service
Click on the red underlined text to get to the source
...
This memo defines a generalized mechanism for application service
naming that allows service location without relying on rigid domain ...
... This memo defines a generalized mechanism for application service
naming that allows service location without relying on rigid domain
naming conventions (so-called name hacks). The proposal defines a
...
... 4]) Application to
map domain name, application service name, and application protocol
dynamically to target ...
... for dynamically determining the current host for a given application
service are limited in terms of the use cases supported. To address
some of the limitations, this document defines a DDDS Application ...
... some of the limitations, this document defines a DDDS Application to
map service+protocol+domain to specific server addresses by using
...
...
"Application service" is a generic term for some type of application,
independent of the protocol that may be used to offer it. Each
application service ...
... service" is a generic term for some type of application,
independent of the protocol that may be used to offer it. Each
application service will be associated with an IANA-registered tag.
For example, retrieving mail is a type of application service ...
... service will be associated with an IANA-registered tag.
For example, retrieving mail is a type of application service that
can be implemented by different application-layer protocols (e.g.,
...
... An "application protocol" is used to implement the application
service. These are also associated with IANA-registered tags. Using
the mail example above, "POP3 ...
... transport.
The intention is that the combination of application service and
protocol tags should be specific enough that finding a known pair
...
... server with which it can communicate.
Some protocols support multiple application services. For example,
LDAP is an application protocol ...
... LDAP is an application protocol and can be found supporting various
services (e.g., "whitepages", "directory enabled networking".
...
... As defined in section 6, NAPTR records are used to store application
service+protocol information for a given domain. Following the DDDS
...
... NAPTR resource
records for example.com, shown in the figure below, where "WP" is the
imagined application service tag for "white pages" and "EM" is the
application service tag ...
... application service tag for "white pages" and "EM" is the
application service tag for an imagined "Extensible Messaging"
application service.
...
... application service tag for an imagined "Extensible Messaging"
application service.
example.com.
...
... IN NAPTR 100 20 "s" "WP:ldap" ( ; service
"" ; regexp
_ldap._tcp.myldap.example.com. ; replacement
...
... NAPTR record, the client examines the
SERVICE field to find a match. In the case of the S-NAPTR DDDS
application, this means a SERVICE field ...
... SERVICE field to find a match. In the case of the S-NAPTR DDDS
application, this means a SERVICE field that includes the tags for
the desired application service ...
... SERVICE field that includes the tags for
the desired application service and a supported application protocol.
...
... As shown in the example set above, it is possible to have multiple
possible targets for a single application service+protocol pair.
These are to be pursued in order until a server is successfully
contacted or all possible matching NAPTR records ...
... target, or no NAPTR record with appropriate application service
and protocol for a NAPTR lookup ...
... that example.com has a NAPTR record pointing to "bunyip.example"
for the "WP:Whois++" service and protocol means the administrator
of example.com believes that service ...
... service and protocol means the administrator
of example.com believes that service exists. If bunyip.example
has no "WP:Whois++" NAPTR record, the application client ...
... In the case of an application client that supports more than one
protocol for a given application service, it MUST pursue S-NAPTR
resolution completely for one protocol, exploring all potential
...
... S-NAPTR resolution based on that
protocol. For example, even if someisp.example offers the "EM"
service with protocol "ProtB", there is no reason to believe that it
does so on behalf of example.com (as there is no such pointer in
example.com's NAPTR ...
... targets, without requiring each application protocol (or
service) standard to define a separate DDDS application.
...
...
Note that this approach is intended specifically for use when it
makes sense to associate services with particular domain names (e.g.,
e-mail addresses ...
... address how to select the domain for which the
service+protocol is being sought. Other conventions will have to
define how this might be used (e.g., new messaging standards can
define what domain ...
... Application protocol developers who wish to make use of S-NAPTR must
make provisions for registering any relevant application service and
application protocol tags ...
... administrators are called upon to use S-NAPTR with
as much restraint as possible while still achieving their service
design goals.
...
... RRs "reachable" through the S-
NAPTR process for a particular application service can be thought of
as a "tree". Each NAPTR ...
... different targets with varying preferences where appropriate
(e.g., to provide backup services) but don't look for reasons to
provide more; and
...
... o shallower is better: Avoid using NAPTR records to "rename"
services within a zone. Use NAPTR records to identify services
...
... services within a zone. Use NAPTR records to identify services
hosted elsewhere (i.e., where you cannot reasonably provide the
SRV records ...
... as follows
o Service discovery within a domain. For example, this can be used
to find the "authoritative" server for some type of service ...
... Service discovery within a domain. For example, this can be used
to find the "authoritative" server for some type of service within
a domain (see the specific example in section 4.2).
...
...
o Multiple protocols. This is already common today as new
application services are defined, and is increasingly a problem.
It includes the case of extensible messaging (a hypothetical
service ...
... application services are defined, and is increasingly a problem.
