Internet DRAFT - draft-damick-dns-associated-names-record

draft-damick-dns-associated-names-record






Internet Engineering Task Force                                J. Damick
Internet-Draft                                                   Neustar
Intended status: Standards Track                          August 1, 2012
Expires: February 2, 2013


                      Associated Names DNS Record
              draft-damick-dns-associated-names-record-00

Abstract

   This document describes a new resource record for the Domain Name
   System (DNS) protocol.  The record introduced will allow associated
   domain names to be associated with a particular domain name and
   retrieved in in a single DNS query.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on February 2, 2013.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.




Damick                  Expires February 2, 2013                [Page 1]

Internet-Draft         Associated Names DNS Record           August 2012


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . . . 3
   2.  Overview  . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
   3.  Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
     3.1.  AN RDATA Format . . . . . . . . . . . . . . . . . . . . . . 3
     3.2.  Client Handling . . . . . . . . . . . . . . . . . . . . . . 4
     3.3.  Publishing  . . . . . . . . . . . . . . . . . . . . . . . . 4
     3.4.  Example Flow  . . . . . . . . . . . . . . . . . . . . . . . 4
   4.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 6
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
   6.  Security Considerations . . . . . . . . . . . . . . . . . . . . 6
     6.1.  Denial of Service . . . . . . . . . . . . . . . . . . . . . 6
   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 6
     7.1.  Normative References  . . . . . . . . . . . . . . . . . . . 6
     7.2.  Informative References  . . . . . . . . . . . . . . . . . . 7
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 7

































Damick                  Expires February 2, 2013                [Page 2]

Internet-Draft         Associated Names DNS Record           August 2012


1.  Introduction

   The current mechanism for determining associated domain names for a
   particular domain name requires multiple queries with interleaved
   asset retrieval.  One example of this occurs in rendering HTML pages
   where the base domain must be queried and then the HTML will be
   retrieved and it will most likely will include references to external
   assets, such as scripts and stylesheets, to be delivered from many
   other domains.  The goal of this record is to allow a list of the
   other domains that will referenced later by another process, such as
   rendering an HTML page, to be published.  By providing the list of
   referenced domains, they may utilized by a resolver to pre-cache
   results, so that when another process needs the results they will
   most likely not incur a network round trip.

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


2.  Overview

   The associated names (AN) resource record (RR) contains a list of any
   domain names that to be associated with this name.


3.  Usage

   The type number for the AN RR is 'TBD'.

3.1.  AN RDATA Format

          RDATA Format for the associated names resource record.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |           QTYPE               |           SERVICE             /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   /                      ASSOCIATED-NAME ...                      /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                                 Figure 1




Damick                  Expires February 2, 2013                [Page 3]

Internet-Draft         Associated Names DNS Record           August 2012


   QTYPE:  The 2 octet TYPE code as defined in [RFC1035] to use for the
         associated-names list.

   SERVICE:  The character-string as defined in [RFC1035] of a symbolic
         name for the desired service, as defined in the IANA On-line
         database of service names [IANA-SERVICE-NAMES].

   ASSOCIATED-NAME:  One or more absolute <domain-name>s as defined in
         [RFC1035] which are each terminated by a label of zero length.

3.2.  Client Handling

   It is RECOMMENDED that clients upon receiving the results of this
   type then query for the domain-names listed in the ASSOCIATED-NAME
   section.  This will allow the client to ensure that the results for
   the domain-names will be populated in the cache of a local resolver
   or recursive resolver.

3.3.  Publishing

   In the example of a web site, it is RECOMMENDED that the content
   owner upon publishing a new version of their site and/or associated
   assets also update [RFC2136] the AN resource record with any added or
   removed associated domain names.

3.4.  Example Flow

   This flow uses the example of a web site again:























Damick                  Expires February 2, 2013                [Page 4]

Internet-Draft         Associated Names DNS Record           August 2012


                           Update (AN RR)
                          www.example.com
                          QTYPE: 1 (A RR)
                          SERVICE: http
            +-----------+ ASSOCIATED-NAMES: +-----+
            | Web Site  | a.uk,b.com,c.com  |     |
            | Publisher |+----------------->| DNS |
            |           |                   |     |
            +-----------+                   +-----+


                        Query (AN RR)
            +--------+ www.example.com   +-----+
            |        |+----------------->|     |
            | Client | Response (AN RR)  | DNS |
            |        |<-----------------+|     |
            +--------+ QTYPE: 1          +-----+
                |      SERVICE: http
                |      AN: a.uk,b.com,c.com
                |
                |
                |         Query (A RR)
              www.example.com,a.uk,b.com,c.com
            +--------+                   +-----+
            |        |+----------------->|     |
            | Client |+----------------->| DNS |
            |        |+----------------->|     |
            |        |------------------>|     |
            +--------+                   +-----+
                |
                |
              .. process & render html and scripts ..
                |
                |
            +--------++-----+   Query (A RR)
            |        |+-----+  a.uk,b.com,c.com
            | Client |+-----+ (answer from stub resolver cache)
            |        |      |
            |        |<-----+
            +--------+


                                 Figure 2








Damick                  Expires February 2, 2013                [Page 5]

Internet-Draft         Associated Names DNS Record           August 2012


4.  Acknowledgements

   Thanks to Edward Lewis and the rest of the UltraDNS team for all of
   their valuable input.


5.  IANA Considerations

   This document requests that the IANA Registry for DNS Resource Record
   Types assigns type 'TBD' to the AN resource record.


6.  Security Considerations

6.1.  Denial of Service

   The DNS servers themselves will not be effected directly by misuse of
   the AN record it is still important to note potential risks to a
   client application.  It is possible for an attacker to create AN
   records of the following types:

   o  Very large list of domain names

   o  Duplicate domain names

   When dealing with these situations it is important for client
   applications to take precautions to prevent abuse of this resource
   record.

   o  Constrain the list of domains to an upper bound, such as: 50

   o  Filter duplicate domain names

   While these are not foolproof methods, it will likely prevent simple
   denial of service attacks.


7.  References

7.1.  Normative References

   [RFC1035]  Mockapetris, P., "Domain names - implementation and
              specification", STD 13, RFC 1035, November 1987.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.





Damick                  Expires February 2, 2013                [Page 6]

Internet-Draft         Associated Names DNS Record           August 2012


7.2.  Informative References

   [I-D.narten-iana-considerations-rfc2434bis]
              Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs",
              draft-narten-iana-considerations-rfc2434bis-09 (work in
              progress), March 2008.

   [IANA-SERVICE-NAMES]
              IANA, "Service Name and Transport Protocol Port Number
              Registry", <http://www.iana.org/assignments/
              service-names-port-numbers/
              service-names-port-numbers.txt>.

   [RFC2136]  Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
              "Dynamic Updates in the Domain Name System (DNS UPDATE)",
              RFC 2136, April 1997.

   [RFC3232]  Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by
              an On-line Database", RFC 3232, January 2002.

   [RFC6335]  Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S.
              Cheshire, "Internet Assigned Numbers Authority (IANA)
              Procedures for the Management of the Service Name and
              Transport Protocol Port Number Registry", BCP 165,
              RFC 6335, August 2011.


Author's Address

   Jeffrey Damick
   Neustar
   46000 Center Oak Plaza
   Sterling, VA  20166
   US

   Email: jeffrey.damick@neustar.biz














Damick                  Expires February 2, 2013                [Page 7]