Customer Management DNS Resource Records
RFC 8567

Document Type RFC - Informational (April 2019; No errata)
Last updated 2019-04-01
Stream ISE
Formats plain text pdf html bibtex
Stream ISE state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 8567 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Independent Submission                                            E. Rye
Request for Comments: 8567                                    R. Beverly
Category: Informational                                            CMAND
ISSN: 2070-1721                                             1 April 2019

                Customer Management DNS Resource Records

Abstract

   Maintaining high Quality of Experience (QoE) increasingly requires
   end-to-end, holistic network management, including managed Customer
   Premises Equipment (CPE).  Because customer management is a shared
   global responsibility, the Domain Name System (DNS) provides an ideal
   existing infrastructure for maintaining authoritative customer
   information that must be readily, reliably, and publicly accessible.

   This document describes four new DNS resource record types for
   encoding customer information in the DNS.  These records are intended
   to better facilitate high customer QoE via inter-provider cooperation
   and management of customer data.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not candidates for any level of Internet Standard;
   see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8567.

Rye & Beverly                 Informational                     [Page 1]
RFC 8567              Customer Management over DNS          1 April 2019

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Customer Management Resource Records  . . . . . . . . . . . .   3
     2.1.  The PASSWORD Resource Record  . . . . . . . . . . . . . .   4
     2.2.  The CREDITCARD Resource Record  . . . . . . . . . . . . .   4
     2.3.  The SSN Resource Record . . . . . . . . . . . . . . . . .   6
     2.4.  The SSNPTR Resource Record  . . . . . . . . . . . . . . .   7
   3.  Related RR Types  . . . . . . . . . . . . . . . . . . . . . .   7
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   5.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .   9
     6.2.  Informative References  . . . . . . . . . . . . . . . . .   9
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   A significant portion of today's Internet is comprised of residential
   access networks.  These access networks, and their providers, are now
   critical infrastructure, and significant research is devoted to
   measuring residential broadband speed and reliability [SAMKNOWS].

   Unfortunately, Customer Premises Equipment (CPE) is one of the
   weakest links in the chain of network equipment connecting consumers
   to the Internet.  Customers typically do not perform proactive
   maintenance, e.g., firmware updates, on their own CPE.  In many
   cases, CPE is even deployed with default authentication credentials,
   a fact that has been exploited by various Internet-wide denial-of-
   service attacks [MIRAI].

   A central observation motivating this document is that customers
   simply cannot be trusted to manage their own networks, much less the
   path-critical CPE.  Given the difficulty in maintaining the hygiene

Rye & Beverly                 Informational                     [Page 2]
RFC 8567              Customer Management over DNS          1 April 2019

   and resilience of broadband access, CPE maintenance should instead be
   treated as a shared global responsibility among Internet Service
   Providers (ISPs).

   Further complicating customer management is choice in ISP, which is
   currently available to nearly half of US households.  While customers
   may switch providers, their biographical, billing, and technological
   details remain constant.  Therefore, service providers need
Show full document text