Hi,
Please find two Naming Architectures we would like to discuss at Vancouver:
- "IPv6 Home Network Naming Delegation Architecture"
http://www.ietf.org/internet-drafts/draft-mglt-naming-delegation-00.txt
- "Home Network Front End Naming Delegation"
http://www.ietf.org/internet-drafts/draft-mglt-front-end-naming-delegation-00.txt
Comments and suggestions are welcome.
Best Regards
Daniel
Abstract: "IPv6 Home Network Naming Delegation Architecture"
This document describes the Naming Delegation Architecture that makes
IPv6 Home Network globally reachable with Names or Fully Qualified
Domain Names (FQDN). In this architecture, the Customer Premise
Equipment (CPE) acts as the DNS Authoritative Server of the Home
Network also called the Delegated DNS Server. The Naming Delegation
is configured between the Delegated DNS Server and the Delegating DNS
Server managed by the ISP.
The use case considered in this document is an End User that
subscribes its ISP a specific Delegated Domain for its Home Network.
This document describes how the CPE automatically sets the Naming
Delegation between the Delegating and Delegated DNS Server.
The Naming Delegation is requested by the CPE. The CPE DHCP Client
and the ISP DHCP Server exchange DHCP Options to properly set the
Naming Delegation. More specifically, the CPE DHCP Client (resp. the
ISP DHCP Server) configures the DNS(SEC) Zones of the Delegated DNS
Server (resp. Delegating DNS Server). For the Delegating DNS Server,
the necessary pieces of information required to set the Naming
Delegation are the IP address of the Delegated DNS Server, and if
DNSSEC is used, the Delegation of Signing Information. For the
Delegated DNS Server, the necessary information is the Delegated
Domain associated to the Home Network.
Abstract: "Home Network Front End Naming Delegation"
This document proposes a Naming Delegation Architecture that makes
possible End Users to reach the hosts or services of their Home
Network using Names instead of IP addresses.
This document shows how the Naming Delegation between the CPE and the
ISP can be set so the CPE is not exposed on the Internet. This
document describes an Naming Architecture where ISPs provide Front
End Delegating DNS Servers whereas the CPEs constitute a Back End
Network of Delegated DNS Servers. All DNS queries for any Home
Network are addressed to the Delegating Front End Server. The
response is expected to be stored on a CPE, and the Front End
Delegating DNS Server sends a DNS Query to that CPE before answering
to the initial DNS query.
The negotiation between the CPE and the ISP is using DHCP Options.
This document provides options so Front End Delegating and the
Delegated DNS Servers configure their respective Zone files and so
that CPEs restrict access and protect themselves from unauthorized
DNS Queries.
--
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
