commit 38d7b9f2dfeadac7ab11c104df6c46ac8ed453ab
parent 3ba4a8aacba595d05ef0a364e85746fff587935a
Author: Schanzenbach, Martin <mschanzenbach@posteo.de>
Date: Fri, 4 Oct 2019 16:33:39 +0200
minor changes
Diffstat:
3 files changed, 106 insertions(+), 101 deletions(-)
diff --git a/draft-schanzen-gns.html b/draft-schanzen-gns.html
@@ -1224,17 +1224,18 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
<dl class="dlParallel" id="section-3-4">
<dt id="section-3-4.1">EXPIRATION</dt>
<dd id="section-3-4.2">
- Denotes the absolute expiration date of the record.
+ denotes the absolute 64-bit expiration date of the record.
In microseconds since midnight (0 hour), January 1, 1970 in network
byte order.<a href="#section-3-4.2" class="pilcrow">¶</a>
</dd>
<dt id="section-3-4.3">DATA SIZE</dt>
<dd id="section-3-4.4">
- The size of the DATA field in bytes and in network byte order.<a href="#section-3-4.4" class="pilcrow">¶</a>
+ denotes the 32-bit size of the DATA field in bytes and in network byte
+ order.<a href="#section-3-4.4" class="pilcrow">¶</a>
</dd>
<dt id="section-3-4.5">TYPE</dt>
<dd id="section-3-4.6">
- The resource record type. This type can be one of the GNS resource
+ is the 32-bit resource record type. This type can be one of the GNS resource
records as defined in <a href="#rrecords" class="xref">Section 3</a> or a DNS record
type as defined in <span>[<a href="#RFC1035" class="xref">RFC1035</a>]</span> or any of the
complementary standardized DNS resource record types. This value must be
@@ -1243,11 +1244,12 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
</dd>
<dt id="section-3-4.7">FLAGS</dt>
<dd id="section-3-4.8">
- Resource record flags.<a href="#section-3-4.8" class="pilcrow">¶</a>
+ is a 32-bit resource record flags field (see below).<a href="#section-3-4.8" class="pilcrow">¶</a>
</dd>
<dt id="section-3-4.9">DATA</dt>
<dd id="section-3-4.10">
- The resource record data payload. The contents are defined by the
+ the variable-length resource record data payload. The contents are defined
+ by the
respective type of the resource record.<a href="#section-3-4.10" class="pilcrow">¶</a>
</dd>
</dl>
@@ -1439,21 +1441,21 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
<dl class="dlParallel" id="section-3.4-3">
<dt id="section-3.4-3.1">PROTO</dt>
<dd id="section-3.4-3.2">
- the protocol number, e.g. 6 for tcp. In network byte order.<a href="#section-3.4-3.2" class="pilcrow">¶</a>
+ the 16-bit protocol number, e.g. 6 for tcp. In network byte order.<a href="#section-3.4-3.2" class="pilcrow">¶</a>
</dd>
<dt id="section-3.4-3.3">SVC</dt>
<dd id="section-3.4-3.4">
- the service of the boxed record, i.e. the port number. In network
- byte order.<a href="#section-3.4-3.4" class="pilcrow">¶</a>
+ the 16-bit service value of the boxed record, i.e. the port number.
