| draft-ietf-dnssd-push-12.txt | draft-ietf-dnssd-push-13.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force T. Pusateri | Internet Engineering Task Force T. Pusateri | |||
| Internet-Draft Seeking affiliation | Internet-Draft Unaffiliated | |||
| Intended status: Standards Track S. Cheshire | Intended status: Standards Track S. Cheshire | |||
| Expires: January 3, 2018 Apple Inc. | Expires: May 2, 2018 Apple Inc. | |||
| July 2, 2017 | October 29, 2017 | |||
| DNS Push Notifications | DNS Push Notifications | |||
| draft-ietf-dnssd-push-12 | draft-ietf-dnssd-push-13 | |||
| Abstract | Abstract | |||
| The Domain Name System (DNS) was designed to return matching records | The Domain Name System (DNS) was designed to return matching records | |||
| efficiently for queries for data that is relatively static. When | efficiently for queries for data that is relatively static. When | |||
| those records change frequently, DNS is still efficient at returning | those records change frequently, DNS is still efficient at returning | |||
| the updated results when polled, as long as the polling rate is not | the updated results when polled, as long as the polling rate is not | |||
| too high. But there exists no mechanism for a client to be | too high. But there exists no mechanism for a client to be | |||
| asynchronously notified when these changes occur. This document | asynchronously notified when these changes occur. This document | |||
| defines a mechanism for a client to be notified of such changes to | defines a mechanism for a client to be notified of such changes to | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 3, 2018. | This Internet-Draft will expire on May 2, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 6, line 9 ¶ | skipping to change at page 6, line 9 ¶ | |||
| "Print" button again when they wake their phone up. | "Print" button again when they wake their phone up. | |||
| A DNS Push Notification client must not routinely keep a DNS Push | A DNS Push Notification client must not routinely keep a DNS Push | |||
| Notification subscription active 24 hours a day, 7 days a week, just | Notification subscription active 24 hours a day, 7 days a week, just | |||
| to keep a list in memory up to date so that if the user does choose | to keep a list in memory up to date so that if the user does choose | |||
| to bring up an on-screen display of that data, it can be displayed | to bring up an on-screen display of that data, it can be displayed | |||
| really fast. DNS Push Notifications are designed to be fast enough | really fast. DNS Push Notifications are designed to be fast enough | |||
| that there is no need to pre-load a "warm" list in memory just in | that there is no need to pre-load a "warm" list in memory just in | |||
| case it might be needed later. | case it might be needed later. | |||
| Generally, as described in the DNS Session Signaling specification | Generally, as described in the DNS Stateful Operations specification | |||
| [SessSig], a client must not keep a connection to a server open | [StatefulOp], a client must not keep a connection to a server open | |||
| indefinitely if it has no subscriptions (or other operations) active | indefinitely if it has no subscriptions (or other operations) active | |||
| on that connection. A client MAY close a connection as soon as it | on that connection. A client MAY close a connection as soon as it | |||
| becomes idle, and then if needed in the future, open a new connection | becomes idle, and then if needed in the future, open a new connection | |||
| when required. Alternatively, a client MAY speculatively keep an | when required. Alternatively, a client MAY speculatively keep an | |||
| idle connection open for some time, subject to the constraint that it | idle connection open for some time, subject to the constraint that it | |||
| MUST NOT keep a connection open that has been idle for more than the | MUST NOT keep a connection open that has been idle for more than the | |||
| session's idle timeout (15 seconds by default). | session's idle timeout (15 seconds by default). | |||
| 4. Transport | 4. Transport | |||
| skipping to change at page 8, line 8 ¶ | skipping to change at page 8, line 8 ¶ | |||
| connections to alternate DNS servers that support DNS Push | connections to alternate DNS servers that support DNS Push | |||
| Notifications for the zone and distribute subscriptions at its | Notifications for the zone and distribute subscriptions at its | |||
| discretion. In this way, both clients and servers can react to | discretion. In this way, both clients and servers can react to | |||
| resource constraints. Token bucket rate limiting schemes are also | resource constraints. Token bucket rate limiting schemes are also | |||
| effective in providing fairness by a server across numerous client | effective in providing fairness by a server across numerous client | |||
| requests. | requests. | |||
| 6. Protocol Operation | 6. Protocol Operation | |||
| The DNS Push Notification protocol is a session-oriented protocol, | The DNS Push Notification protocol is a session-oriented protocol, | |||
| and makes use of DNS Session Signaling [SessSig]. | and makes use of DNS Stateful Operations [StatefulOp]. | |||
| For details of the DNS Session Signaling message format refer to the | For details of the DNS Stateful Operations message format refer to | |||
| DNS Session Signaling specification [SessSig]. Those details are not | the DNS Stateful Operations specification [StatefulOp]. Those | |||
| repeated here. | details are not repeated here. | |||
| DNS Push Notification clients and servers MUST support DNS Session | DNS Push Notification clients and servers MUST support DNS Stateful | |||
| Signaling, but the server SHOULD NOT issue any DNS Session Signaling | Operations, but the server SHOULD NOT issue any DNS Stateful | |||
| operations until after the client has first initiated a DNS Session | Operations messages until after the client has first initiated a DNS | |||
| Signaling operation of its own. A single server can support DNS | Stateful Operation of its own. A single server can support DNS | |||
| Queries, DNS Updates, and DNS Push Notifications (using DNS Session | Queries, DNS Updates, and DNS Push Notifications (using DNS Stateful | |||
| Signaling) on the same TCP port, and until the client has sent at | Operations) on the same TCP port, and until the client has sent at | |||
| least one DNS Session Signaling operation the server does not know | least one DNS Stateful Operations message, the server does not know | |||
| what kind of client has connected to it. Once the client has | what kind of client has connected to it. Once the client has | |||
| indicated willingness to use DNS Session Signaling operations by | indicated willingness to use DNS Stateful Operations by sending one | |||
| sending one of its own, either side of the connection may then | of its own, either side of the connection may then initiate further | |||
| initiate further Session Signaling operations at any time. | Stateful Operations at any time. | |||
| A DNS Push Notification exchange begins with the client discovering | A DNS Push Notification exchange begins with the client discovering | |||
| the appropriate server, using the procedure described in Section 6.1, | the appropriate server, using the procedure described in Section 6.1, | |||
| and then making a TLS/TCP connection to it. | and then making a TLS/TCP connection to it. | |||
| A typical DNS Push Notification client will immediately issue a DNS | A typical DNS Push Notification client will immediately issue a DNS | |||
| Session Signaling Keepalive operation to request a session timeout or | Stateful Operations Keepalive operation to request a session timeout | |||
| keepalive interval longer than the the 15-second defaults, but this | or keepalive interval longer than the the 15-second defaults, but | |||
| is not required. A DNS Push Notification client MAY issue other | this is not required. A DNS Push Notification client MAY issue other | |||
| requests on the connection first, and only issue a DNS Session | requests on the connection first, and only issue a DNS Stateful | |||
| Signaling Keepalive operation later if it determines that to be | Operations Keepalive operation later if it determines that to be | |||
| necessary. | necessary. | |||
| Once the connection is made, the client may then add and remove Push | Once the connection is made, the client may then add and remove Push | |||
| Notification subscriptions. In accordance with the current set of | Notification subscriptions. In accordance with the current set of | |||
| active subscriptions the server sends relevant asynchronous Push | active subscriptions the server sends relevant asynchronous Push | |||
| Notifications to the client. Note that a client MUST be prepared to | Notifications to the client. Note that a client MUST be prepared to | |||
| receive (and silently ignore) Push Notifications for subscriptions it | receive (and silently ignore) Push Notifications for subscriptions it | |||
| has previously removed, since there is no way to prevent the | has previously removed, since there is no way to prevent the | |||
