[Search] [txt|pdf|bibtex] [Tracker] [Email] [Nits]

Versions: 00                                                            
Internet Engineering Task Force                            David Kessens
Draft                                                                ISI
Expires February 1998                                    Wilfried Woeber
<draft-kessens-ride-referencing-00.txt>                           ACONET
                                                            David Conrad
                                                                   APNIC



                            RIDE referencing

Status of this Memo

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet- Drafts as reference
   material or to cite them other than as ``work in progress.''

   To learn the current status of any Internet-Draft, please check the
   ``1id-abstracts.txt'' listing contained in the Internet- Drafts
   Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
   munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
   ftp.isi.edu (US West Coast).


Abstract

   This document describes two variants of a proposal on how to find
   information regarding some critical resources (domain names, IP
   addresses and routing registry information) on the Internet. The
   proposed solution uses globally unique registry identifiers that are
   derived from a domain name in use by a registry.


Introduction

   use your domain name as the global registry identifier

   register in DNS where to query for the data

   query the appropriate server using the local identifier





Kessens                                                         [Page 1]


Draft                       RIDE referencing                 August 1997


Discussion

   Advantage:

   no central authority needed

   Disadvantage:

   the same thing.

   Variant of the prososal:

   double tree. IANA managed registries.int tree.

Detailed proposal

   globally unique registry identifier

   local to the registry unique identifier

   example: KH1-ARIN

   KH1 is local identifier ARIN is global registry identifier (last part
   of domain name can possibly be omitted)

   example: ISI-DOM

   suffix is not globally unique

   ISI-DOM is local identifier INTERNIC is global identifier

What do we store in DNS?

   - server, protocol and protocol options - what kind of data is
   available:
     IPv4 193/8, 194/8, 195/8, 62/8
     Domain .NOM, .STORE, ...
     AS 100-300, 1000-2000

     Note: IANA is authoritive for most of this data!

   Which records to use: new record, TXT record, kitchen sink, reusing
   old record

Security considerations

   The two different schemas described here have somewhat different
   properties regarding security.



Kessens                                                         [Page 2]


Draft                       RIDE referencing                 August 1997


   The IANA delegated model is in principle a very secure way of
   providing identifiers that indeed point to the registry that contains
   authoritive data regarding the allocation of Internet resources,
   provided that DNS security mechanisms get implemented soon. The
   situation for contact information pointers is somewhat different.
   While the IANA delegated model provides trusted pointers to trusted
   repositories of such data, anybody has the ability to register
   whatever contact data they want to such a trusted registry, and thus
   not providing much extra trust in the data itself. The distributed
   approach has no guarantees whatsoever that one can trust that a
   pointer points to a trusted party, since their is no system in place
   that checks if registries are trustable. However, the poiters itself
   are reliable provided that DNSSEC is widely used. Also, the RIDE
   mechanisms itself provides ways of retrieving the pointed to data and
   letting an individual registry decide after parsing the data if it
   contains enough and good enough information to accept the reference.


Acknowledgments

   We would like to thank Carol Orange and everybody that contributed to
   the work of the RIDE IETF working group in general, for their various
   comments and suggestions.


References

   [1] D. Kessens  et. al., draft-ride-classes-00.txt,
       March 1997

Author's Address:

   David Kessens,
   ISI
   4676 Admiralty Way, Suite 1001
   Marina del Rey, CA 90292-6695
   USA
   davidk@ISI.EDU

   Wilfried Woeber
   Vienna University
   Computer Center - ACOnet
   Universitaetsstrasse 7
   A-1010 Vienna
   Austria
   Woeber@CC.UniVie.ac.at

   David Conrad



Kessens                                                         [Page 3]


Draft                       RIDE referencing                 August 1997


   APNIC
   Japan
   davidc@apnic.net
















































Kessens                                                         [Page 4]