commit 44f127411237bc39d1f41e54bb2af4cbfa36695e
parent f9e0ef93e4def91c70f9ecf871fe696c235c273e
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 10 Nov 2019 21:16:32 +0100
define VPN records properly
Diffstat:
3 files changed, 82 insertions(+), 28 deletions(-)
diff --git a/draft-schanzen-gns.html b/draft-schanzen-gns.html
@@ -1439,7 +1439,8 @@ caption a[href] {
This is a suggestion to other zones what label to use when creating a
PKEY <a href="#gnsrecords_pkey" class="xref">Section 3.2</a> record containing this zone's
public zone key.
- This record SHOULD only be stored under the empty label "@".
+ This record SHOULD only be stored under the empty label "@" but
+ MAY be returned with record sets under any label.
A NICK DATA entry has the following format:
<a href="#section-3.5-1" class="pilcrow">¶</a></p>
<div id="figure_nickrecord">
@@ -1464,7 +1465,7 @@ caption a[href] {
<dt id="section-3.5-4.1">NICKNAME</dt>
<dd id="section-3.5-4.2">
A UTF-8 string (which is not 0-terminated) representing the preferred
- label of the zone. This string MUST NOT inlcude a "." character.
+ label of the zone. This string MUST NOT include a "." character.
</dd>
</dl>
</section>
@@ -1484,8 +1485,8 @@ caption a[href] {
with. For example, a
TLSA record for "_https._tcp.foo.gnu" will be stored in the record set of
"foo.gnu" as a BOX record with service (SVC) 443 (https) and protocol (PROTO) 6
- (tcp) and record_type "TLSA".
- For reference, see also <span>[<a href="#RFC2782" class="xref">RFC2782</a>]
+ (tcp) and record TYPE "TLSA".
+ For reference, see also <span>[<a href="#RFC2782" class="xref">RFC2782</a>].
A BOX DATA entry has the following format:
</span><a href="#section-3.6-1" class="pilcrow">¶</a></p>
<div id="figure_boxrecord">
@@ -1543,20 +1544,40 @@ caption a[href] {
<pre>
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
- | TODO DNS NAME |
+ | HOSTING PEER PUBLIC KEY |
+ | (256 bits) |
+ | |
+ | |
+ +-----------+-----------------------------------+
+ | PROTO | SERVICE NAME |
+ +-----------+ +
/ /
/ /
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
- | DNS SERVER NAME |
- / TODO /
- / /
- | |
- +-----------------------------------------------+
</pre>
</div>
<figcaption><a href="#figure-9">Figure 9</a></figcaption></figure>
</div>
+<p id="section-3.7-3">
+ where:
+ <a href="#section-3.7-3" class="pilcrow">¶</a></p>
+<dl class="dlParallel" id="section-3.7-4">
+ <dt id="section-3.7-4.1">HOSTING PEER PUBLIC KEY</dt>
+ <dd id="section-3.7-4.2">
+ is a 256-bit EdDSA public key identifying the peer hosting the
+ service.
+ </dd>
+ <dt id="section-3.7-4.3">PROTO</dt>
+ <dd id="section-3.7-4.4">
+ the 16-bit protocol number, e.g. 6 for TCP. In network byte order.
+ </dd>
+ <dt id="section-3.7-4.5">SERVICE NAME</dt>
+ <dd id="section-3.7-4.6">
+ a shared secret used to identify the service at the hosting peer,
+ used to derive the port number requird to connect to the service.
+ </dd>
+ </dl>
</section>
</div>
</section>
diff --git a/draft-schanzen-gns.txt b/draft-schanzen-gns.txt
@@ -342,8 +342,9 @@ Table of Contents
indication on what label this zone prefers to be referred to. This
is a suggestion to other zones what label to use when creating a PKEY
Section 3.2 record containing this zone's public zone key. This
- record SHOULD only be stored under the empty label "@". A NICK DATA
- entry has the following format:
+ record SHOULD only be stored under the empty label "@" but MAY be
+ returned with record sets under any label. A NICK DATA entry has the
+ following format:
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -358,7 +359,7 @@ Table of Contents
where:
NICKNAME A UTF-8 string (which is not 0-terminated) representing the
- preferred label of the zone. This string MUST NOT inlcude
+ preferred label of the zone. This string MUST NOT include
a "." character.
3.6. BOX
@@ -371,8 +372,8 @@ Table of Contents
set of the label they are associated with. For example, a TLSA
record for "_https._tcp.foo.gnu" will be stored in the record set of
"foo.gnu" as a BOX record with service (SVC) 443 (https) and protocol
- (PROTO) 6 (tcp) and record_type "TLSA". For reference, see also
- [RFC2782] A BOX DATA entry has the following format:
+ (PROTO) 6 (tcp) and record TYPE "TLSA". For reference, see also
+ [RFC2782]. A BOX DATA entry has the following format:
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
@@ -406,19 +407,32 @@ Table of Contents
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
- | TODO DNS NAME |
+ | HOSTING PEER PUBLIC KEY |
+ | (256 bits) |
+ | |
+ | |
+ +-----------+-----------------------------------+
+ | PROTO | SERVICE NAME |
+ +-----------+ +
/ /
/ /
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
- | DNS SERVER NAME |
- / TODO /
- / /
- | |
- +-----------------------------------------------+
Figure 9
+ where:
+
+ HOSTING PEER PUBLIC KEY is a 256-bit EdDSA public key identifying
+ the peer hosting the service.
+
+ PROTO the 16-bit protocol number, e.g. 6 for TCP. In network byte
+ order.
+
+ SERVICE NAME a shared secret used to identify the service at the
+ hosting peer, used to derive the port number requird to connect to
+ the service.
+
4. Publishing Records
GNS resource records are published in a distributed hash table (DHT).
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -497,21 +497,40 @@
<artwork name="" type="" align="left" alt=""><![CDATA[
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
- | TODO DNS NAME |
+ | HOSTING PEER PUBLIC KEY |
+ | (256 bits) |
+ | |
+ | |
+ +-----------+-----------------------------------+
+ | PROTO | SERVICE NAME |
+ +-----------+ +
/ /
/ /
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
- | DNS SERVER NAME |
- / TODO /
- / /
- | |
- +-----------------------------------------------+
]]></artwork>
<!-- <postamble>which is a very simple example.</postamble>-->
</figure>
+ <t>
+ where:
+ </t>
+ <dl>
+ <dt>HOSTING PEER PUBLIC KEY</dt>
+ <dd>
+ is a 256-bit EdDSA public key identifying the peer hosting the
+ service.
+ </dd>
+ <dt>PROTO</dt>
+ <dd>
+ the 16-bit protocol number, e.g. 6 for TCP. In network byte order.
+ </dd>
+ <dt>SERVICE NAME</dt>
+ <dd>
+ a shared secret used to identify the service at the hosting peer,
+ used to derive the port number requird to connect to the service.
+ </dd>
+ </dl>
</section>
-
</section>
<section anchor="publish" numbered="true" toc="default">
