must have at least one corresponding
Database from which to retrieve the Rules. It is important to note
that a given Database may be used by more than one Application. If
this is the case, each rule must be use some combination of its
Services and/or substitution expression to match only those
Application Unique Strings for which it is valid.
A Database specification must include the following pieces of
information:
General Specification:
The Database must have a general specification. This can
reference other standards (SQL, DNS, etc.) or it can fully specify
a novel database system. This specification MUST be clear as to
what allowed character sets exist in order to know in which
character set the Keys and Rules are encoded.
Lookup Procedure:
This specifies how a query is formulated and submitted to the
database. In the case of databases that are used for other
purposes (such as DNS), the specification must be clear as to how
a query is formulated specifically for the database to be a DDDS
database. For example, a DNS based Database must specify which
Resource Records or Query Types are used.
Key Format:
If any operations are needed in order to turn a Key into something
that is valid for the database then these must be clearly defined.
For example, in the case of a DNS database, the Keys must be
constructed as valid domain-names.
Rule Format:
The specification for the output format of a rule.
Rule Insertion Procedure:
A specification for how a Rule is inserted into the database.
This can include policy statements about whether or not a Rule is
allowed to be added.
Mealling Standards Track [Page 11]
^L
RFC 3402 DDDS - The Algorithm October 2002
Rule Collision Avoidance:
Since a Database may be used by multiple Applications (ENUM and
URI Resolution for example), the specification must be clear about
how rule collisions will be avoided. There are usually two
methods for handling this: 1) disallow one key from being valid in
two different Applications; 2) if 1 isn't possible then write the
substitution expression such that the regular expression part
contains enough of the Application Unique String as part of its
match to differentiate between the two Applications.
6. Examples
The examples given here are for pedagogical purposes only. They are
specifically taken from ficticious applications that have not been
specified in any published document.
6.1 An Automobile Parts Identification System
In this example imagine a system setup where all automobile
manufacturers come together and create a standardized part numbering
system for the various parts (nuts, bolts, frames, instruments, etc.)
that make up the automobile manufacturing and repair process. The
problem with such a system is that the auto industry is a very
distributed system where parts are built by various third parties
distributed around the world. In order to find information about a
given part a system must be able to find out who makes that part and
contact them about it.
To facilitate this distributed system the identification number
assigned to a part is assigned hierarchically such that the first 5
digits make up a parts manufacturer ID number. The next 3 digits are
an auto line identifier (Ford, Toyota, etc.). The rest of the digits
are assigned by the parts manufacturer according to rules that the
manufacturer decides.
The auto industry decides to use the DDDS to create a distributed
information retrieval system that routes queries to the actual owner
of the data. The industry specifies a database and a query syntax
for retrieving rewrite rules (the APIDA Network) and then specifies
the Auto Parts Identification DDDS Application (APIDA).
The APIDA specification would define the following:
o Application Unique String: the part number.
o First Well Known Rule: take the first 5 digits (the manufacturers
ID number) and use that as the Key.
Mealling Standards Track [Page 12]
^L
RFC 3402 DDDS - The Algorithm October 2002
o Valid Databases: The APIDA Network.
o Expected Output: EDIFAC information about the part.
The APIDA Network Database specification would define the following:
o General Specification: a network of EDI enabled databases and
services that, when given a subcomponent of a part number will
return an XML encoded rewrite rule.
o Lookup Procedure: following normal APIDA Network protocols, ask
the network for a rewrite rule for the Key.
o Key Format: no conversion is required.
o Rule Format: see APIDA Network documentation for the XML DTD.
o Rule Insertion Procedure: determined by the authority that has
control over each section of the part number. I.e., in order to
get a manufacturer ID you must be a member of the Auto Parts
Manufacturers Association.
In order to illustrate how the system would work, imagine the part
number "4747301AB7D". The system would take the first 5 digits,
'47473' and ask the network for that Rewrite Rule. This Rule would
be provided by the parts manufacturers database and would allow the
manufacturer to either further sub-delegate the space or point the
querier directly at the EDIFAC information in the system.
In this example let's suppose that the manufacturer returns a Rule
that states that the next 3 digits should be used as part of a query
to their service in order to find a new Rule. This new Rule would
allow the parts manufacturer to further delegate the query to their
parts factories for each auto line. In our example part number the
number '01A' denotes the Toyota line of cars. The Rule that the
manufacturer returns further delegates the query to a supply house in
Japan. This rule also denotes that this Rule is terminal and thus
the result of this last query will be the actual information about
the part.