| situation where a Push Notification is in flight from server to | situation where a Push Notification is in flight from server to | |||
| client while the client's UNSUBSCRIBE message cancelling that | client while the client's UNSUBSCRIBE message cancelling that | |||
| skipping to change at page 12, line 12 ¶ | skipping to change at page 12, line 12 ¶ | |||
| discovery process can be completed nearly instantaneously by the | discovery process can be completed nearly instantaneously by the | |||
| client, using only locally-stored cached data. | client, using only locally-stored cached data. | |||
| 6.2. DNS Push Notification SUBSCRIBE | 6.2. DNS Push Notification SUBSCRIBE | |||
| After connecting, and requesting a longer idle timeout and/or | After connecting, and requesting a longer idle timeout and/or | |||
| keepalive interval if necessary, a DNS Push Notification client then | keepalive interval if necessary, a DNS Push Notification client then | |||
| indicates its desire to receive DNS Push Notifications for a given | indicates its desire to receive DNS Push Notifications for a given | |||
| domain name by sending a SUBSCRIBE request over the established TLS | domain name by sending a SUBSCRIBE request over the established TLS | |||
| connection to the server. A SUBSCRIBE request is encoded in a DNS | connection to the server. A SUBSCRIBE request is encoded in a DNS | |||
| Session Signaling [SessSig] message. This specification defines a | Stateful Operations [StatefulOp] message. This specification defines | |||
| DNS Session Signaling TLV for DNS Push Notification SUBSCRIBE | a DNS Stateful Operations TLV for DNS Push Notification SUBSCRIBE | |||
| Requests/Responses (tentatively Session Signaling Type Code 0x40). | Requests/Responses (tentatively Stateful Operations Type Code 0x40). | |||
| The entity that initiates a SUBSCRIBE request is by definition the | The entity that initiates a SUBSCRIBE request is by definition the | |||
| client. A server should not send a SUBSCRIBE request over an | client. A server should not send a SUBSCRIBE request over an | |||
| existing connection from a client. If a server does send a SUBSCRIBE | existing connection from a client. If a server does send a SUBSCRIBE | |||
| request over the connection initiated by a client, it is an error and | request over the connection initiated by a client, it is an error and | |||
| the client should acknowledge the request with the error response | the client should acknowledge the request with the error response | |||
| RCODE NOTAUTH (Not Authoritative). | RCODE NOTAUTH (Not Authoritative). | |||
| 6.2.1. SUBSCRIBE Request | 6.2.1. SUBSCRIBE Request | |||
| A SUBSCRIBE request message begins with the standard DNS Session | A SUBSCRIBE request message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], followed by the SUBSCRIBE TLV. A | Operations 12-byte header [StatefulOp], followed by the SUBSCRIBE | |||
| SUBSCRIBE request message is illustrated below: | TLV. A SUBSCRIBE request message is illustrated below: | |||
| 1 1 1 1 1 1 | 1 1 1 1 1 1 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | MESSAGE ID | | | MESSAGE ID | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| |QR| Opcode | Z | RCODE | | |QR| Opcode | Z | RCODE | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | QDCOUNT (MUST BE ZERO) | | | QDCOUNT (MUST BE ZERO) | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| skipping to change at page 13, line 49 ¶ | skipping to change at page 13, line 49 ¶ | |||
| Figure 1 | Figure 1 | |||
| The MESSAGE ID field MUST be set to a unique value, that the client | The MESSAGE ID field MUST be set to a unique value, that the client | |||
| is not using for any other active operation on this connection. For | is not using for any other active operation on this connection. For | |||
| the purposes here, a MESSAGE ID is in use on this connection if the | the purposes here, a MESSAGE ID is in use on this connection if the | |||
| client has used it in a request for which it has not yet received a | client has used it in a request for which it has not yet received a | |||
| response, or if the client has used it for a subscription which it | response, or if the client has used it for a subscription which it | |||
| has not yet cancelled using UNSUBSCRIBE. In the SUBSCRIBE response | has not yet cancelled using UNSUBSCRIBE. In the SUBSCRIBE response | |||
| the server MUST echo back the MESSAGE ID value unchanged. | the server MUST echo back the MESSAGE ID value unchanged. | |||
| The other header fields MUST be set as described in the DNS Session | The other header fields MUST be set as described in the DNS Stateful | |||
| Signaling specification [SessSig]. The DNS Opcode is the Session | Operations specification [StatefulOp]. The DNS Opcode is the | |||
| Signaling Opcode (tentatively 6). The four count fields MUST be | Stateful Operations Opcode (tentatively 6). The four count fields | |||
| zero, and the corresponding four sections MUST be empty (i.e., | MUST be zero, and the corresponding four sections MUST be empty | |||
| absent). | (i.e., absent). | |||
| The SSOP-TYPE is SUBSCRIBE (tentatively 0x40). The SSOP-LENGTH is | The SSOP-TYPE is SUBSCRIBE (tentatively 0x40). The SSOP-LENGTH is | |||
| the length of the SSOP-DATA that follows, which specifies the name, | the length of the SSOP-DATA that follows, which specifies the name, | |||
| type, and class of the record(s) being sought. | type, and class of the record(s) being sought. | |||
| The SSOP-DATA for a SUBSCRIBE request MUST contain exactly one | The SSOP-DATA for a SUBSCRIBE request MUST contain exactly one | |||
| question. The SSOP-DATA for a SUBSCRIBE request has no QDCOUNT field | question. The SSOP-DATA for a SUBSCRIBE request has no QDCOUNT field | |||
| to specify more than one question. Since SUBSCRIBE requests are sent | to specify more than one question. Since SUBSCRIBE requests are sent | |||
| over TCP, multiple SUBSCRIBE request messages can be concatenated in | over TCP, multiple SUBSCRIBE request messages can be concatenated in | |||
| a single TCP stream and packed efficiently into TCP segments. | a single TCP stream and packed efficiently into TCP segments. | |||
| skipping to change at page 16, line 10 ¶ | skipping to change at page 16, line 10 ¶ | |||
| interpreted to mean "ALL", not "ANY". After accepting a subscription | interpreted to mean "ALL", not "ANY". After accepting a subscription | |||
| where one or both of TYPE or CLASS are 255, the server MUST send Push | where one or both of TYPE or CLASS are 255, the server MUST send Push | |||
| Notification Updates for ALL record changes that match the | Notification Updates for ALL record changes that match the | |||
| subscription, not just some of them. | subscription, not just some of them. | |||
| 6.2.2. SUBSCRIBE Response | 6.2.2. SUBSCRIBE Response | |||
| Each SUBSCRIBE request generates exactly one SUBSCRIBE response from | Each SUBSCRIBE request generates exactly one SUBSCRIBE response from | |||
| the server. | the server. | |||
| A SUBSCRIBE response message begins with the standard DNS Session | A SUBSCRIBE response message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], possibly followed by one or more | Operations 12-byte header [StatefulOp], possibly followed by one or | |||
| optional Modifier TLVs, such as a Retry Delay Modifier TLV. | more optional Modifier TLVs, such as a Retry Delay Modifier TLV. | |||
| The MESSAGE ID field MUST echo the value given in the ID field of the | The MESSAGE ID field MUST echo the value given in the ID field of the | |||
| SUBSCRIBE request. This is how the client knows which request is | SUBSCRIBE request. This is how the client knows which request is | |||
| being responded to. | being responded to. | |||
| A SUBSCRIBE response message MUST NOT contain a Session Signaling | A SUBSCRIBE response message MUST NOT contain a Stateful Operations | |||
| Operation TLV. The Session Signaling Operation TLV is NOT copied | Operation TLV. The Stateful Operations Operation TLV is NOT copied | |||
| from the SUBSCRIBE request. | from the SUBSCRIBE request. | |||
| In the SUBSCRIBE response the RCODE indicates whether or not the | In the SUBSCRIBE response the RCODE indicates whether or not the | |||
| subscription was accepted. Supported RCODEs are as follows: | subscription was accepted. Supported RCODEs are as follows: | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | Mnemonic | Value | Description | | | Mnemonic | Value | Description | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | NOERROR | 0 | SUBSCRIBE successful. | | | NOERROR | 0 | SUBSCRIBE successful. | | |||
| | FORMERR | 1 | Server failed to process request due to a | | | FORMERR | 1 | Server failed to process request due to a | | |||
| | | | malformed request. | | | | | malformed request. | | |||
| | SERVFAIL | 2 | Server failed to process request due to a | | | SERVFAIL | 2 | Server failed to process request due to a | | |||
| | | | problem with the server. | | | | | problem with the server. | | |||
| | NXDOMAIN | 3 | NOT APPLICABLE. DNS Push Notification | | | NXDOMAIN | 3 | NOT APPLICABLE. DNS Push Notification | | |||
| | | | servers MUST NOT return NXDOMAIN errors in | | | | | servers MUST NOT return NXDOMAIN errors in | | |||
