Network Working Group P. Pfister Internet-Draft Cisco Systems Updates: RFC7788 (if approved) T. Lemon Intended status: Standards Track Nominum, Inc. Expires: July 23, 2017 January 19, 2017 Special Use Top Level Domain '.homenet' draft-ietf-homenet-dot-01 Abstract This document specifies the behavior that is expected from the Domain Name System with regard to DNS queries for names ending with '.homenet.', and designates this top-level domain as a special-use domain name. The '.homenet' top-level domain replaces '.home' as the default domain used by the Home Networking Control Protocol (HNCP). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 23, 2017. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of Pfister & Lemon Expires July 23, 2017 [Page 1]

Internet-Draft dot homenet January 2017 the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. General Guidance . . . . . . . . . . . . . . . . . . . . . . 3 3. Domain Name Reservation Considerations . . . . . . . . . . . 3 4. Updates to Home Networking Control Protocol . . . . . . . . . 4 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 8.2. Informative References . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 1 . Introduction RFC7368]. The naming mechanism needs to function without configuration from the user. While it may be possible for a name to be delegated by an ISP, home networks must also function in the absence of such a delegation. A default name with a scope limited to each individual home network needs to be used. The '.homenet' top-level domain replaces '.home' which was specified in [RFC7788] as the default domain-name for home networks. '.home' had been selected as the most user-friendly option. However, there are existing uses of '.home' that may be in conflict with this use: evidence indicates that '.home' queries frequently leak out and reach the root name servers [ICANN1] [ICANN2]. Also, ICANN has about a dozen applicants for the '.home' top-level domain name, which creates a significant risk of litigation if it were claimed by the IETF outside of that process. As a result, the use of '.home' has been deprecated; this document updates [RFC7788] to replace '.home' with '.homenet', while another document, [I-D.ietf-homenet-redact] deprecates the use of the '.home' TLD. This document registers the top-level domain '.homenet.' as a special-use domain name [RFC6761] and specifies the behavior that is expected from the Domain Name System with regard to DNS queries for names whose rightmost non-terminal label is 'homenet'. Queries for names ending with '.homenet.' are of local significance within the scope of a home network, meaning that identical queries will result in different results from one home network to another. In other words, a name ending in '.homenet' is not globally unique. Pfister & Lemon Expires July 23, 2017 [Page 2]

Internet-Draft dot homenet January 2017 2 . General Guidance 3 . Domain Name Reservation Considerations RFC6761]). 1. Users can use names ending with '.homenet.' just as they would use any other domain name. The '.homenet' name is chosen to be readily recognized by users as signifying that the name is addressing a service on the homenet to which the user's device is connected. 2. Applications SHOULD treat domain names ending with '.homenet.' just like any other FQDN, and MUST NOT make any assumption on the level of additional security implied by its presence. 3. Name resolution APIs and libraries MUST NOT recognize names that end in '.homenet.' as special and MUST NOT treat them differently. Name resolution APIs MUST send queries for such names to their configured caching DNS server(s). Using a recursive resolver other than the resolver(s) offered by the home network will result in failure to correctly resolve queries for subdomains of '.homenet'. If a host is configured to always use a recursive resolver other than the one offered by the local Pfister & Lemon Expires July 23, 2017 [Page 3]

Internet-Draft dot homenet January 2017 network, it will be unable to resolve queries that are subdomains of '.homenet'. 4. Unless configured otherwise, recursive resolvers and DNS proxies MUST behave as described in Locally Served Zones ([RFC6303] Section 3). Recursive resolvers that are part of a home network MAY be configured manually or automatically (e.g., for auto- configuration purposes) to act differently, e.g., by querying another name server configured as authoritative for part or all of the '.homenet' domain, or proxying the request through a different mechanism. 5. Only a DNS server that is authoritative for the root ('.') or is configured to be authoritative for '.homenet' or a subdomain of '.homenet' will ever answer a query about '.homenet.' In both of these cases, the server should simply answer as configured: no special handling is required. 6. DNS servers outside a home network should not be configured to be authoritative for .homenet. 7. DNS Registries/Registrars MUST NOT grant requests to register '.homenet' in the normal way to any person or entity. '.homenet' is registered in perpetuity to IANA: Domain Name: HOMENET Registrar: RESERVED-INTERNET ASSIGNED NUMBERS AUTHORITY Whois Server: whois.iana.org Referral URL: http://res-dom.iana.org Name Server: A.IANA-SERVERS.NET Name Server: B.IANA-SERVERS.NET Status: clientDeleteProhibited Status: clientTransferProhibited Status: clientUpdateProhibited 4 . Updates to Home Networking Control Protocol [RFC7788], section 8, is updated as follows: OLD: Names and unqualified zones are used in an HNCP network to provide naming and service discovery with local significance. A network- wide zone is appended to all single labels or unqualified zones in order to qualify them. ".home" is the default; however, an administrator MAY configure the announcement of a Domain-Name TLV (Section 10.6) for the network to use a different one. In case Pfister & Lemon Expires July 23, 2017 [Page 4]

Internet-Draft dot homenet January 2017 multiple are announced, the domain of the node with the greatest node identifier takes precedence. NEW: Names and unqualified zones are used in an HNCP network to provide naming and service discovery with local significance. A network- wide zone is appended to all single labels or unqualified zones in order to qualify them. ".homenet" is the default; however, an administrator MAY configure the announcement of a Domain-Name TLV (Section 10.6) for the network to use a different one. In case multiple are announced, the domain of the node with the greatest node identifier takes precedence. The '.homenet' special-use name does not require a special resolution protocol. Names for which the rightmost non-terminal label is 'homenet' are resolved using the DNS protocol [RFC1035]. 5 . Security Considerations 6 . IANA Considerations SUDN]. IANA is requested to set up insecure delegation for '.homenet' in the root zone pointing to the AS112 service [RFC7535], to break the DNSSEC chain of trust. Pfister & Lemon Expires July 23, 2017 [Page 5]

Internet-Draft dot homenet January 2017 [SUDN] "Special-Use Domain Names Registry", July 2012, <http://www.iana.org/assignments/special-use-domain-names/ special-use-domain-names.xhtml>. Authors' Addresses Pierre Pfister Cisco Systems Paris France Email: pierre.pfister@darou.fr Ted Lemon Nominum, Inc. 800 Bridge Parkway Redwood City, California 94065 United States of America Phone: +1 650 381 6000 Email: ted.lemon@nominum.com Pfister & Lemon Expires July 23, 2017 [Page 7]