+ In network byte order.<a href="#section-3.4-3.4" class="pilcrow">¶</a>
</dd>
<dt id="section-3.4-3.5">TYPE</dt>
<dd id="section-3.4-3.6">
- Record type of the boxed record. In network byte order.<a href="#section-3.4-3.6" class="pilcrow">¶</a>
+ is the 32-bit record type of the boxed record. In network byte order.<a href="#section-3.4-3.6" class="pilcrow">¶</a>
</dd>
<dt id="section-3.4-3.7">RECORD DATA</dt>
<dd id="section-3.4-3.8">
- This is the "DATA" format of TYPE as defined for the respective TYPE
- in DNS.<a href="#section-3.4-3.8" class="pilcrow">¶</a>
+ is a variable length field containing the "DATA" format of TYPE as
+ defined for the respective TYPE in DNS.<a href="#section-3.4-3.8" class="pilcrow">¶</a>
</dd>
</dl>
</section>
@@ -1499,26 +1501,26 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
</dd>
<dt id="section-4.1-3.3">h</dt>
<dd id="section-4.1-3.4">
- is the HKDF expansion result. The expansion info is a concatenation of
- the label and string "gns".<a href="#section-4.1-3.4" class="pilcrow">¶</a>
+ is the 512-bit HKDF expansion result. The expansion info input is a
+ concatenation of the label and string "gns".<a href="#section-4.1-3.4" class="pilcrow">¶</a>
</dd>
<dt id="section-4.1-3.5">d</dt>
<dd id="section-4.1-3.6">
- is the private zone key as defined in <a href="#zones" class="xref">Section 2</a>.<a href="#section-4.1-3.6" class="pilcrow">¶</a>
+ is the 256-bit private zone key as defined in <a href="#zones" class="xref">Section 2</a>.<a href="#section-4.1-3.6" class="pilcrow">¶</a>
</dd>
<dt id="section-4.1-3.7">label</dt>
<dd id="section-4.1-3.8">
- under wich the resource records are published.<a href="#section-4.1-3.8" class="pilcrow">¶</a>
+ is a UTF-8 string under wich the resource records are published.<a href="#section-4.1-3.8" class="pilcrow">¶</a>
</dd>
<dt id="section-4.1-3.9">d_h</dt>
<dd id="section-4.1-3.10">
- is a private key derived from the "d" using the
- keying material "h" (512 bit).<a href="#section-4.1-3.10" class="pilcrow">¶</a>
+ is a 256-bit private key derived from the "d" using the
+ keying material "h".<a href="#section-4.1-3.10" class="pilcrow">¶</a>
</dd>
<dt id="section-4.1-3.11">zk_h</dt>
<dd id="section-4.1-3.12">
- is a public key derived from the zone key "zk" using the keying
- material "h" (512 bit).<a href="#section-4.1-3.12" class="pilcrow">¶</a>
+ is a 256-bit public key derived from the zone key "zk" using the
+ keying material "h".<a href="#section-4.1-3.12" class="pilcrow">¶</a>
</dd>
<dt id="section-4.1-3.13">p</dt>
<dd id="section-4.1-3.14">
@@ -1526,7 +1528,8 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
</dd>
<dt id="section-4.1-3.15">q</dt>
<dd id="section-4.1-3.16">
- Is the DHT key under which the resource records block is published.
+ Is the 512-bit DHT key under which the resource records block is
+ published.
It is the SHA512 hash over the public key "zk_h" corresponding to the
derived private key "d_h".<a href="#section-4.1-3.16" class="pilcrow">¶</a>
</dd>
@@ -1588,7 +1591,7 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
</dd>
<dt id="section-4.2-4.3">PUBLIC KEY</dt>
<dd id="section-4.2-4.4">
- The 256-bit ECC public key "zk_h" to be used to verify SIGNATURE. The
+ is the 256-bit public key "zk_h" to be used to verify SIGNATURE. The
wire format of this value is defined in <span>[<a href="#RFC8032" class="xref">RFC8032</a>]</span>,
Section 5.1.5.<a href="#section-4.2-4.4" class="pilcrow">¶</a>
</dd>
@@ -1606,7 +1609,8 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
</dd>
<dt id="section-4.2-4.9">EXPIRATION</dt>
<dd id="section-4.2-4.10">
- The resource records block expiration time. This is the expiration
+ is the 64-bit resource records block expiration time. This is the
+ expiration
time of the resource record contained within this block with the
smallest expiration time.
If a records block includes shadow records, then the *maximum*
@@ -1740,8 +1744,10 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
<dl class="dlParallel" id="section-4.3-12">
<dt id="section-4.3-12.1">RR COUNT</dt>
<dd id="section-4.3-12.2">
- A 32-bit value containing the number of resource records which are
- following in network byte order.<a href="#section-4.3-12.2" class="pilcrow">¶</a>
+ A 32-bit value containing the number of variable-length resource
+ records which are
+ following after this field in network byte order.