| | | | response to SUBSCRIBE requests. | | | | | response to SUBSCRIBE requests. | | |||
| | NOTIMP | 4 | Server does not recognize DNS Session | | | NOTIMP | 4 | Server does not recognize DNS Stateful | | |||
| | | | Signaling Opcode. | | | | | Operations Opcode. | | |||
| | REFUSED | 5 | Server refuses to process request for policy | | | REFUSED | 5 | Server refuses to process request for policy | | |||
| | | | or security reasons. | | | | | or security reasons. | | |||
| | NOTAUTH | 9 | Server is not authoritative for the | | | NOTAUTH | 9 | Server is not authoritative for the | | |||
| | | | requested name. | | | | | requested name. | | |||
| | SSOPNOTIMP | 11 | SUBSCRIBE operation not supported. | | | SSOPNOTIMP | 11 | SUBSCRIBE operation not supported. | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| SUBSCRIBE Response codes | SUBSCRIBE Response codes | |||
| This document specifies only these RCODE values for SUBSCRIBE | This document specifies only these RCODE values for SUBSCRIBE | |||
| skipping to change at page 17, line 13 ¶ | skipping to change at page 17, line 13 ¶ | |||
| value. | value. | |||
| If the server sends a nonzero RCODE in the SUBSCRIBE response, either | If the server sends a nonzero RCODE in the SUBSCRIBE response, either | |||
| the client is (at least partially) misconfigured, the server | the client is (at least partially) misconfigured, the server | |||
| resources are exhausted, or there is some other unknown failure on | resources are exhausted, or there is some other unknown failure on | |||
| the server. In any case, the client shouldn't retry the subscription | the server. In any case, the client shouldn't retry the subscription | |||
| right away. Either end can terminate the connection, but the client | right away. Either end can terminate the connection, but the client | |||
| may want to try this subscription again, or it may have other | may want to try this subscription again, or it may have other | |||
| successful subscriptions that it doesn't want to abandon. If the | successful subscriptions that it doesn't want to abandon. If the | |||
| server sends a nonzero RCODE then it SHOULD append a Retry Delay | server sends a nonzero RCODE then it SHOULD append a Retry Delay | |||
| Modifier TLV [SessSig] to the response specifying a delay before the | Modifier TLV [StatefulOp] to the response specifying a delay before | |||
| client attempts this operation again. Recommended values for the | the client attempts this operation again. Recommended values for the | |||
| delay for different RCODE values are given below: | delay for different RCODE values are given below: | |||
| For RCODE = 1 (FORMERR) the delay may be any value selected by the | For RCODE = 1 (FORMERR) the delay may be any value selected by the | |||
| implementer. A value of five minutes is RECOMMENDED, to reduce | implementer. A value of five minutes is RECOMMENDED, to reduce | |||
| the risk of high load from defective clients. | the risk of high load from defective clients. | |||
| For RCODE = 2 (SERVFAIL) the delay should be chosen according to | For RCODE = 2 (SERVFAIL) the delay should be chosen according to | |||
| the level of server overload and the anticipated duration of that | the level of server overload and the anticipated duration of that | |||
| overload. By default, a value of one minute is RECOMMENDED. If a | overload. By default, a value of one minute is RECOMMENDED. If a | |||
| more serious server failure occurs, the delay may be longer in | more serious server failure occurs, the delay may be longer in | |||
| accordance with the specific problem encountered. | accordance with the specific problem encountered. | |||
| For RCODE = 4 (NOTIMP), which occurs on a server that doesn't | For RCODE = 4 (NOTIMP), which occurs on a server that doesn't | |||
| implement DNS Session Signaling [SessSig], it is unlikely that the | implement DNS Stateful Operations [StatefulOp], it is unlikely | |||
| server will begin supporting DNS Session Signaling in the next few | that the server will begin supporting DNS Stateful Operations in | |||
| minutes, so the retry delay SHOULD be one hour. | the next few minutes, so the retry delay SHOULD be one hour. | |||
| For RCODE = 5 (REFUSED), which occurs on a server that implements | For RCODE = 5 (REFUSED), which occurs on a server that implements | |||
| DNS Push Notifications, but is currently configured to disallow | DNS Push Notifications, but is currently configured to disallow | |||
| DNS Push Notifications, the retry delay may be any value selected | DNS Push Notifications, the retry delay may be any value selected | |||
| by the implementer and/or configured by the operator. | by the implementer and/or configured by the operator. | |||
| This is a misconfiguration, since this server is listed in a | This is a misconfiguration, since this server is listed in a | |||
| "_dns-push-tls._tcp.<zone>" SRV record, but the server itself is | "_dns-push-tls._tcp.<zone>" SRV record, but the server itself is | |||
| not currently configured to support DNS Push Notifications. Since | not currently configured to support DNS Push Notifications. Since | |||
| it is possible that the misconfiguration may be repaired at any | it is possible that the misconfiguration may be repaired at any | |||
| time, the retry delay should not be set too high. By default, a | time, the retry delay should not be set too high. By default, a | |||
| skipping to change at page 18, line 24 ¶ | skipping to change at page 18, line 24 ¶ | |||
| For RCODE = 9 (NOTAUTH), the time delay applies to requests for other | For RCODE = 9 (NOTAUTH), the time delay applies to requests for other | |||
| names falling within the same zone. Requests for names falling | names falling within the same zone. Requests for names falling | |||
| within other zones are not subject to the delay. For all other | within other zones are not subject to the delay. For all other | |||
| RCODEs the time delay applies to all subsequent requests to this | RCODEs the time delay applies to all subsequent requests to this | |||
| server. | server. | |||
| After sending an error response the server MAY allow the connection | After sending an error response the server MAY allow the connection | |||
| to remain open, or MAY send a DNS Push Notification Retry Delay | to remain open, or MAY send a DNS Push Notification Retry Delay | |||
| Operation TLV instructing the client to close the TCP connection, as | Operation TLV instructing the client to close the TCP connection, as | |||
| described in the DNS Session Signaling specification [SessSig]. | described in the DNS Stateful Operations specification [StatefulOp]. | |||
| Clients MUST correctly handle both cases. | Clients MUST correctly handle both cases. | |||
| 6.3. DNS Push Notification Updates | 6.3. DNS Push Notification Updates | |||
| Once a subscription has been successfully established, the server | Once a subscription has been successfully established, the server | |||
| generates PUSH messages to send to the client as appropriate. In the | generates PUSH messages to send to the client as appropriate. In the | |||
| case that the answer set was non-empty at the moment the subscription | case that the answer set was non-empty at the moment the subscription | |||
| was established, an initial PUSH message will be sent immediately | was established, an initial PUSH message will be sent immediately | |||
| following the SUBSCRIBE Response. Subsequent changes to the answer | following the SUBSCRIBE Response. Subsequent changes to the answer | |||
| set are then communicated to the client in subsequent PUSH messages. | set are then communicated to the client in subsequent PUSH messages. | |||
| 6.3.1. PUSH Message | 6.3.1. PUSH Message | |||
| A PUSH message begins with the standard DNS Session Signaling 12-byte | A PUSH message begins with the standard DNS Stateful Operations | |||
| header [SessSig], followed by the PUSH TLV. A PUSH message is | 12-byte header [StatefulOp], followed by the PUSH TLV. A PUSH | |||
| illustrated below: | message is illustrated below: | |||
| 1 1 1 1 1 1 | 1 1 1 1 1 1 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | MESSAGE ID | | | MESSAGE ID | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| |QR| Opcode | Z | RCODE | | |QR| Opcode | Z | RCODE | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | QDCOUNT (MUST BE ZERO) | | | QDCOUNT (MUST BE ZERO) | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| skipping to change at page 21, line 13 ¶ | skipping to change at page 21, line 13 ¶ | |||
| Figure 2 | Figure 2 | |||
| The MESSAGE ID field MUST be set to a unique value, that the server | The MESSAGE ID field MUST be set to a unique value, that the server | |||
| is not currently using for any other active outgoing request that it | is not currently using for any other active outgoing request that it | |||
| has sent on this connection. The MESSAGE ID in the outgoing PUSH | has sent on this connection. The MESSAGE ID in the outgoing PUSH | |||
| message is selected by the server and has no relationship to the | message is selected by the server and has no relationship to the | |||
| MESSAGE ID in any of the client subscriptions it may relate to. In | MESSAGE ID in any of the client subscriptions it may relate to. In | |||
