| Internet-Draft | DNR & SVCB Registry | October 2023 |
| Wing, et al. | Expires 6 April 2024 | [Page] |
This document updates the DNS Service Bindings (SVCB) IANA registry to indicate which service parameters are applicable to protocols where duplicated information in those parameters can cause interoperability problems. The document also includes guidance for new service parameters to indicate whether they should be conveyed or withheld.¶
This document updates RFC 9460.¶
This note is to be removed before publishing as an RFC.¶
Discussion of this document takes place on the Adaptive DNS Discovery Working Group mailing list (add@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/add/.¶
Source for this draft and an issue tracker can be found at https://github.com/boucadair/dnr-svcb-registry.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 6 April 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
[I-D.ietf-dnsop-svcb-https] established an IANA registry for Service Parameter Keys (SvcParamKeys) [IANA-SVCB]. That registry is leveraged by the Discovery of Network-designated Resolvers (DNR) [I-D.ietf-add-dnr] and IKEv2 for Encrypted DNS [I-D.ietf-ipsecme-add-ike]. However, not all service parameters defined in that registry are eligible for inclusion in those protocols. For example, both [I-D.ietf-add-dnr] and [I-D.ietf-ipsecme-add-ike] specify that "ipv4hint" and "ipv6hint" Service Parameters (SvcParams) must not be included in these protocols because these parameters are superseded by the other parameters of those protocols.¶
Given that future SvcParams may be defined in the future, there is currently no mechanism to tag whether an SvcParam may or must not be included in DNR or IKEv2 for Encrypted DNS. This document fixes that issue by updating the structure of the Service Parameter Keys (SvcParamKeys) registry of the DNS Service Bindings (SVCB) registry group [IANA-SVCB] to maintain the set of service parameters that are applicable to those specifications.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document updates Section 14.3.1 of [I-D.ietf-dnsop-svcb-https] as follows:¶
OLD:¶
A registration MUST include the following fields:¶
Number: wire format numeric identifier (range 0-65535)¶
Name: unique presentation name¶
Meaning: a short description¶
Format Reference: pointer to specification text¶
Change Controller: Person or entity, with contact information if appropriate.¶
NEW:¶
A registration MUST include the following fields:¶
Number: wire format numeric identifier (range 0-65535)¶
Name: unique presentation name¶
Meaning: a short description¶
Applicable to DNR and IKEv2 for Encrypted DNS (Y/N): an indication whether the parameter is included in messages sent by DNR [I-D.ietf-add-dnr] and IKEv2 for Encrypted DNS [I-D.ietf-ipsecme-add-ike].¶
Format Reference: pointer to specification text¶
Change Controller: Person or entity, with contact information if appropriate.¶
This document does not introduce new security considerations other than those discussed in Section 7 of [I-D.ietf-add-dnr], Section 6 of [I-D.ietf-ipsecme-add-ike], and Section 12 of [I-D.ietf-dnsop-svcb-https].¶
This document request IANA to update the Service Parameter Keys (SvcParamKeys) registry of the DNS Service Bindings (SVCB) registry group [IANA-SVCB] as follows:¶
Add a new column entitled "Applicable to DNR and IKEv2 for Encrypted DNS (Y/N)". The new column must be added right after the "Meaning" column.¶
Set "Applicable to DNR and IKEv2 for Ecnrypted DNS" to "Y" for "alpn", "port", and "dohpath", and set to "N" for the other remaining entries.¶
Update the reference of the registry to list the RFC number assigned to this document:¶
TBC.¶