+ The resource record format is defined in <a href="#rrecords" class="xref">Section 3</a>.<a href="#section-4.3-12.2" class="pilcrow">¶</a>
</dd>
<dt id="section-4.3-12.3">PADDING</dt>
<dd id="section-4.3-12.4">
@@ -1753,9 +1759,6 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le
other records.<a href="#section-4.3-12.4" class="pilcrow">¶</a>
</dd>
</dl>
-<p id="section-4.3-13">
- is followed by a set of resource records with the respective
- formats defined in <a href="#rrecords" class="xref">Section 3</a>.<a href="#section-4.3-13" class="pilcrow">¶</a></p>
</section>
</section>
</div>
diff --git a/draft-schanzen-gns.txt b/draft-schanzen-gns.txt
@@ -143,24 +143,24 @@ Internet-Draft The GNU Name System July 2019
where:
- EXPIRATION Denotes the absolute expiration date of the record. In
- microseconds since midnight (0 hour), January 1, 1970 in network
- byte order.
+ EXPIRATION denotes the absolute 64-bit expiration date of the
+ record. In microseconds since midnight (0 hour), January 1, 1970
+ in network byte order.
- DATA SIZE The size of the DATA field in bytes and in network byte
- order.
+ DATA SIZE denotes the 32-bit size of the DATA field in bytes and in
+ network byte order.
- TYPE The resource record type. This type can be one of the GNS
- resource records as defined in Section 3 or a DNS record type as
- defined in [RFC1035] or any of the complementary standardized DNS
- resource record types. This value must be stored in network byte
- order. Note that values below 2^16 are reserved for allocation
- via IANA ([RFC6895]).
+ TYPE is the 32-bit resource record type. This type can be one of
+ the GNS resource records as defined in Section 3 or a DNS record
+ type as defined in [RFC1035] or any of the complementary
+ standardized DNS resource record types. This value must be stored
+ in network byte order. Note that values below 2^16 are reserved
+ for allocation via IANA ([RFC6895]).
- FLAGS Resource record flags.
+ FLAGS is a 32-bit resource record flags field (see below).
- DATA The resource record data payload. The contents are defined by
- the respective type of the resource record.
+ DATA the variable-length resource record data payload. The contents
+ are defined by the respective type of the resource record.
@@ -322,14 +322,14 @@ Internet-Draft The GNU Name System July 2019
Figure 6
- PROTO the protocol number, e.g. 6 for tcp. In network byte order.
-
- SVC the service of the boxed record, i.e. the port number. In
- network byte order.
-
- TYPE Record type of the boxed record. In network byte order.
+ PROTO the 16-bit protocol number, e.g. 6 for tcp. In network byte
+ order.
+ SVC the 16-bit service value of the boxed record, i.e. the port
+ number. In network byte order.
+ TYPE is the 32-bit record type of the boxed record. In network byte
+ order.
@@ -338,8 +338,8 @@ Schanzenbach, et al. Expires 24 January 2020 [Page 6]
Internet-Draft The GNU Name System July 2019
- RECORD DATA This is the "DATA" format of TYPE as defined for the
- respective TYPE in DNS.
+ RECORD DATA is a variable length field containing the "DATA" format
+ of TYPE as defined for the respective TYPE in DNS.
4. Publishing records
@@ -366,29 +366,29 @@ Internet-Draft The GNU Name System July 2019
derivation" as salt and the public zone key "zk" as initial keying
material.
- h is the HKDF expansion result. The expansion info is a
- concatenation of the label and string "gns".
+ h is the 512-bit HKDF expansion result. The expansion info input is
+ a concatenation of the label and string "gns".
- d is the private zone key as defined in Section 2.
+ d is the 256-bit private zone key as defined in Section 2.
- label under wich the resource records are published.
+ label is a UTF-8 string under wich the resource records are
+ published.
- d_h is a private key derived from the "d" using the keying material
- "h" (512 bit).