| the PUSH response the client MUST echo back the MESSAGE ID value | the PUSH response the client MUST echo back the MESSAGE ID value | |||
| unchanged. | unchanged. | |||
| The other header fields MUST be set as described in the DNS Session | The other header fields MUST be set as described in the DNS Stateful | |||
| Signaling specification [SessSig]. The DNS Opcode is the Session | Operations specification [StatefulOp]. The DNS Opcode is the | |||
| Signaling Opcode (tentatively 6). The four count fields MUST be | Stateful Operations Opcode (tentatively 6). The four count fields | |||
| zero, and the corresponding four sections MUST be empty (i.e., | MUST be zero, and the corresponding four sections MUST be empty | |||
| absent). | (i.e., absent). | |||
| The SSOP-TYPE is PUSH (tentatively 0x41). The SSOP-LENGTH is the | The SSOP-TYPE is PUSH (tentatively 0x41). The SSOP-LENGTH is the | |||
| length of the SSOP-DATA that follows, which specifies the changes | length of the SSOP-DATA that follows, which specifies the changes | |||
| being communicated. | being communicated. | |||
| The SSOP-DATA contains one or more Update records. A PUSH Message | The SSOP-DATA contains one or more Update records. A PUSH Message | |||
| MUST contain at least one Update record. If a PUSH Message is | MUST contain at least one Update record. If a PUSH Message is | |||
| received that contains no Update records, this is a fatal error, and | received that contains no Update records, this is a fatal error, and | |||
| the receiver MUST immediately terminate the connection with a TCP RST | the receiver MUST immediately terminate the connection with a TCP RST | |||
| (or equivalent for other protocols). The Update records are | (or equivalent for other protocols). The Update records are | |||
| formatted in the customary way for Resource Records in DNS messages | formatted in the customary way for Resource Records in DNS messages | |||
| with the stipulation that DNS name compression is not permitted in | with the stipulation that DNS name compression is not permitted in | |||
| DNS Session Signaling TLVs. Update records in a PUSH Message are | DNS Stateful Operations TLVs. Update records in a PUSH Message are | |||
| interpreted according to the same rules as for DNS Update [RFC2136] | interpreted according to the same rules as for DNS Update [RFC2136] | |||
| messages, namely: | messages, namely: | |||
| Delete all RRsets from a name: | Delete all RRsets from a name: | |||
| TTL=0, CLASS=ANY, RDLENGTH=0, TYPE=ANY. | TTL=0, CLASS=ANY, RDLENGTH=0, TYPE=ANY. | |||
| Delete an RRset from a name: | Delete an RRset from a name: | |||
| TTL=0, CLASS=ANY, RDLENGTH=0; | TTL=0, CLASS=ANY, RDLENGTH=0; | |||
| TYPE specifies the RRset being deleted. | TYPE specifies the RRset being deleted. | |||
| skipping to change at page 23, line 10 ¶ | skipping to change at page 23, line 10 ¶ | |||
| that the record is still there. Once a subscription is cancelled | that the record is still there. Once a subscription is cancelled | |||
| (individually, or as a result of the TCP connection being closed) | (individually, or as a result of the TCP connection being closed) | |||
| record aging resumes and records are removed from the local cache | record aging resumes and records are removed from the local cache | |||
| when their TTL reaches zero. | when their TTL reaches zero. | |||
| 6.3.2. PUSH Response | 6.3.2. PUSH Response | |||
| Each PUSH message generates exactly one PUSH response from the | Each PUSH message generates exactly one PUSH response from the | |||
| receiver. | receiver. | |||
| A PUSH response message begins with the standard DNS Session | A PUSH response message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], possibly followed by one or more | Operations 12-byte header [StatefulOp], possibly followed by one or | |||
| optional Modifier TLVs. | more optional Modifier TLVs. | |||
| The MESSAGE ID field MUST echo the value given in the ID field of the | The MESSAGE ID field MUST echo the value given in the ID field of the | |||
| PUSH message. | PUSH message. | |||
| A PUSH response message MUST NOT contain a Session Signaling | A PUSH response message MUST NOT contain a Stateful Operations | |||
| Operation TLV. The Session Signaling Operation TLV is NOT copied | Operation TLV. The Stateful Operations Operation TLV is NOT copied | |||
| from the PUSH message. | from the PUSH message. | |||
| In a PUSH response the RCODE MUST be zero. Receiving a PUSH response | In a PUSH response the RCODE MUST be zero. Receiving a PUSH response | |||
| with a nonzero RCODE is a fatal error, and the receiver MUST | with a nonzero RCODE is a fatal error, and the receiver MUST | |||
| immediately terminate the connection with a TCP RST (or equivalent | immediately terminate the connection with a TCP RST (or equivalent | |||
| for other protocols). | for other protocols). | |||
| 6.4. DNS Push Notification UNSUBSCRIBE | 6.4. DNS Push Notification UNSUBSCRIBE | |||
| To cancel an individual subscription without closing the entire | To cancel an individual subscription without closing the entire | |||
| connection, the client sends an UNSUBSCRIBE message over the | connection, the client sends an UNSUBSCRIBE message over the | |||
| established TCP connection to the server. The UNSUBSCRIBE message is | established TCP connection to the server. The UNSUBSCRIBE message is | |||
| encoded in a DNS Session Signaling [SessSig] message. This | encoded in a DNS Stateful Operations [StatefulOp] message. This | |||
| specification defines a DNS Session Signaling TLV for DNS Push | specification defines a DNS Stateful Operations TLV for DNS Push | |||
| Notification UNSUBSCRIBE Requests/Responses (tentatively Session | Notification UNSUBSCRIBE Requests/Responses (tentatively Stateful | |||
| Signaling Type Code 0x42). | Operations Type Code 0x42). | |||
| A server MUST NOT initiate an UNSUBSCRIBE request. If a server does | A server MUST NOT initiate an UNSUBSCRIBE request. If a server does | |||
| send a UNSUBSCRIBE request over the connection initiated by a client, | send a UNSUBSCRIBE request over the connection initiated by a client, | |||
| it is an error and the client should acknowledge the request with the | it is an error and the client should acknowledge the request with the | |||
| error response RCODE NOTAUTH (Not Authoritative). | error response RCODE NOTAUTH (Not Authoritative). | |||
| 6.4.1. UNSUBSCRIBE Request | 6.4.1. UNSUBSCRIBE Request | |||
| An UNSUBSCRIBE request message begins with the standard DNS Session | An UNSUBSCRIBE request message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], followed by the UNSUBSCRIBE TLV. | Operations 12-byte header [StatefulOp], followed by the UNSUBSCRIBE | |||
| TLV. | ||||
| 1 1 1 1 1 1 | 1 1 1 1 1 1 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | MESSAGE ID | | | MESSAGE ID | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| |QR| Opcode | Z | RCODE | | |QR| Opcode | Z | RCODE | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | QDCOUNT (MUST BE ZERO) | | | QDCOUNT (MUST BE ZERO) | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| skipping to change at page 27, line 10 ¶ | skipping to change at page 27, line 10 ¶ | |||
| yet unacknowledged SUBSCRIBE request, and the SUBSCRIBE request is | yet unacknowledged SUBSCRIBE request, and the SUBSCRIBE request is | |||
| subsequently unsuccessful for some reason, then when the UNSUBSCRIBE | subsequently unsuccessful for some reason, then when the UNSUBSCRIBE | |||
| request is eventually processed it will be an UNSUBSCRIBE request for | request is eventually processed it will be an UNSUBSCRIBE request for | |||
| a nonexistent subscription, which will result NXDOMAIN response. | a nonexistent subscription, which will result NXDOMAIN response. | |||
| 6.4.2. UNSUBSCRIBE Response | 6.4.2. UNSUBSCRIBE Response | |||
| Each UNSUBSCRIBE request generates exactly one UNSUBSCRIBE response | Each UNSUBSCRIBE request generates exactly one UNSUBSCRIBE response | |||
| from the server. | from the server. | |||
| An UNSUBSCRIBE response message begins with the standard DNS Session | An UNSUBSCRIBE response message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], possibly followed by one or more | Operations 12-byte header [StatefulOp], possibly followed by one or | |||
| optional Modifier TLVs, such as a Retry Delay Modifier TLV. | more optional Modifier TLVs, such as a Retry Delay Modifier TLV. | |||
| The MESSAGE ID field MUST echo the value given in the ID field of the | The MESSAGE ID field MUST echo the value given in the ID field of the | |||
| UNSUBSCRIBE request. This is how the client knows which request is | UNSUBSCRIBE request. This is how the client knows which request is | |||
| being responded to. | being responded to. | |||
| An UNSUBSCRIBE response message MUST NOT contain a Session Signaling | An UNSUBSCRIBE response message MUST NOT contain a Stateful | |||
| Operation TLV. The Session Signaling Operation TLV is NOT copied | Operations Operation TLV. The Stateful Operations Operation TLV is | |||
| from the UNSUBSCRIBE request. | NOT copied from the UNSUBSCRIBE request. | |||
| In the UNSUBSCRIBE response the RCODE indicates whether or not the | In the UNSUBSCRIBE response the RCODE indicates whether or not the | |||
| unsubscribe request was successful. Supported RCODEs are as follows: | unsubscribe request was successful. Supported RCODEs are as follows: | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | Mnemonic | Value | Description | | | Mnemonic | Value | Description | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | NOERROR | 0 | UNSUBSCRIBE successful. | | | NOERROR | 0 | UNSUBSCRIBE successful. | | |||
| | FORMERR | 1 | Server failed to process request due to a | | | FORMERR | 1 | Server failed to process request due to a | | |||
| | | | malformed request. | | | | | malformed request. | | |||
| | NXDOMAIN | 3 | Specified subscription does not exist. | | | NXDOMAIN | 3 | Specified subscription does not exist. | | |||
| | NOTIMP | 4 | Server does not recognize DNS Session | | | NOTIMP | 4 | Server does not recognize DNS Stateful | | |||
| | | | Signaling Opcode. | | | | | Operations Opcode. | | |||
| | SSOPNOTIMP | 11 | UNSUBSCRIBE operation not supported. | | | SSOPNOTIMP | 11 | UNSUBSCRIBE operation not supported. | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| UNSUBSCRIBE Response codes | UNSUBSCRIBE Response codes | |||
| This document specifies only these RCODE values for UNSUBSCRIBE | This document specifies only these RCODE values for UNSUBSCRIBE | |||
| Responses. Servers sending UNSUBSCRIBE Responses SHOULD use one of | Responses. Servers sending UNSUBSCRIBE Responses SHOULD use one of | |||
| these values. However, future circumstances may create situations | these values. However, future circumstances may create situations | |||
| where other RCODE values are appropriate in UNSUBSCRIBE Responses, so | where other RCODE values are appropriate in UNSUBSCRIBE Responses, so | |||
| clients MUST be prepared to accept UNSUBSCRIBE Responses with any | clients MUST be prepared to accept UNSUBSCRIBE Responses with any | |||
| skipping to change at page 28, line 14 ¶ | skipping to change at page 28, line 14 ¶ | |||
| Nonzero RCODE values signal some kind of error. | Nonzero RCODE values signal some kind of error. | |||
| RCODE value FORMERR indicates a message format error. | RCODE value FORMERR indicates a message format error. | |||
| RCODE value NXDOMAIN indicates a MESSAGE ID that does not correspond | RCODE value NXDOMAIN indicates a MESSAGE ID that does not correspond | |||
| to any active subscription. | to any active subscription. | |||
| RCODE values NOTIMP and SSOPNOTIMP should not occur in practice. | RCODE values NOTIMP and SSOPNOTIMP should not occur in practice. | |||
| A server would only generate NOTIMP if it did not support Session | A server would only generate NOTIMP if it did not support Stateful | |||
| Signaling, and if the server does not support Session Signaling then | Operations, and if the server does not support Stateful Operations | |||
| it should not be possible for a client to have an active subscription | then it should not be possible for a client to have an active | |||
| to cancel. | subscription to cancel. | |||
| Similarly, a server would only generate SSOPNOTIMP if it did not | Similarly, a server would only generate SSOPNOTIMP if it did not | |||
| support Push Notifications, and if the server does not support Push | support Push Notifications, and if the server does not support Push | |||
| Notifications then it should not be possible for a client to have an | Notifications then it should not be possible for a client to have an | |||
| active subscription to cancel. | active subscription to cancel. | |||
| Nonzero RCODE values other than NXDOMAIN indicate a serious problem | Nonzero RCODE values other than NXDOMAIN indicate a serious problem | |||
| with the client. After sending an error response other than | with the client. After sending an error response other than | |||
| NXDOMAIN, the server SHOULD send a DNS Session Signaling Retry Delay | NXDOMAIN, the server SHOULD send a DNS Stateful Operations Retry | |||
| Operation TLV and then close the TCP connection, as described in the | Delay Operation TLV and then close the TCP connection, as described | |||
| DNS Session Signaling specification [SessSig]. | in the DNS Stateful Operations specification [StatefulOp]. | |||
| 6.5. DNS Push Notification RECONFIRM | 6.5. DNS Push Notification RECONFIRM | |||
| Sometimes, particularly when used with a Discovery Proxy [DisProx], a | Sometimes, particularly when used with a Discovery Proxy [DisProx], a | |||
| DNS Zone may contain stale data. When a client encounters data that | DNS Zone may contain stale data. When a client encounters data that | |||
| it believe may be stale (e.g., an SRV record referencing a target | it believe may be stale (e.g., an SRV record referencing a target | |||
| host+port that is not responding to connection requests) the client | host+port that is not responding to connection requests) the client | |||
| can send a RECONFIRM request to ask the server to re-verify that the | can send a RECONFIRM request to ask the server to re-verify that the | |||
| data is still valid. For a Discovery Proxy, this causes it to issue | data is still valid. For a Discovery Proxy, this causes it to issue | |||
| new Multicast DNS requests to ascertain whether the target device is | new Multicast DNS requests to ascertain whether the target device is | |||
| skipping to change at page 30, line 7 ¶ | skipping to change at page 30, line 7 ¶ | |||
| If, after receiving a valid RECONFIRM request, the server determines | If, after receiving a valid RECONFIRM request, the server determines | |||
| that the disputed records are in fact no longer valid, then | that the disputed records are in fact no longer valid, then | |||
| subsequent DNS PUSH Messages will be generated to inform interested | subsequent DNS PUSH Messages will be generated to inform interested | |||
| clients. Thus, one client discovering that a previously-advertised | clients. Thus, one client discovering that a previously-advertised | |||
| device (like a network printer) is no longer present has the side | device (like a network printer) is no longer present has the side | |||
| effect of informing all other interested clients that the device in | effect of informing all other interested clients that the device in | |||
| question is now gone. | question is now gone. | |||
| 6.5.1. RECONFIRM Request | 6.5.1. RECONFIRM Request | |||
| A RECONFIRM request message begins with the standard DNS Session | A RECONFIRM request message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], followed by the RECONFIRM TLV. A | Operations 12-byte header [StatefulOp], followed by the RECONFIRM | |||
| RECONFIRM request message is illustrated below: | TLV. A RECONFIRM request message is illustrated below: | |||
| 1 1 1 1 1 1 | 1 1 1 1 1 1 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | MESSAGE ID | | | MESSAGE ID | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| |QR| Opcode | Z | RCODE | | |QR| Opcode | Z | RCODE | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| | QDCOUNT (MUST BE ZERO) | | | QDCOUNT (MUST BE ZERO) | | |||
| +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | |||
| skipping to change at page 30, line 51 ¶ | skipping to change at page 30, line 51 ¶ | |||
| Figure 4 | Figure 4 | |||
| The MESSAGE ID field MUST be set to a unique value, that the client | The MESSAGE ID field MUST be set to a unique value, that the client | |||
| is not using for any other active operation on this connection. For | is not using for any other active operation on this connection. For | |||
| the purposes here, a MESSAGE ID is in use on this connection if the | the purposes here, a MESSAGE ID is in use on this connection if the | |||
| client has used it in a request for which it has not yet received a | client has used it in a request for which it has not yet received a | |||
| response, or if the client has used it for a subscription which it | response, or if the client has used it for a subscription which it | |||
| has not yet cancelled using UNSUBSCRIBE. In the RECONFIRM response | has not yet cancelled using UNSUBSCRIBE. In the RECONFIRM response | |||
| the server MUST echo back the MESSAGE ID value unchanged. | the server MUST echo back the MESSAGE ID value unchanged. | |||
| The other header fields MUST be set as described in the DNS Session | The other header fields MUST be set as described in the DNS Stateful | |||
| Signaling specification [SessSig]. The DNS Opcode is the Session | Operations specification [StatefulOp]. The DNS Opcode is the | |||
| Signaling Opcode (tentatively 6). The four count fields MUST be | Stateful Operations Opcode (tentatively 6). The four count fields | |||
| zero, and the corresponding four sections MUST be empty (i.e., | MUST be zero, and the corresponding four sections MUST be empty | |||
| absent). | (i.e., absent). | |||
| The SSOP-TYPE is RECONFIRM (tentatively 0x43). The SSOP-LENGTH is | The SSOP-TYPE is RECONFIRM (tentatively 0x43). The SSOP-LENGTH is | |||
| the length of the data that follows, which specifies the name, type, | the length of the data that follows, which specifies the name, type, | |||
| class, and content of the record being disputed. | class, and content of the record being disputed. | |||
| The SSOP-DATA for a RECONFIRM request MUST contain exactly one | The SSOP-DATA for a RECONFIRM request MUST contain exactly one | |||
| record. The SSOP-DATA for a RECONFIRM request has no count field to | record. The SSOP-DATA for a RECONFIRM request has no count field to | |||
| specify more than one record. Since RECONFIRM requests are sent over | specify more than one record. Since RECONFIRM requests are sent over | |||
| TCP, multiple RECONFIRM request messages can be concatenated in a | TCP, multiple RECONFIRM request messages can be concatenated in a | |||
| single TCP stream and packed efficiently into TCP segments. | single TCP stream and packed efficiently into TCP segments. | |||
| skipping to change at page 32, line 10 ¶ | skipping to change at page 32, line 10 ¶ | |||
| the zone, and nothing else. | the zone, and nothing else. | |||
| Aliasing is not supported. That is, a CNAME in a RECONFIRM message | Aliasing is not supported. That is, a CNAME in a RECONFIRM message | |||
| matches only a literal CNAME record in the zone, and nothing else. | matches only a literal CNAME record in the zone, and nothing else. | |||
| 6.5.2. RECONFIRM Response | 6.5.2. RECONFIRM Response | |||
| Each RECONFIRM request generates exactly one RECONFIRM response from | Each RECONFIRM request generates exactly one RECONFIRM response from | |||
| the server. | the server. | |||
| A RECONFIRM response message begins with the standard DNS Session | A RECONFIRM response message begins with the standard DNS Stateful | |||
| Signaling 12-byte header [SessSig], possibly followed by one or more | Operations 12-byte header [StatefulOp], possibly followed by one or | |||
| optional Modifier TLVs, such as a Retry Delay Modifier TLV. | more optional Modifier TLVs, such as a Retry Delay Modifier TLV. | |||
| The MESSAGE ID field MUST echo the value given in the ID field of the | The MESSAGE ID field MUST echo the value given in the ID field of the | |||
| RECONFIRM request. This is how the client knows which request is | RECONFIRM request. This is how the client knows which request is | |||
| being responded to. | being responded to. | |||
| A RECONFIRM response message MUST NOT contain a Session Signaling | A RECONFIRM response message MUST NOT contain a Stateful Operations | |||
| Operation TLV. The Session Signaling Operation TLV is NOT copied | Operation TLV. The Stateful Operations Operation TLV is NOT copied | |||
| from the RECONFIRM request. | from the RECONFIRM request. | |||
| In the RECONFIRM response the RCODE confirms receipt of the | In the RECONFIRM response the RCODE confirms receipt of the | |||
| reconfirmation request. Supported RCODEs are as follows: | reconfirmation request. Supported RCODEs are as follows: | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | Mnemonic | Value | Description | | | Mnemonic | Value | Description | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| | NOERROR | 0 | RECONFIRM accepted. | | | NOERROR | 0 | RECONFIRM accepted. | | |||
| | FORMERR | 1 | Server failed to process request due to a | | | FORMERR | 1 | Server failed to process request due to a | | |||
| | | | malformed request. | | | | | malformed request. | | |||
| | SERVFAIL | 2 | Server failed to process request due to a | | | SERVFAIL | 2 | Server failed to process request due to a | | |||
| | | | problem with the server. | | | | | problem with the server. | | |||
| | NXDOMAIN | 3 | NOT APPLICABLE. DNS Push Notification | | | NXDOMAIN | 3 | NOT APPLICABLE. DNS Push Notification | | |||
| | | | servers MUST NOT return NXDOMAIN errors in | | | | | servers MUST NOT return NXDOMAIN errors in | | |||
| | | | response to RECONFIRM requests. | | | | | response to RECONFIRM requests. | | |||
| | NOTIMP | 4 | Server does not recognize DNS Session | | | NOTIMP | 4 | Server does not recognize DNS Stateful | | |||
| | | | Signaling Opcode. | | | | | Operations Opcode. | | |||
| | REFUSED | 5 | Server refuses to process request for policy | | | REFUSED | 5 | Server refuses to process request for policy | | |||
| | | | or security reasons. | | | | | or security reasons. | | |||
| | NOTAUTH | 9 | Server is not authoritative for the | | | NOTAUTH | 9 | Server is not authoritative for the | | |||
| | | | requested name. | | | | | requested name. | | |||
| | SSOPNOTIMP | 11 | RECONFIRM operation not supported. | | | SSOPNOTIMP | 11 | RECONFIRM operation not supported. | | |||
| +------------+-------+----------------------------------------------+ | +------------+-------+----------------------------------------------+ | |||
| RECONFIRM Response codes | RECONFIRM Response codes | |||
| This document specifies only these RCODE values for RECONFIRM | This document specifies only these RCODE values for RECONFIRM | |||
| skipping to change at page 33, line 14 ¶ | skipping to change at page 33, line 14 ¶ | |||
| Nonzero RCODE values signal some kind of error. | Nonzero RCODE values signal some kind of error. | |||
| RCODE value FORMERR indicates a message format error, for example | RCODE value FORMERR indicates a message format error, for example | |||
| TYPE or CLASS being ANY (255). | TYPE or CLASS being ANY (255). | |||
| RCODE value SERVFAIL indicates that the server has exhausted its | RCODE value SERVFAIL indicates that the server has exhausted its | |||
| resources or other serious problem occurred. | resources or other serious problem occurred. | |||
| RCODE values NOTIMP indicates that the server does not support | RCODE values NOTIMP indicates that the server does not support | |||
| Session Signaling, and Session Signaling is required for RECONFIRM | Stateful Operations, and Stateful Operations is required for | |||
| requests. | RECONFIRM requests. | |||
| RCODE value REFUSED indicates that the server supports RECONFIRM | RCODE value REFUSED indicates that the server supports RECONFIRM | |||
| requests but is currently not configured to accept them from this | requests but is currently not configured to accept them from this | |||
| client. | client. | |||
| RCODE value NOTAUTH indicates that the server is not authoritative | RCODE value NOTAUTH indicates that the server is not authoritative | |||
| for the requested name, and can do nothing to remedy the apparent | for the requested name, and can do nothing to remedy the apparent | |||
| error. Note that there may be future cases in which a server is able | error. Note that there may be future cases in which a server is able | |||
| to pass on the RECONFIRM request to the ultimate source of the | to pass on the RECONFIRM request to the ultimate source of the | |||
| information, and in these cases the server should return NOERROR. | information, and in these cases the server should return NOERROR. | |||
| RCODE value SSOPNOTIMP indicates that the server does not support | RCODE value SSOPNOTIMP indicates that the server does not support | |||
| RECONFIRM requests. | RECONFIRM requests. | |||
| Nonzero RCODE values SERVFAIL, REFUSED and SSOPNOTIMP are benign from | Nonzero RCODE values SERVFAIL, REFUSED and SSOPNOTIMP are benign from | |||
| the client's point of view. The client may log them to aid in | the client's point of view. The client may log them to aid in | |||
| debugging, but otherwise they require no special action. | debugging, but otherwise they require no special action. | |||
| Nonzero RCODE values other than these three indicate a serious | Nonzero RCODE values other than these three indicate a serious | |||
| problem with the client. After sending an error response other than | problem with the client. After sending an error response other than | |||
| one of these three, the server SHOULD send a DNS Session Signaling | one of these three, the server SHOULD send a DNS Stateful Operations | |||
| Retry Delay Operation TLV and then close the TCP connection, as | Retry Delay Operation TLV and then close the TCP connection, as | |||
| described in the DNS Session Signaling specification [SessSig]. | described in the DNS Stateful Operations specification [StatefulOp]. | |||
| 6.6. Client-Initiated Termination | 6.6. Client-Initiated Termination | |||
| An individual subscription is terminated by sending an UNSUBSCRIBE | An individual subscription is terminated by sending an UNSUBSCRIBE | |||
| TLV for that specific subscription, or all subscriptions can be | TLV for that specific subscription, or all subscriptions can be | |||
| cancelled at once by the client closing the connection. When a | cancelled at once by the client closing the connection. When a | |||
| client terminates an individual subscription (via UNSUBSCRIBE) or all | client terminates an individual subscription (via UNSUBSCRIBE) or all | |||
| subscriptions on that connection (by closing the connection) it is | subscriptions on that connection (by closing the connection) it is | |||
| signaling to the server that it is longer interested in receiving | signaling to the server that it is longer interested in receiving | |||
| those particular updates. It is informing the server that the server | those particular updates. It is informing the server that the server | |||
| may release any state information it has been keeping with regards to | may release any state information it has been keeping with regards to | |||