Mealling Standards Track [Page 13]
^L
RFC 3402 DDDS - The Algorithm October 2002
6.2 A Document Identification Service
This example is very similar to the last since the documents in this
system can simply be thought of as the auto part in the last example.
The difference here is that the information about the document is
kept very close to the author (usually on their desktop). Thus there
is the probability that the number of delegations can be very deep.
Also, in order to keep from having a large flat space of authors, the
authors are organized by organizations and departments.
Let's suppose that the Application Unique String in this example
looks like the following:
<organization>-<department>-<author>:<project>-<bookcase>-<book>
The Application specification would look like this:
o Application Unique String: the Document ID string given above.
o First Well Known Rule: the characters up to but not including the
first '-' is treated as the first Key.
o Valid Databases: the DIS LDAP Directory.
o Expected Output: a record from an LDAP server containing
bibliographic information about the document in XML.
The Database specification for the DIS LDAP Directory would look like
this:
o General Specification: the Database uses the LDAP directory
service. Each LDAP server has a record that contains the Rewrite
Rule. Rules refer to other LDAP servers using the LDAP URL
scheme.
o Lookup Procedure: using standard LDAP queries, the client asks the
LDAP server for information about the Key.
o Key Format: no conversion is necessary.
o Rule Format: See the LDAP Rewrite Rule specification.
o Rule Insertion Procedure: See the procedures published by the
entity that has authority over that section of the DIS tree. The
first section, the organization, is owned by the DIS Agency.
Mealling Standards Track [Page 14]
^L
RFC 3402 DDDS - The Algorithm October 2002
In this example, the first lookup is for the organization's Rule. At
that point the organization may point the client directly at some
large, organization wide database that contains the expected output.
Other organizations may decentralize this process so that Rules end
up delegating the query all the way down to the authors document
management environment of choice.
7. Security Considerations
This document simply defines the DDDS algorithm and thus, by itself,
does not imply any security issues. It is when this algorithm is
coupled with a Database and an Application that security
considerations can be known well enough to enumerate them beyond
simply saying that dynamic delegation points are a possible point of
attack.
8. IANA Considerations
This document does not create any requirements on the IANA. Database
and Application specifications may have considerable requirements but
they cannot be enumerated here.
References
[1] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part One: The Comprehensive DDDS", RFC 3401, October 2002.
[2] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part Two: The Algorithm", RFC 3402, October 2002.
[3] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part Three: The Domain Name System (DNS) Database", RFC 3403,
October 2002.
[4] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part Four: The Uniform Resource Identifiers (URI) Resolution
Application", RFC 3404, October 2002.
[5] Mealling, M., "Dynamic Delegation Discovery System (DDDS)
Part Five: URI.ARPA Assignment Procedures", RFC 3405,
October 2002.
[6] Moats, R., "URN Syntax", RFC 2141, May 1997.
[7] Sollins, K., "Architectural Principles of Uniform Resource Name
Resolution", RFC 2276, January 1998.
Mealling Standards Track [Page 15]
^L
RFC 3402 DDDS - The Algorithm October 2002
[8] The Institute of Electrical and Electronics Engineers, "IEEE
Standard for Information Technology - Portable Operating System
Interface (POSIX) - Part 2: Shell and Utilities (Vol. 1)", IEEE
Std 1003.2-1992, ISBN 1-55937-255-9, January 1993.
[9] Mealling, M. and R. Daniel, "The Naming Authority Pointer
(NAPTR) DNS Resource Record", RFC 2915, August 2000.
[10] Faltstrom, P., "E.164 number and DNS", RFC 2916, September
2000.
[11] Daniel, R. and M. Mealling, "Resolution of Uniform Resource
Identifiers using the Domain Name System", RFC 2168, June 1997.
Author's Address
Michael Mealling
VeriSign
21345 Ridgetop Circle
Sterling, VA 20166
US
EMail: michael@neonym.net
URI: http://www.verisignlabs.com
Mealling Standards Track [Page 16]
^L
RFC 3402 DDDS - The Algorithm October 2002
Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Mealling Standards Track [Page 17]
^L
|