📄 draft-ietf-dnsext-dns-name-p-s-00.txt
字号:
This approach would make it possible to enumerate all DNS names in the zone containing a first-level label beginning with underscore, including all SRV RRs, but this may be of less a concern to the zone administrator than incurring the overhead of the absolute method or of the following variants of the modified method. 2. The absolute method could be used for synthesising NSEC RRs for all queries where the QNAME contains a leading underscore. However this re-introduces the susceptibility of the absolute method to denial of service activity, as an attacker could send queries for an effectively inexhaustible supply of domain names beginning with a leading underscore. 3. A variant of the modified method could be used for synthesising NSEC RRs for all queries where the QNAME contains a leading underscore. This variant would assume that all predecessors and successors to queries where the QNAME contains a leading underscore may consist of two lablels rather than only one. This introduces a little additional complexity without incurring the full increase in response size and computational complexity as the absolute method. 4. Finally, a variant the modified method which assumes that all owner names in the zone consist of one or two labels could be used. However this negates much of the reduction in response size of the modified method and may be nearly as computationally complex as the absolute method.Sisson & Laurie Expires January 11, 2006 [Page 9]
Internet-Draft DNS Name Predecessor and Successor July 20056. Examples In the following examples: the owner name of the zone apex is "example.com."; the range of octet values is 0x00 - 0xff excluding values corresponding to uppercase US-ASCII letters; and non-printable octet values are expressed as three-digit decimal numbers preceded by a backslash (as specified in Section 5.1 of [RFC1035]).6.1. Examples of Immediate Predecessors Using Absolute Method Example of typical case: P(foo.example.com.) = \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255.\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255.fon\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255.example.com. or, in alternate notation: \255{49}.\255{63}.\255{63}.fon\255{60}.example.com. where {n} represents the number of repetitions of an octet.Sisson & Laurie Expires January 11, 2006 [Page 10]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where least significant (left-most) label of DNS name consists of a single octet of the minimum sort value: P(\000.foo.example.com.) = foo.example.com. Example where least significant (right-most) octet of least significant (left-most) label has the minimum sort value: P(foo\000.example.com.) = \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255.\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255.\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255.foo.example.com. or, in alternate notation: \255{45}.\255{63}.\255{63}.\255{63}.foo.example.com.Sisson & Laurie Expires January 11, 2006 [Page 11]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name contains an octet which must be decremented by skipping values corresponding to US-ASCII uppercase letters: P(fo\[.example.com.) = \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255.\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255.fo\@\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255.example.com. or, in alternate notation: \255{49}.\255{63}.\255{63}.fo\@\255{60}.example.com. where {n} represents the number of repetitions of an octet.Sisson & Laurie Expires January 11, 2006 [Page 12]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name is the owner name of the zone apex, and consequently wraps to the DNS name with the maximum possible sort order in the zone: P(example.com.) = \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255.\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255.\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.example.com. or, in alternate notation: \255{49}.\255{63}.\255{63}.\255{63}.example.com.6.2. Examples of Immediate Successors Using Absolute Method Example of typical case: S(foo.example.com.) = \000.foo.example.com.Sisson & Laurie Expires January 11, 2006 [Page 13]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name is one octet short of the maximum DNS name length: N = fooooooooooooooooooooooooooooooooooooooooooooooo .ooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooo.ooooooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooo.ooooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo.example.com. or, in alternate notation: fo{47}.o{63}.o{63}.o{63}.example.com. S(N) = fooooooooooooooooooooooooooooooooooooooooooooooo \000.ooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooooooo.ooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooooooo.ooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo oooo.example.com. or, in alternate notation: fo{47}\000.o{63}.o{63}.o{63}.example.com.Sisson & Laurie Expires January 11, 2006 [Page 14]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name is the maximum DNS name length: N = fooooooooooooooooooooooooooooooooooooooooooooooo o.oooooooooooooooooooooooooooooooooooooooooooooo ooooooooooooooooo.oooooooooooooooooooooooooooooo ooooooooooooooooooooooooooooooooo.oooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo o.example.com. or, in alternate notation: fo{48}.o{63}.o{63}.o{63}.example.com. S(N) = fooooooooooooooooooooooooooooooooooooooooooooooo p.oooooooooooooooooooooooooooooooooooooooooooooo ooooooooooooooooo.oooooooooooooooooooooooooooooo ooooooooooooooooooooooooooooooooo.oooooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo o.example.com. or, in alternate notation: fo{47}p.o{63}.o{63}.o{63}.example.com.Sisson & Laurie Expires January 11, 2006 [Page 15]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name is the maximum DNS name length and the least significant (left-most) label has the maximum sort value: N = \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255\255\255\255\255\255\255\255\255\255\255\255 \255.ooooooooooooooooooooooooooooooooooooooooooo oooooooooooooooooooo.ooooooooooooooooooooooooooo oooooooooooooooooooooooooooooooooooo.ooooooooooo oooooooooooooooooooooooooooooooooooooooooooooooo oooo.example.com. or, in alternate notation: \255{49}.o{63}.o{63}.o{63}.example.com. S(N) = oooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooooop.oooooooooooooooooooooooooooooooo ooooooooooooooooooooooooooooooo.oooooooooooooooo ooooooooooooooooooooooooooooooooooooooooooooooo. example.com. or, in alternate notation: o{62}p.o{63}.o{63}.example.com.Sisson & Laurie Expires January 11, 2006 [Page 16]
Internet-Draft DNS Name Predecessor and Successor July 2005 Example where DNS name is the maximum DNS name length and the eight least significant (right-most) octets of the least significant (left- most) label have the maximum sort value: N = foooooooooooooooooooooooooooooooooooooooo\255 \255\255\255\255\255\255\255.ooooooooooooooooooo oooooooooooooooooooooooooooooooooooooooooooo.ooo oooooooooooooooooooooooooooooooooooooooooooooooo oooooooooooo.ooooooooooooooooooooooooooooooooooo oooooooooooooooooooooooooooo.example.com. or, in alternate notation: fo{40}\255{8}.o{63}.o{63}.o{63}.example.com. S(N) = fooooooooooooooooooooooooooooooooooooooop.oooooo oooooooooooooooooooooooooooooooooooooooooooooooo ooooooooo.oooooooooooooooooooooooooooooooooooooo ooooooooooooooooooooooooo.oooooooooooooooooooooo ooooooooooooooooooooooooooooooooooooooooo.example.com. or, in alternate notation: fo{39}p.o{63}.o{63}.o{63}.example.com.⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -