Internet Engineering Task Force J. Damick Internet-Draft Neustar Intended status: Standards Track August 1, 2012 Expires: February 2, 2013 Associated Names DNS Record draft-damick-dns-associated-names-record-00 Abstract This document describes a new resource record for the Domain Name System (DNS) protocol. The record introduced will allow associated domain names to be associated with a particular domain name and retrieved in in a single DNS query. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on February 2, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Damick Expires February 2, 2013 [Page 1] Internet-Draft Associated Names DNS Record August 2012 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . . 3 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. AN RDATA Format . . . . . . . . . . . . . . . . . . . . . . 3 3.2. Client Handling . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Publishing . . . . . . . . . . . . . . . . . . . . . . . . 4 3.4. Example Flow . . . . . . . . . . . . . . . . . . . . . . . 4 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 6.1. Denial of Service . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . . 6 7.2. Informative References . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 Damick Expires February 2, 2013 [Page 2] Internet-Draft Associated Names DNS Record August 2012 1. Introduction The current mechanism for determining associated domain names for a particular domain name requires multiple queries with interleaved asset retrieval. One example of this occurs in rendering HTML pages where the base domain must be queried and then the HTML will be retrieved and it will most likely will include references to external assets, such as scripts and stylesheets, to be delivered from many other domains. The goal of this record is to allow a list of the other domains that will referenced later by another process, such as rendering an HTML page, to be published. By providing the list of referenced domains, they may utilized by a resolver to pre-cache results, so that when another process needs the results they will most likely not incur a network round trip. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 2. Overview The associated names (AN) resource record (RR) contains a list of any domain names that to be associated with this name. 3. Usage The type number for the AN RR is 'TBD'. 3.1. AN RDATA Format RDATA Format for the associated names resource record. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | QTYPE | SERVICE / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / / / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / ASSOCIATED-NAME ... / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1 Damick Expires February 2, 2013 [Page 3] Internet-Draft Associated Names DNS Record August 2012 QTYPE: The 2 octet TYPE code as defined in [RFC1035] to use for the associated-names list. SERVICE: The character-string as defined in [RFC1035] of a symbolic name for the desired service, as defined in the IANA On-line database of service names [IANA-SERVICE-NAMES]. ASSOCIATED-NAME: One or more absolute s as defined in [RFC1035] which are each terminated by a label of zero length. 3.2. Client Handling It is RECOMMENDED that clients upon receiving the results of this type then query for the domain-names listed in the ASSOCIATED-NAME section. This will allow the client to ensure that the results for the domain-names will be populated in the cache of a local resolver or recursive resolver. 3.3. Publishing In the example of a web site, it is RECOMMENDED that the content owner upon publishing a new version of their site and/or associated assets also update [RFC2136] the AN resource record with any added or removed associated domain names. 3.4. Example Flow This flow uses the example of a web site again: Damick Expires February 2, 2013 [Page 4] Internet-Draft Associated Names DNS Record August 2012 Update (AN RR) www.example.com QTYPE: 1 (A RR) SERVICE: http +-----------+ ASSOCIATED-NAMES: +-----+ | Web Site | a.uk,b.com,c.com | | | Publisher |+----------------->| DNS | | | | | +-----------+ +-----+ Query (AN RR) +--------+ www.example.com +-----+ | |+----------------->| | | Client | Response (AN RR) | DNS | | |<-----------------+| | +--------+ QTYPE: 1 +-----+ | SERVICE: http | AN: a.uk,b.com,c.com | | | Query (A RR) www.example.com,a.uk,b.com,c.com +--------+ +-----+ | |+----------------->| | | Client |+----------------->| DNS | | |+----------------->| | | |------------------>| | +--------+ +-----+ | | .. process & render html and scripts .. | | +--------++-----+ Query (A RR) | |+-----+ a.uk,b.com,c.com | Client |+-----+ (answer from stub resolver cache) | | | | |<-----+ +--------+ Figure 2 Damick Expires February 2, 2013 [Page 5] Internet-Draft Associated Names DNS Record August 2012 4. Acknowledgements Thanks to Edward Lewis and the rest of the UltraDNS team for all of their valuable input. 5. IANA Considerations This document requests that the IANA Registry for DNS Resource Record Types assigns type 'TBD' to the AN resource record. 6. Security Considerations 6.1. Denial of Service The DNS servers themselves will not be effected directly by misuse of the AN record it is still important to note potential risks to a client application. It is possible for an attacker to create AN records of the following types: o Very large list of domain names o Duplicate domain names When dealing with these situations it is important for client applications to take precautions to prevent abuse of this resource record. o Constrain the list of domains to an upper bound, such as: 50 o Filter duplicate domain names While these are not foolproof methods, it will likely prevent simple denial of service attacks. 7. References 7.1. Normative References [RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Damick Expires February 2, 2013 [Page 6] Internet-Draft Associated Names DNS Record August 2012 7.2. Informative References [I-D.narten-iana-considerations-rfc2434bis] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", draft-narten-iana-considerations-rfc2434bis-09 (work in progress), March 2008. [IANA-SERVICE-NAMES] IANA, "Service Name and Transport Protocol Port Number Registry", . [RFC2136] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound, "Dynamic Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April 1997. [RFC3232] Reynolds, J., "Assigned Numbers: RFC 1700 is Replaced by an On-line Database", RFC 3232, January 2002. [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire, "Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry", BCP 165, RFC 6335, August 2011. Author's Address Jeffrey Damick Neustar 46000 Center Oak Plaza Sterling, VA 20166 US Email: jeffrey.damick@neustar.biz Damick Expires February 2, 2013 [Page 7]