draft-ietf-dnsext-dns-name-p-s-00.txt

非常好的dns解析软件

Sisson & Laurie         Expires January 11, 2006               [Page 17]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


   Example where DNS name is the maximum DNS name length and contains an
   octet which must be incremented by skipping values corresponding to
   US-ASCII uppercase letters:

      N  = fooooooooooooooooooooooooooooooooooooooooooooooo
           \@.ooooooooooooooooooooooooooooooooooooooooooooo
           oooooooooooooooooo.ooooooooooooooooooooooooooooo
           oooooooooooooooooooooooooooooooooo.ooooooooooooo
           oooooooooooooooooooooooooooooooooooooooooooooooo
           oo.example.com.

      or, in alternate notation:

           fo{47}\@.o{63}.o{63}.o{63}.example.com.

      S(N) =

           fooooooooooooooooooooooooooooooooooooooooooooooo
           \[.ooooooooooooooooooooooooooooooooooooooooooooo
           oooooooooooooooooo.ooooooooooooooooooooooooooooo
           oooooooooooooooooooooooooooooooooo.ooooooooooooo
           oooooooooooooooooooooooooooooooooooooooooooooooo
           oo.example.com.

      or, in alternate notation:

           fo{47}\[.o{63}.o{63}.o{63}.example.com.
























Sisson & Laurie         Expires January 11, 2006               [Page 18]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


   Example where DNS name has the maximum possible sort order in the
   zone, and consequently wraps to the owner name of the zone apex:

      N  = \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255.\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255.\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255.\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255.example.com.

      or, in alternate notation:

           \255{49}.\255{63}.\255{63}.\255{63}.example.com.

      S(N) = example.com.

6.3.  Examples of Predecessors Using Modified Method

   Example of typical case:

      P'(foo.example.com.) =

           fon\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255.example.com.

      or, in alternate notation:

           fon\255{60}.example.com.




Sisson & Laurie         Expires January 11, 2006               [Page 19]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


   Example where DNS name contains more labels than DNS names in the
   zone:

      P'(bar.foo.example.com.) = foo.example.com.

   Example where least significant (right-most) octet of least
   significant (left-most) label has the minimum sort value:

      P'(foo\000.example.com.) = foo.example.com.

   Example where least significant (left-most) label has the minimum
   sort value:

      P'(\000.example.com.) = example.com.

   Example where DNS name is the owner name of the zone apex, and
   consequently wraps to the DNS name with the maximum possible sort
   order in the zone:

      P'(example.com.) =

           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255.example.com.

      or, in alternate notation:

           \255{63}.example.com.

6.4.  Examples of Successors Using Modified Method

   Example of typical case:

      S'(foo.example.com.) = foo\000.example.com.

   Example where DNS name contains more labels than DNS names in the
   zone:

      S'(bar.foo.example.com.) = foo\000.example.com.









Sisson & Laurie         Expires January 11, 2006               [Page 20]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


   Example where least significant (left-most) label has the maximum
   sort value, and consequently wraps to the owner name of the zone
   apex:

      N  = \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255\255\255\255\255\255\255\255\255\255
           \255\255\255.example.com.

      or, in alternate notation:

           \255{63}.example.com.

      S'(N) = example.com.


7.  Security Considerations

   The derivation of some predecessors/successors requires the testing
   of more conditions than others.  Consequently the effectiveness of a
   denial-of-service attack may be enhanced by sending queries that
   require more conditions to be tested.  The modified method involves
   the testing of fewer conditions than the absolute method and
   consequently is somewhat less susceptible to this exposure.


8.  IANA Considerations

   This document has no IANA actions.

   Note to RFC Editor: This section is included to make it clear during
   pre-publication review that this document has no IANA actions.  It
   may therefore be removed should it be published as an RFC.


9.  Acknowledgments

   The authors would like to thank Olaf Kolkman, Olafur Gudmundsson and
   Niall O'Reilly for their review and input.


10.  References







Sisson & Laurie         Expires January 11, 2006               [Page 21]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


10.1  Normative References

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, November 1987.

   [RFC1035]  Mockapetris, P., "Domain names - implementation and
              specification", STD 13, RFC 1035, November 1987.

   [RFC2181]  Elz, R. and R. Bush, "Clarifications to the DNS
              Specification", RFC 2181, July 1997.

   [RFC2782]  Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
              specifying the location of services (DNS SRV)", RFC 2782,
              February 2000.

   [RFC4034]  Arends, R., Austein, R., Larson, M., Massey, D., and S.
              Rose, "Resource Records for the DNS Security Extensions",
              RFC 4034, March 2005.

10.2  Informative References

   [I-D.ietf-dnsext-dnssec-online-signing]
              Ihren, J. and S. Weiler, "Minimally Covering NSEC Records
              and DNSSEC On-line Signing",
              draft-ietf-dnsext-dnssec-online-signing-00 (work in
              progress), May 2005.

   [I-D.ietf-dnsext-dnssec-trans]
              Arends, R., Koch, P., and J. Schlyter, "Evaluating DNSSEC
              Transition Mechanisms",
              draft-ietf-dnsext-dnssec-trans-02 (work in progress),
              February 2005.


Appendix A.  Change History

A.1.  Changes from sisson-02 to ietf-00

   o  Added notes on use of SRV RRs with modified method.

   o  Changed reference from weiler-dnssec-online-signing to ietf-
      dnsext-dnssec-online-signing.

   o  Changed reference from ietf-dnsext-dnssec-records to RFC 4034.

   o  Miscellaneous minor changes to text.





Sisson & Laurie         Expires January 11, 2006               [Page 22]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


A.2.  Changes from sisson-01 to sisson-02

   o  Added modified version of derivation (with supporting examples).

   o  Introduced notational conventions N, P(N), S(N), P'(N) and S'(N).

   o  Added clarification to derivations about when processing stops.

   o  Miscellaneous minor changes to text.

A.3.  Changes from sisson-00 to sisson-01

   o  Split step 3 of derivation of DNS name predecessor into two
      distinct steps for clarity.

   o  Added clarifying text and examples related to the requirement to
      avoid uppercase characters when decrementing or incrementing
      octets.

   o  Added optimisation using restriction of effective maximum DNS name
      length.

   o  Changed examples to use decimal rather than octal notation as per
      [RFC1035].

   o  Corrected DNS name length of some examples.

   o  Added reference to weiler-dnssec-online-signing.

   o  Miscellaneous minor changes to text.





















Sisson & Laurie         Expires January 11, 2006               [Page 23]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


Authors' Addresses

   Geoffrey Sisson
   Nominet
   Sandford Gate
   Sandy Lane West
   Oxford
   OX4 6LB
   GB

   Phone: +44 1865 332339
   Email: geoff@nominet.org.uk


   Ben Laurie
   Nominet
   17 Perryn Road
   London
   W3 7LR
   GB

   Phone: +44 20 8735 0686
   Email: ben@algroup.co.uk




























Sisson & Laurie         Expires January 11, 2006               [Page 24]

Internet-Draft     DNS Name Predecessor and Successor          July 2005


Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.


Disclaimer of Validity

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Copyright Statement

   Copyright (C) The Internet Society (2005).  This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.


Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.




Sisson & Laurie         Expires January 11, 2006               [Page 25]