Network Working Group J. Abley
Internet-Draft ICANN
Updates: 3172 (if approved) O. Gudmundsson
Intended status: BCP OGUD Consulting LLC
Expires: November 12, 2009 May 11, 2009
The Eternal Non-Existence of SINK.ARPA (and other stories)
draft-jabley-sink-arpa-00
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 12, 2009.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abley & Gudmundsson Expires November 12, 2009 [Page 1]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
Abstract
This document specifies a fully-qualified domain name in the Domain
Name System (DNS) that can be relied upon never to exist. The
availability of a name in the DNS which is guaranteed not to exist
has useful operational applications.
This document also provides a procedural framework for other names
that have special characteristics to be reserved, and for those
special characteristics to codified as modifications to the normal
ARPA administration process.
Abley & Gudmundsson Expires November 12, 2009 [Page 2]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
1. Introduction
The Domain Name System (DNS) is described in [RFC1034] and [RFC1035].
This document has three purposes:
1. to create a new IANA registry called "ARPA Reserved Names" (see
Section 3);
2. to define the special considerations of a single name SINK.ARPA,
a name which is defined never to exist (see Section 2);
3. to allow the procedures by which the ARPA zone is maintained, as
documented in [RFC3172], to be modified for names present in the
ARPA Reserved Names registry according to the special
characteristics of those names (see Section 4).
Abley & Gudmundsson Expires November 12, 2009 [Page 3]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
2. SINK.ARPA
The special considerations for the name SINK.ARPA are that the name
SINK.ARPA shall be guaranteed never to have any resource records
associated with it. That is, the domain does not exist and queries
for it will result in name errors (NXDOMAIN). The reliable non-
existence of a globally-consistent and formally-defined name has some
operational utility.
Various top-level domains are reserved by [RFC2606], including
"INVALID". The use of "INVALID" as a codified, non-existant domain
was considered. However:
o INVALID is poorly characterised from a DNS perspective in
[RFC2606]; that is, the specification that INVALID does not exist
as a Top Level Domain (TLD) is imprecise given the various uses of
the term TLD in policy forums;
o the contents of the root zone are derived by interaction with many
inter-related policy-making bodies, whereas the administrative and
technical processes relating to the ARPA zone are much more
clearly defined in an IETF context;
o the use of ARPA for purposes of operational infrastructure (and,
by inference, the explicit non-use of a particular name in ARPA)
is consistent with the purpose of that zone, as described in
[RFC3172].
This document specifies that any request which would cause the name
SINK.ARPA to exist in the DNS should be denied.
Abley & Gudmundsson Expires November 12, 2009 [Page 4]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
3. IANA Considerations
This document directs the IANA to create a registry as follows:
+-------------------------+----------------------------------------+
| Parameter | Value |
+-------------------------+----------------------------------------+
| Registry Name | ARPA Reserved Names |
| | |
| Reference | This document (RFCXXXX) Section 5 |
| | |
| Registration Procedures | IETF Standards Action and IAB approval |
+-------------------------+----------------------------------------+
The initial registry contents should be as follows:
+-----------+----------------------+---------+----------------------+
| Name | Purpose | RRTypes | Reference |
+-----------+----------------------+---------+----------------------+
| SINK.ARPA | Definitively | NONE | This document |
| | non-existant name | | (RFCXXXX) Section 2 |
+-----------+----------------------+---------+----------------------+
Abley & Gudmundsson Expires November 12, 2009 [Page 5]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
4. Administration of the ARPA Domain
The management guidelines and operational requirements of the ARPA
domain is described in [RFC3172]. Requests to modify the ARPA zone
are specified in standards-track documents which, when approved by
the IESG and the IAB are sent to the IANA for implementation. This
document updates the procedures described in that document as
follows:
4.1. Criteria for "arpa" Sub-domains
Names which are included in the IANA registry "ARPA Reserved Names"
are reserved and require special consideration. The nature of that
special consideration is specified by reference within the ARPA
Reserved Names registry.
Abley & Gudmundsson Expires November 12, 2009 [Page 6]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
5. IAB Considerations
IAB review and approval of this document is required, given the IAB's
technical and administrative function in the approval of changes to
the ARPA zone.
Abley & Gudmundsson Expires November 12, 2009 [Page 7]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
6. Security Considerations
This document institutionalises a single name in the DNS to which
unwanted traffic can be directed. This name, SINK.ARPA, is specified
in this document not to exist in the DNS. If address records for
SINK.ARPA were to be introduced by exploiting insecurities in the
DNS, however, then those addresses would receive that unwanted
traffic. This might provide a leak of private information to a third
party, or have other unwelcome consequences.
The non-existence of SINK.ARPA will be cryptographically verifiable
when the ARPA zone is signed.
Abley & Gudmundsson Expires November 12, 2009 [Page 8]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
7. Normative References
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987.
[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.
[RFC2606] Eastlake, D. and A. Panitz, "Reserved Top Level DNS
Names", BCP 32, RFC 2606, June 1999.
[RFC3172] Huston, G., "Management Guidelines & Operational
Requirements for the Address and Routing Parameter Area
Domain ("arpa")", BCP 52, RFC 3172, September 2001.
Abley & Gudmundsson Expires November 12, 2009 [Page 9]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
Appendix A. Editorial Notes
This section (and sub-sections) to be removed prior to publication.
A.1. On the name SINK.ARPA
The name SINK.ARPA has been chosen as an editorial convenience:
having a name is more convenient than not having a name when
discussing the general proposal. No doubt other names would do the
job just as well.
A.2. Change History
00 Initial draft.
Abley & Gudmundsson Expires November 12, 2009 [Page 10]
Internet-Draft The Eternal Non-Existence of SINK.ARPA May 2009
Authors' Addresses
Joe Abley
ICANN
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
USA
Phone: +1 519 670 9327
Email: joe.abley@icann.org
Olafur Gudmundsson
OGUD Consulting LLC
3821 Village Park Dr., NW
Washington, DC 20015
USA
Email: ogud@ogud.com
Abley & Gudmundsson Expires November 12, 2009 [Page 11]