Internet DRAFT - draft-fujiwara-dnsop-unclear
draft-fujiwara-dnsop-unclear
DNS Operations(dnsop) K. Fujiwara
Internet-Draft JPRS
Intended status: Informational Oct 27, 2014
Expires: April 30, 2015
Unclear points of DNS protocols
draft-fujiwara-dnsop-unclear-00.txt
Abstract
DNS protocols have some unclear points. DNSSEC clarified some
points. However, there are still some unclear points.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 30, 2015.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Fujiwara Expires April 30, 2015 [Page 1]
Internet-Draft Unclear points of DNS protocols Oct 2014
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Unclear terminology . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Full-resolver . . . . . . . . . . . . . . . . . . . . . . . 3
2.2. Referrals . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Unclear definitions . . . . . . . . . . . . . . . . . . . . . . 3
3.1. Ranking Data . . . . . . . . . . . . . . . . . . . . . . . 4
4. Security considerations . . . . . . . . . . . . . . . . . . . . 4
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4
6. Normative References . . . . . . . . . . . . . . . . . . . . . 4
Fujiwara Expires April 30, 2015 [Page 2]
Internet-Draft Unclear points of DNS protocols Oct 2014
1. Introduction
RFCs prior to RFC 2639 may contain unclear terminologies and unclear
definitions. Especially, RFC 1034, 1035, 1123, 2181 that described
the main part of DNS protocols contain some unclear points and
unclear terminologies. This note tries to describe them. Some parts
may depend on implementations of those days. For example, full-
resolvers have one cache and mix authoritative data and non-
authoritative data.
2. Unclear terminology
2.1. Full-resolver
The 'full-resolver' definition is unclear. [RFC1034] defines
"Resolvers". [RFC1035] uses "full resolver", "Recursive Server" and
"Resolver". [RFC1123] uses "full-service resolvers". [RFC4033] uses
"Security-Aware Recursive Name Server". However, many textbooks and
users use "cache server" or "caching server" as the full-resolver.
Both authoritative server and stub resolver are clearly defined.
2.2. Referrals
The terminology 'referrals' is unclear. Responses of authoritative
servers are categorized into the following categories.
Authoritative: Name Error, No DATA or authoritative data (AA=1)
Referrals: Delegations under the zone. (AA=0, non-authoritative)
Others: Other errors, or unnecessary data
Referrals are important because they specify that there are
delegations to children. A clear definition of 'referrals' is
necessary. [RFC2181] seems to use "Data from the authority section
of a non-authoritative answer" as "Referrals".
RFC 1035 section 2.1 defines "authoritative" data. However,
referrals at zone cuts are not authoritative.
Referrals may be a zone cut NS resource records and their glue.
3. Unclear definitions
Fujiwara Expires April 30, 2015 [Page 3]
Internet-Draft Unclear points of DNS protocols Oct 2014
3.1. Ranking Data
[RFC2181] section 5.4.1 Ranking Data defines the Ranking of received
data. The definition seems to be a mix of a rule to answer to stub
resolvers, a rule to resolve domain names and cache update mechanism.
Recent full-resolvers do not send referrals to stub resolvers. For
example, "Full-resolvers should not send non-authoritative data to
stub resolvers" is one simple rule.
The Ranking Data specifies that Referrals "Data from the authority
section of a non-authoritative answer" is the lowest trustworthiness.
Authoritative servers sometimes respond both the demanded response
and "the authority section of an authoritative answer". Then, the
full-resolver chooses authoritative NS resource records. As a
result, the name resolution will be done by the added authority
section data instead of previously received referrals. This
mechanism caused the ghost domain name problem and may increase
queries to root.
The name resolution is possible even if the Ranking is changed and
the name resolution uses only Referrals and out-of-bailiwick name
resolution.
4. Security considerations
5. IANA Considerations
6. Normative References
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.
[RFC1123] Braden, R., "Requirements for Internet Hosts - Application
and Support", STD 3, RFC 1123, October 1989.
[RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS
Specification", RFC 2181, July 1997.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "DNS Security Introduction and Requirements",
RFC 4033, March 2005.
Fujiwara Expires April 30, 2015 [Page 4]
Internet-Draft Unclear points of DNS protocols Oct 2014
Author's Address
Kazunori Fujiwara
Japan Registry Services Co., Ltd.
Chiyoda First Bldg. East 13F, 3-8-1 Nishi-Kanda
Chiyoda-ku, Tokyo 101-0065
Japan
Phone: +81 3 5215 8451
EMail: fujiwara@jprs.co.jp
Fujiwara Expires April 30, 2015 [Page 5]