+ d_h is a 256-bit private key derived from the "d" using the keying
+ material "h".
- zk_h is a public key derived from the zone key "zk" using the keying
- material "h" (512 bit).
+ zk_h is a 256-bit public key derived from the zone key "zk" using
+ the keying material "h".
p is the group order as defined in Section 2.
- q Is the DHT key under which the resource records block is
+ q Is the 512-bit DHT key under which the resource records block is
published. It is the SHA512 hash over the public key "zk_h"
corresponding to the derived private key "d_h".
-
Schanzenbach, et al. Expires 24 January 2020 [Page 7]
�
Internet-Draft The GNU Name System July 2019
@@ -435,7 +435,7 @@ Internet-Draft The GNU Name System July 2019
PUBLIC KEY field. The signature is created using the derived
private key "d_h" (see Section 4).
- PUBLIC KEY The 256-bit ECC public key "zk_h" to be used to verify
+ PUBLIC KEY is the 256-bit public key "zk_h" to be used to verify
SIGNATURE. The wire format of this value is defined in [RFC8032],
Section 5.1.5.
@@ -456,14 +456,14 @@ Internet-Draft The GNU Name System July 2019
PURPOSE A 32-bit signature purpose flag. This field MUST be 15 (in
network byte order).
- EXPIRATION The resource records block expiration time. This is the
- expiration time of the resource record contained within this block
- with the smallest expiration time. If a records block includes
- shadow records, then the *maximum* expiration time of all shadow
- records with matching type and the expiration times of the non-
- shadow records is considered. This is a 64-bit absolute date in
- microseconds since midnight (0 hour), January 1, 1970 in network
- byte order.
+ EXPIRATION is the 64-bit resource records block expiration time.
+ This is the expiration time of the resource record contained
+ within this block with the smallest expiration time. If a records
+ block includes shadow records, then the *maximum* expiration time
+ of all shadow records with matching type and the expiration times
+ of the non-shadow records is considered. This is a 64-bit
+ absolute date in microseconds since midnight (0 hour), January 1,
+ 1970 in network byte order.
BDATA The encrypted resource records with a total size of SIZE - 16.
@@ -590,8 +590,9 @@ Internet-Draft The GNU Name System July 2019
where:
- RR COUNT A 32-bit value containing the number of resource records
- which are following in network byte order.
+ RR COUNT A 32-bit value containing the number of variable-length
+ resource records which are following after this field in network
+ byte order. The resource record format is defined in Section 3.
PADDING The padding MUST contain the value 0 in all octets. The
padding MUST ensure that the size of the RDATA is a power of two.
@@ -599,9 +600,6 @@ Internet-Draft The GNU Name System July 2019
are never padded. Note that a record set with a PKEY record MUST
NOT contain other records.
- is followed by a set of resource records with the respective formats
- defined in Section 3.
-
5. Internationalization and Character Encoding
All labels in GNS are encoded in UTF-8 [RFC3629]. This does not
@@ -613,6 +611,8 @@ Internet-Draft The GNU Name System July 2019
+
+
Schanzenbach, et al. Expires 24 January 2020 [Page 11]
�
Internet-Draft The GNU Name System July 2019
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -145,17 +145,18 @@
<dl>
<dt>EXPIRATION</dt>
<dd>
- Denotes the absolute expiration date of the record.
+ denotes the absolute 64-bit expiration date of the record.
In microseconds since midnight (0 hour), January 1, 1970 in network
byte order.
</dd>
<dt>DATA SIZE</dt>
<dd>
- The size of the DATA field in bytes and in network byte order.
+ denotes the 32-bit size of the DATA field in bytes and in network byte
+ order.
</dd>
<dt>TYPE</dt>
<dd>
- The resource record type. This type can be one of the GNS resource
+ is the 32-bit resource record type. This type can be one of the GNS resource
records as defined in <xref target="rrecords" /> or a DNS record
type as defined in <xref target="RFC1035" /> or any of the
complementary standardized DNS resource record types. This value must be
@@ -164,11 +165,12 @@
</dd>
<dt>FLAGS</dt>
<dd>
- Resource record flags.