| these particular subscriptions. | these particular subscriptions. | |||
| After terminating its last subscription on a connection via | After terminating its last subscription on a connection via | |||
| UNSUBSCRIBE, a client MAY close the connection immediately, or it may | UNSUBSCRIBE, a client MAY close the connection immediately, or it may | |||
| keep it open if it anticipates performing further operations on that | keep it open if it anticipates performing further operations on that | |||
| connection in the future. If a client wishes to keep an idle | connection in the future. If a client wishes to keep an idle | |||
| connection open, it MUST respect the maximum idle time required by | connection open, it MUST respect the maximum idle time required by | |||
| the server [SessSig]. | the server [StatefulOp]. | |||
| If a client plans to terminate one or more subscriptions on a | If a client plans to terminate one or more subscriptions on a | |||
| connection and doesn't intend to keep that connection open, then as | connection and doesn't intend to keep that connection open, then as | |||
| an efficiency optimization it MAY instead choose to simply close the | an efficiency optimization it MAY instead choose to simply close the | |||
| connection, which implicitly terminates all subscriptions on that | connection, which implicitly terminates all subscriptions on that | |||
| connection. This may occur because the client computer is being shut | connection. This may occur because the client computer is being shut | |||
| down, is going to sleep, the application requiring the subscriptions | down, is going to sleep, the application requiring the subscriptions | |||
| has terminated, or simply because the last active subscription on | has terminated, or simply because the last active subscription on | |||
| that connection has been cancelled. | that connection has been cancelled. | |||
| skipping to change at page 36, line 49 ¶ | skipping to change at page 36, line 49 ¶ | |||
| up more quickly, but the client will still have to recreate any | up more quickly, but the client will still have to recreate any | |||
| desired subscriptions. | desired subscriptions. | |||
| 8. IANA Considerations | 8. IANA Considerations | |||
| This document defines the service name: "_dns-push-tls._tcp". | This document defines the service name: "_dns-push-tls._tcp". | |||
| It is only applicable for the TCP protocol. | It is only applicable for the TCP protocol. | |||
| This name is to be published in the IANA Service Name Registry | This name is to be published in the IANA Service Name Registry | |||
| [RFC6335][SN]. | [RFC6335][SN]. | |||
| This document defines four DNS Session Signaling TLV types: SUBSCRIBE | This document defines four DNS Stateful Operations TLV types: | |||
| with (tentative) value 0x40 (64), PUSH with (tentative) value 0x41 | SUBSCRIBE with (tentative) value 0x40 (64), PUSH with (tentative) | |||
| (65), UNSUBSCRIBE with (tentative) value 0x42 (66), and RECONFIRM | value 0x41 (65), UNSUBSCRIBE with (tentative) value 0x42 (66), and | |||
| with (tentative) value 0x43 (67). | RECONFIRM with (tentative) value 0x43 (67). | |||
| 9. Acknowledgements | 9. Acknowledgements | |||
| The authors would like to thank Kiren Sekar and Marc Krochmal for | The authors would like to thank Kiren Sekar and Marc Krochmal for | |||
| previous work completed in this field. | previous work completed in this field. | |||
| This draft has been improved due to comments from Ran Atkinson, Tim | This draft has been improved due to comments from Ran Atkinson, Tim | |||
| Chown, Mark Delany, Ralph Droms, Bernie Volz, Jan Komissar, Manju | Chown, Mark Delany, Ralph Droms, Bernie Volz, Jan Komissar, Manju | |||
| Shankar Rao, Markus Stenberg, Dave Thaler, Soraia Zlatkovic, Sara | Shankar Rao, Markus Stenberg, Dave Thaler, Soraia Zlatkovic, Sara | |||
| Dickinson, and Andrew Sullivan. | Dickinson, and Andrew Sullivan. | |||
| 10. References | 10. References | |||
| 10.1. Normative References | 10.1. Normative References | |||
| [I-D.ietf-tls-tls13] | [I-D.ietf-tls-tls13] | |||
| Rescorla, E., "The Transport Layer Security (TLS) Protocol | Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", draft-ietf-tls-tls13-20 (work in progress), | Version 1.3", draft-ietf-tls-tls13-21 (work in progress), | |||
| April 2017. | July 2017. | |||
| [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, | [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, | |||
| DOI 10.17487/RFC0768, August 1980, | DOI 10.17487/RFC0768, August 1980, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc768>. | editor.org/info/rfc768>. | |||
| [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, | [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, | |||
| RFC 793, DOI 10.17487/RFC0793, September 1981, | RFC 793, DOI 10.17487/RFC0793, September 1981, | |||
| <http://www.rfc-editor.org/info/rfc793>. | <https://www.rfc-editor.org/info/rfc793>. | |||
| [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", | [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", | |||
| STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, | STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, | |||
| <http://www.rfc-editor.org/info/rfc1034>. | <https://www.rfc-editor.org/info/rfc1034>. | |||
| [RFC1035] Mockapetris, P., "Domain names - implementation and | [RFC1035] Mockapetris, P., "Domain names - implementation and | |||
| specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, | specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, | |||
| November 1987, <http://www.rfc-editor.org/info/rfc1035>. | November 1987, <https://www.rfc-editor.org/info/rfc1035>. | |||
| [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts - | [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts - | |||
| Application and Support", STD 3, RFC 1123, | Application and Support", STD 3, RFC 1123, | |||
| DOI 10.17487/RFC1123, October 1989, | DOI 10.17487/RFC1123, October 1989, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc1123>. | editor.org/info/rfc1123>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc2119>. | editor.org/info/rfc2119>. | |||
| [RFC2136] Vixie, P., Ed., Thomson, S., Rekhter, Y., and J. Bound, | [RFC2136] Vixie, P., Ed., Thomson, S., Rekhter, Y., and J. Bound, | |||
| "Dynamic Updates in the Domain Name System (DNS UPDATE)", | "Dynamic Updates in the Domain Name System (DNS UPDATE)", | |||
| RFC 2136, DOI 10.17487/RFC2136, April 1997, | RFC 2136, DOI 10.17487/RFC2136, April 1997, | |||
| <http://www.rfc-editor.org/info/rfc2136>. | <https://www.rfc-editor.org/info/rfc2136>. | |||
| [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for | [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for | |||
| specifying the location of services (DNS SRV)", RFC 2782, | specifying the location of services (DNS SRV)", RFC 2782, | |||
| DOI 10.17487/RFC2782, February 2000, | DOI 10.17487/RFC2782, February 2000, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc2782>. | editor.org/info/rfc2782>. | |||
| [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security | [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security | |||
| (TLS) Protocol Version 1.2", RFC 5246, | (TLS) Protocol Version 1.2", RFC 5246, | |||
| DOI 10.17487/RFC5246, August 2008, | DOI 10.17487/RFC5246, August 2008, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc5246>. | editor.org/info/rfc5246>. | |||
| [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) | [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS) | |||
| Extensions: Extension Definitions", RFC 6066, | Extensions: Extension Definitions", RFC 6066, | |||
| DOI 10.17487/RFC6066, January 2011, | DOI 10.17487/RFC6066, January 2011, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc6066>. | editor.org/info/rfc6066>. | |||
| [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. | [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. | |||
| Cheshire, "Internet Assigned Numbers Authority (IANA) | Cheshire, "Internet Assigned Numbers Authority (IANA) | |||
| Procedures for the Management of the Service Name and | Procedures for the Management of the Service Name and | |||
| Transport Protocol Port Number Registry", BCP 165, | Transport Protocol Port Number Registry", BCP 165, | |||
| RFC 6335, DOI 10.17487/RFC6335, August 2011, | RFC 6335, DOI 10.17487/RFC6335, August 2011, | |||
| <http://www.rfc-editor.org/info/rfc6335>. | <https://www.rfc-editor.org/info/rfc6335>. | |||
| [RFC6895] Eastlake 3rd, D., "Domain Name System (DNS) IANA | [RFC6895] Eastlake 3rd, D., "Domain Name System (DNS) IANA | |||
| Considerations", BCP 42, RFC 6895, DOI 10.17487/RFC6895, | Considerations", BCP 42, RFC 6895, DOI 10.17487/RFC6895, | |||
| April 2013, <http://www.rfc-editor.org/info/rfc6895>. | April 2013, <https://www.rfc-editor.org/info/rfc6895>. | |||
| [RFC7673] Finch, T., Miller, M., and P. Saint-Andre, "Using DNS- | [RFC7673] Finch, T., Miller, M., and P. Saint-Andre, "Using DNS- | |||
| Based Authentication of Named Entities (DANE) TLSA Records | Based Authentication of Named Entities (DANE) TLSA Records | |||
| with SRV Records", RFC 7673, DOI 10.17487/RFC7673, October | with SRV Records", RFC 7673, DOI 10.17487/RFC7673, October | |||
