XML Schemas for Reverse DNS Management
RFC 7745
| Document | Type |
RFC - Informational
(January 2016; No errata)
Was draft-manderson-rdns-xml (individual)
|
|
|---|---|---|---|
| Last updated | 2016-01-20 | ||
| Stream | ISE | ||
| Formats | plain text pdf html bibtex | ||
| IETF conflict review | conflict-review-manderson-rdns-xml | ||
| Stream | ISE state | Published RFC | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | Adrian Farrel | ||
| Shepherd write-up | Show (last changed 2015-06-25) | ||
| IESG | IESG state | RFC 7745 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
| IANA | IANA review state | IANA OK - No Actions Needed | |
| IANA action state | No IC | ||
Independent Submission T. Manderson
Request for Comments: 7745 ICANN
Category: Informational January 2016
ISSN: 2070-1721
XML Schemas for Reverse DNS Management
Abstract
This document defines an Extensible Markup Language (XML) schema for
reverse DNS management in a tightly controlled Representational State
Transfer (REST) environment. This document describes a schema that
has been developed and deployed by ICANN in a "RESTful" system since
2011 and is being used by the registries responsible for reverse DNS
(rDNS) delegations underneath IN-ADDR.ARPA and IP6.ARPA through an
HTTPS transaction that is mediated by an X.509 certificate.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This is a contribution to the RFC Series, independently of any other
RFC stream. The RFC Editor has chosen to publish this document at
its discretion and makes no statement about its value for
implementation or deployment. Documents approved for publication by
the RFC Editor are not a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7745.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
Manderson Informational [Page 1]
RFC 7745 XML Schemas for rDNS Management January 2016
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Implementation . . . . . . . . . . . . . . . . . . . . . . . 3
4. Security Considerations . . . . . . . . . . . . . . . . . . . 5
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
5.1. Normative References . . . . . . . . . . . . . . . . . . 5
5.2. Informative References . . . . . . . . . . . . . . . . . 6
Appendix A. Schema Definition for rDNS Updates . . . . . . . . . 7
Appendix B. Schema Definition for rDNS Queue Entries . . . . . . 8
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 10
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction
This document defines an Extensible Markup Language (XML) schema for
reverse DNS management in a tightly controlled Representational State
Transfer (REST) [REST] environment. This document describes a schema
that has been developed and deployed by ICANN in a "RESTful" system
since 2011 and is being used by the registries responsible for
reverse DNS (rDNS) delegations underneath IN-ADDR.ARPA [RFC1034] and
IP6.ARPA [RFC3596] through an HTTPS [RFC2818] transaction that is
mediated by an X.509 [RFC5280] certificate.
As DNSSEC [RFC4033] adoption progresses, the necessity to interact
with a delegation in the IN-ADDR.ARPA and IP6.APRA zones becomes more
frequent given that updates to DS records in the parent zone for
child delegations follow the key rollover and expiry of the child
zone. The modification of such critical areas at a relative high
frequency requires a system that allows the administrative holders of
such delegations to make such changes in a secure and trustworthy
manner where the chain of trust for submitting the necessary
information remains unbroken between the IN-ADDR.ARPA and IP6.APRA
zone maintainers and the zone customers.
At the request of the Regional Internet Registries (RIRs) to automate
reverse DNS updates with ICANN, a REST-based HTTPS service was
deployed that:
o Provides for a secure, authenticated mechanism to update zone data
(NS and DS records)
o Provides a well-formed data structure for both the IN-ADDR.ARPA
and IP6.ARPA zones
o Allows for "out-of-band" acknowledgement and notification of
updates
Manderson Informational [Page 2]
RFC 7745 XML Schemas for rDNS Management January 2016
2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
3. Implementation
Show full document text