+ is a 32-bit resource record flags field (see below).
</dd>
<dt>DATA</dt>
<dd>
- The resource record data payload. The contents are defined by the
+ the variable-length resource record data payload. The contents are defined
+ by the
respective type of the resource record.
</dd>
</dl>
@@ -332,21 +334,21 @@
<dl>
<dt>PROTO</dt>
<dd>
- the protocol number, e.g. 6 for tcp. In network byte order.
+ the 16-bit protocol number, e.g. 6 for tcp. In network byte order.
</dd>
<dt>SVC</dt>
<dd>
- the service of the boxed record, i.e. the port number. In network
- byte order.
+ the 16-bit service value of the boxed record, i.e. the port number.
+ In network byte order.
</dd>
<dt>TYPE</dt>
<dd>
- Record type of the boxed record. In network byte order.
+ is the 32-bit record type of the boxed record. In network byte order.
</dd>
<dt>RECORD DATA</dt>
<dd>
- This is the "DATA" format of TYPE as defined for the respective TYPE
- in DNS.
+ is a variable length field containing the "DATA" format of TYPE as
+ defined for the respective TYPE in DNS.
</dd>
</dl>
</section>
@@ -387,26 +389,26 @@
</dd>
<dt>h</dt>
<dd>
- is the HKDF expansion result. The expansion info is a concatenation of
- the label and string "gns".
+ is the 512-bit HKDF expansion result. The expansion info input is a
+ concatenation of the label and string "gns".
</dd>
<dt>d</dt>
<dd>
- is the private zone key as defined in <xref target="zones" />.
+ is the 256-bit private zone key as defined in <xref target="zones" />.
</dd>
<dt>label</dt>
<dd>
- under wich the resource records are published.
+ is a UTF-8 string under wich the resource records are published.
</dd>
<dt>d_h</dt>
<dd>
- is a private key derived from the "d" using the
- keying material "h" (512 bit).
+ is a 256-bit private key derived from the "d" using the
+ keying material "h".
</dd>
<dt>zk_h</dt>
<dd>
- is a public key derived from the zone key "zk" using the keying
- material "h" (512 bit).
+ is a 256-bit public key derived from the zone key "zk" using the
+ keying material "h".
</dd>
<dt>p</dt>
<dd>
@@ -414,7 +416,8 @@
</dd>
<dt>q</dt>
<dd>
- Is the DHT key under which the resource records block is published.
+ Is the 512-bit DHT key under which the resource records block is
+ published.
It is the SHA512 hash over the public key "zk_h" corresponding to the
derived private key "d_h".
</dd>
@@ -469,7 +472,7 @@
</dd>
<dt>PUBLIC KEY</dt>
<dd>
- The 256-bit ECC public key "zk_h" to be used to verify SIGNATURE. The
+ is the 256-bit public key "zk_h" to be used to verify SIGNATURE. The
wire format of this value is defined in <xref target="RFC8032" />,
Section 5.1.5.
</dd>
@@ -487,7 +490,8 @@
</dd>
<dt>EXPIRATION</dt>
<dd>
- The resource records block expiration time. This is the expiration
+ is the 64-bit resource records block expiration time. This is the
+ expiration
time of the resource record contained within this block with the
smallest expiration time.
If a records block includes shadow records, then the *maximum*
@@ -616,8 +620,10 @@
<dl>
<dt>RR COUNT</dt>
<dd>
- A 32-bit value containing the number of resource records which are
- following in network byte order.
+ A 32-bit value containing the number of variable-length resource
+ records which are
+ following after this field in network byte order.
+ The resource record format is defined in <xref target="rrecords" />.
</dd>
<dt>PADDING</dt>
<dd>
@@ -630,10 +636,6 @@
</dd>
</dl>
- <t>
- is followed by a set of resource records with the respective
- formats defined in <xref target="rrecords" />.
- </t>
</section>
</section>
<section anchor="encoding" numbered="true" toc="default">