| 2015, <http://www.rfc-editor.org/info/rfc7673>. | 2015, <https://www.rfc-editor.org/info/rfc7673>. | |||
| [RFC7766] Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and | [RFC7766] Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and | |||
| D. Wessels, "DNS Transport over TCP - Implementation | D. Wessels, "DNS Transport over TCP - Implementation | |||
| Requirements", RFC 7766, DOI 10.17487/RFC7766, March 2016, | Requirements", RFC 7766, DOI 10.17487/RFC7766, March 2016, | |||
| <http://www.rfc-editor.org/info/rfc7766>. | <https://www.rfc-editor.org/info/rfc7766>. | |||
| [SessSig] Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S., | ||||
| Mankin, A., and T. Pusateri, "DNS Session Signaling", | ||||
| draft-ietf-dnsop-session-signal-02 (work in progress), | ||||
| March 2017. | ||||
| [SN] "Service Name and Transport Protocol Port Number | [SN] "Service Name and Transport Protocol Port Number | |||
| Registry", <http://www.iana.org/assignments/ | Registry", <http://www.iana.org/assignments/ | |||
| service-names-port-numbers/>. | service-names-port-numbers/>. | |||
| [StatefulOp] | ||||
| Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S., | ||||
| Mankin, A., and T. Pusateri, "DNS Stateful Operations", | ||||
| draft-ietf-dnsop-session-signal-04 (work in progress), | ||||
| September 2017. | ||||
| 10.2. Informative References | 10.2. Informative References | |||
| [DisProx] Cheshire, S., "Hybrid Unicast/Multicast DNS-Based Service | [DisProx] Cheshire, S., "Hybrid Unicast/Multicast DNS-Based Service | |||
| Discovery", draft-ietf-dnssd-hybrid-06 (work in progress), | Discovery", draft-ietf-dnssd-hybrid-07 (work in progress), | |||
| March 2017. | September 2017. | |||
| [I-D.dukkipati-tcpm-tcp-loss-probe] | [I-D.dukkipati-tcpm-tcp-loss-probe] | |||
| Dukkipati, N., Cardwell, N., Cheng, Y., and M. Mathis, | Dukkipati, N., Cardwell, N., Cheng, Y., and M. Mathis, | |||
| "Tail Loss Probe (TLP): An Algorithm for Fast Recovery of | "Tail Loss Probe (TLP): An Algorithm for Fast Recovery of | |||
| Tail Losses", draft-dukkipati-tcpm-tcp-loss-probe-01 (work | Tail Losses", draft-dukkipati-tcpm-tcp-loss-probe-01 (work | |||
| in progress), February 2013. | in progress), February 2013. | |||
| [I-D.ietf-dprive-dtls-and-tls-profiles] | [I-D.ietf-dprive-dtls-and-tls-profiles] | |||
| Dickinson, S., Gillmor, D., and T. Reddy, "Usage and | Dickinson, S., Gillmor, D., and T. Reddy, "Usage and | |||
| (D)TLS Profiles for DNS-over-(D)TLS", draft-ietf-dprive- | (D)TLS Profiles for DNS-over-(D)TLS", draft-ietf-dprive- | |||
| dtls-and-tls-profiles-10 (work in progress), June 2017. | dtls-and-tls-profiles-11 (work in progress), September | |||
| 2017. | ||||
| [I-D.sekar-dns-llq] | [I-D.sekar-dns-llq] | |||
| Sekar, K., "DNS Long-Lived Queries", draft-sekar-dns- | Sekar, K., "DNS Long-Lived Queries", draft-sekar-dns- | |||
| llq-01 (work in progress), August 2006. | llq-01 (work in progress), August 2006. | |||
| [IPJ.9-4-TCPSYN] | [IPJ.9-4-TCPSYN] | |||
| Eddy, W., "Defenses Against TCP SYN Flooding Attacks", The | Eddy, W., "Defenses Against TCP SYN Flooding Attacks", The | |||
| Internet Protocol Journal, Cisco Systems, Volume 9, | Internet Protocol Journal, Cisco Systems, Volume 9, | |||
| Number 4, December 2006. | Number 4, December 2006. | |||
| [obs] "Observer Pattern", <https://en.wikipedia.org/wiki/ | [obs] "Observer Pattern", <https://en.wikipedia.org/wiki/ | |||
| Observer_pattern>. | Observer_pattern>. | |||
| [RFC2308] Andrews, M., "Negative Caching of DNS Queries (DNS | [RFC2308] Andrews, M., "Negative Caching of DNS Queries (DNS | |||
| NCACHE)", RFC 2308, DOI 10.17487/RFC2308, March 1998, | NCACHE)", RFC 2308, DOI 10.17487/RFC2308, March 1998, | |||
| <http://www.rfc-editor.org/info/rfc2308>. | <https://www.rfc-editor.org/info/rfc2308>. | |||
| [RFC4287] Nottingham, M., Ed. and R. Sayre, Ed., "The Atom | [RFC4287] Nottingham, M., Ed. and R. Sayre, Ed., "The Atom | |||
| Syndication Format", RFC 4287, DOI 10.17487/RFC4287, | Syndication Format", RFC 4287, DOI 10.17487/RFC4287, | |||
| December 2005, <http://www.rfc-editor.org/info/rfc4287>. | December 2005, <https://www.rfc-editor.org/info/rfc4287>. | |||
| [RFC4953] Touch, J., "Defending TCP Against Spoofing Attacks", | [RFC4953] Touch, J., "Defending TCP Against Spoofing Attacks", | |||
| RFC 4953, DOI 10.17487/RFC4953, July 2007, | RFC 4953, DOI 10.17487/RFC4953, July 2007, | |||
| <http://www.rfc-editor.org/info/rfc4953>. | <https://www.rfc-editor.org/info/rfc4953>. | |||
| [RFC5077] Salowey, J., Zhou, H., Eronen, P., and H. Tschofenig, | [RFC5077] Salowey, J., Zhou, H., Eronen, P., and H. Tschofenig, | |||
| "Transport Layer Security (TLS) Session Resumption without | "Transport Layer Security (TLS) Session Resumption without | |||
| Server-Side State", RFC 5077, DOI 10.17487/RFC5077, | Server-Side State", RFC 5077, DOI 10.17487/RFC5077, | |||
| January 2008, <http://www.rfc-editor.org/info/rfc5077>. | January 2008, <https://www.rfc-editor.org/info/rfc5077>. | |||
| [RFC6281] Cheshire, S., Zhu, Z., Wakikawa, R., and L. Zhang, | [RFC6281] Cheshire, S., Zhu, Z., Wakikawa, R., and L. Zhang, | |||
| "Understanding Apple's Back to My Mac (BTMM) Service", | "Understanding Apple's Back to My Mac (BTMM) Service", | |||
| RFC 6281, DOI 10.17487/RFC6281, June 2011, | RFC 6281, DOI 10.17487/RFC6281, June 2011, | |||
| <http://www.rfc-editor.org/info/rfc6281>. | <https://www.rfc-editor.org/info/rfc6281>. | |||
| [RFC6762] Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762, | [RFC6762] Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762, | |||
| DOI 10.17487/RFC6762, February 2013, | DOI 10.17487/RFC6762, February 2013, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc6762>. | editor.org/info/rfc6762>. | |||
| [RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service | [RFC6763] Cheshire, S. and M. Krochmal, "DNS-Based Service | |||
| Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013, | Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013, | |||
| <http://www.rfc-editor.org/info/rfc6763>. | <https://www.rfc-editor.org/info/rfc6763>. | |||
| [RFC6824] Ford, A., Raiciu, C., Handley, M., and O. Bonaventure, | [RFC6824] Ford, A., Raiciu, C., Handley, M., and O. Bonaventure, | |||
| "TCP Extensions for Multipath Operation with Multiple | "TCP Extensions for Multipath Operation with Multiple | |||
| Addresses", RFC 6824, DOI 10.17487/RFC6824, January 2013, | Addresses", RFC 6824, DOI 10.17487/RFC6824, January 2013, | |||
| <http://www.rfc-editor.org/info/rfc6824>. | <https://www.rfc-editor.org/info/rfc6824>. | |||
| [RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP | [RFC7413] Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain, "TCP | |||
| Fast Open", RFC 7413, DOI 10.17487/RFC7413, December 2014, | Fast Open", RFC 7413, DOI 10.17487/RFC7413, December 2014, | |||
| <http://www.rfc-editor.org/info/rfc7413>. | <https://www.rfc-editor.org/info/rfc7413>. | |||
| [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, | [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, | |||
| "Recommendations for Secure Use of Transport Layer | "Recommendations for Secure Use of Transport Layer | |||
| Security (TLS) and Datagram Transport Layer Security | Security (TLS) and Datagram Transport Layer Security | |||
| (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May | (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May | |||
| 2015, <http://www.rfc-editor.org/info/rfc7525>. | 2015, <https://www.rfc-editor.org/info/rfc7525>. | |||
| [RFC7719] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | [RFC7719] Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS | |||
| Terminology", RFC 7719, DOI 10.17487/RFC7719, December | Terminology", RFC 7719, DOI 10.17487/RFC7719, December | |||
| 2015, <http://www.rfc-editor.org/info/rfc7719>. | 2015, <https://www.rfc-editor.org/info/rfc7719>. | |||
| [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., | [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., | |||
| and P. Hoffman, "Specification for DNS over Transport | and P. Hoffman, "Specification for DNS over Transport | |||
| Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May | Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May | |||
| 2016, <http://www.rfc-editor.org/info/rfc7858>. | 2016, <https://www.rfc-editor.org/info/rfc7858>. | |||
| [XEP0060] Millard, P., Saint-Andre, P., and R. Meijer, "Publish- | [XEP0060] Millard, P., Saint-Andre, P., and R. Meijer, "Publish- | |||
| Subscribe", XSF XEP 0060, July 2010. | Subscribe", XSF XEP 0060, July 2010. | |||
| Authors' Addresses | Authors' Addresses | |||
| Tom Pusateri | Tom Pusateri | |||
| Seeking affiliation | Unaffiliated | |||
| Hilton Head Island, SC | Raleigh, NC 27608 | |||
| USA | USA | |||
| Phone: +1 843 473 7394 | Phone: +1 919 867 1330 | |||
| Email: pusateri@bangj.com | Email: pusateri@bangj.com | |||
| Stuart Cheshire | Stuart Cheshire | |||
| Apple Inc. | Apple Inc. | |||
| 1 Infinite Loop | 1 Infinite Loop | |||
| Cupertino, CA 95014 | Cupertino, CA 95014 | |||
| USA | USA | |||
| Phone: +1 408 974 3207 | Phone: +1 408 974 3207 | |||
| Email: cheshire@apple.com | Email: cheshire@apple.com | |||
| End of changes. 73 change blocks. | ||||
| 155 lines changed or deleted | 158 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||