XML Schemas for Reverse DNS Management
RFC 7745

Document Type RFC - Informational (January 2016; No errata)
Was draft-manderson-rdns-xml (individual)
Last updated 2016-01-20
Stream ISE
Formats plain text pdf html bibtex
IETF conflict review conflict-review-manderson-rdns-xml
Stream ISE state Published RFC
Consensus Boilerplate Unknown
Document shepherd Nevil Brownlee
Shepherd write-up Show (last changed 2015-06-25)
IESG IESG state RFC 7745 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
IANA IANA review state IANA OK - No Actions Needed
IANA action state No IC
Independent Submission                                      T. Manderson
Request for Comments: 7745                                         ICANN
Category: Informational                                     January 2016
ISSN: 2070-1721

                 XML Schemas for Reverse DNS Management

Abstract

   This document defines an Extensible Markup Language (XML) schema for
   reverse DNS management in a tightly controlled Representational State
   Transfer (REST) environment.  This document describes a schema that
   has been developed and deployed by ICANN in a "RESTful" system since
   2011 and is being used by the registries responsible for reverse DNS
   (rDNS) delegations underneath IN-ADDR.ARPA and IP6.ARPA through an
   HTTPS transaction that is mediated by an X.509 certificate.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7745.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Manderson                     Informational                     [Page 1]
RFC 7745             XML Schemas for rDNS Management        January 2016

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Requirements Language . . . . . . . . . . . . . . . . . . . .   3
   3.  Implementation  . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Appendix A.  Schema Definition for rDNS Updates . . . . . . . . .   7
   Appendix B.  Schema Definition for rDNS Queue Entries . . . . . .   8
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  10
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   This document defines an Extensible Markup Language (XML) schema for
   reverse DNS management in a tightly controlled Representational State
   Transfer (REST) [REST] environment.  This document describes a schema
   that has been developed and deployed by ICANN in a "RESTful" system
   since 2011 and is being used by the registries responsible for
   reverse DNS (rDNS) delegations underneath IN-ADDR.ARPA [RFC1034] and
   IP6.ARPA [RFC3596] through an HTTPS [RFC2818] transaction that is
   mediated by an X.509 [RFC5280] certificate.

   As DNSSEC [RFC4033] adoption progresses, the necessity to interact
   with a delegation in the IN-ADDR.ARPA and IP6.APRA zones becomes more
   frequent given that updates to DS records in the parent zone for
   child delegations follow the key rollover and expiry of the child
   zone.  The modification of such critical areas at a relative high
   frequency requires a system that allows the administrative holders of
   such delegations to make such changes in a secure and trustworthy
   manner where the chain of trust for submitting the necessary
   information remains unbroken between the IN-ADDR.ARPA and IP6.APRA
   zone maintainers and the zone customers.

   At the request of the Regional Internet Registries (RIRs) to automate
   reverse DNS updates with ICANN, a REST-based HTTPS service was
   deployed that:

   o  Provides for a secure, authenticated mechanism to update zone data
      (NS and DS records)

   o  Provides a well-formed data structure for both the IN-ADDR.ARPA
      and IP6.ARPA zones

   o  Allows for "out-of-band" acknowledgement and notification of
      updates

Manderson                     Informational                     [Page 2]
RFC 7745             XML Schemas for rDNS Management        January 2016

2.  Requirements Language
Show full document text