It includes the case of extensible messaging (a hypothetical
service), which can be offered with multiple protocols (see
section 4.3).
...
... domain operator
may elect to engage another organization to provide an application
service. See section 4.4 for an example that cannot be served by
SRV records alone.
...
... Service Discovery within a Domain ...
...
There are occasions when it is useful to be able to determine the
"authoritative" server for a given application service within a
domain. This is "discovery", as there is no a priori knowledge as to
...
... domain. This is "discovery", as there is no a priori knowledge as to
whether or where the service is offered; it is therefore important to
determine the location and characteristics of the offered service.
...
... whether or where the service is offered; it is therefore important to
determine the location and characteristics of the offered service.
For example, there is growing discussion ...
... service has been defined as a leaf
node service holding the keys/certs for the servers operated by (or
for) the domain. It is assumed that more than one protocol is
...
... for) the domain. It is assumed that more than one protocol is
available to provide the service for a particular domain. This
DDDS ...
... IN NAPTR 100 10 "" "CREDREG:ldap:iris.beep" ( ; service
"" ; regexp
theserver.thinkingcat.example. ; replacement
...
... theserver.thinkingcat.example. ; replacement
Note that the application service might be offered in another domain
using a different set of application protocols ...
... IN NAPTR 100 10 "" "CREDREG:iris.lwz:iris.beep" ( ; service
"" ; regexp
foo.anotherdomain.example. ; replacement
...
...
Extensible messaging, a hypothetical application service, will be
used for illustrative purposes. (For an example of a real
application service ...
... service, will be
used for illustrative purposes. (For an example of a real
application service with multiple protocols, see [9] and [10]).
...
... 9] and [10]).
Assuming that "EM" was registered as an application service, this
DDDS application could be used to determine the available services ...
... service, this
DDDS application could be used to determine the available services
for delivery to a target ...
... DDDS-based approach, thinkingcat.example can indicate a
preference ranking for the different types of servers for the
extensible messaging service, yet the out-sourcer can independently
rank the preference and ordering of servers. This independence is
not achievable through the use of SRV records ...
... use of SRV records alone.
Thus, to find the EM services for thinkingcat.example, the NAPTR
records for thinkingcat.example are retrieved:
...
... IN NAPTR 100 10 "s" "EM:ProtA" ( ; service
"" ; regexp
_ProtA._tcp.thinkingcat.example. ; replacement
...
... IN NAPTR 100 20 "s" "EM:ProtB" ( ; service
"" ; regexp
_ProtB._tcp.example.com. ; replacement
...
... IN NAPTR 100 30 "s" "EM:ProtC" ( ; service
"" ; regexp
_ProtC._tcp.example.com. ; replacement
...
... Then the administrators at example.com can manage the preference
rankings of the servers they use to support the ProtB service:
_ProtB._tcp.example.com.
...
... In the Instant Message hosting example in Section 4.3, the service
owner (thinkingcat.example) had to host pointers to the hosting ...
... RR in the thinkingcat.example
domain point to all the hosted services. The hosting domain has
...
... domain has
NAPTR records for each service to map them to whatever local hosts it
chooses (this may change from time to time).
...
... IN NAPTR 100 10 "s" "EM:ProtA" ( ; service
"" ; regexp
_ProtA._tcp.thinkingcat.example. ; replacement
...
... IN NAPTR 100 20 "" "EM:ProtB:ProtC" ( ; service
"" ; regexp
thinkingcat.example.com. ; replacement
...
... application protocols and manage the preference rankings of the
servers they use to support the ProtB service (as before):
thinkingcat.example.com.
...
... IN NAPTR 100 10 "s" "EM:ProtC" ( ; service
"" ; regexp
_ProtC._tcp.example.com. ; replacement
...
... IN NAPTR 100 20 "s" "EM:ProtB" ( ; service
"" ; regexp
_ProtB._tcp.example.com. ; replacement
...
...
Note that the above sections assume that there was one service
available (via S-NAPTR) per domain ...
... S-NAPTR) per domain. Often, this will not be the
case. Assuming that thinkingcat.example had the CredReg service set
up as described in Section 4.2 and had the extensible messaging
service ...
... service set
up as described in Section 4.2 and had the extensible messaging
service set up as described in Section 4.4, then a client querying
for the NAPTR ...
... IN NAPTR 100 10 "s" "EM:ProtA" ( ; service
"" ; regexp
_ProtA._tcp.thinkingcat.example. ; replacement
...
... IN NAPTR 100 20 "" "EM:ProtB:ProtC" ( ; service
"" ; regexp
thinkingcat.example.com. ; replacement
...
... IN NAPTR 200 10 "" "CREDREG:ldap:iris-beep" ( ; service
"" ; regexp
bouncer.thinkingcat.example. ; replacement
...
... Sorting them by increasing "ORDER", the client would look through the
SERVICE strings to determine whether there was a NAPTR RR that
...
... NAPTR RR that
matched the application service it was looking for, with an
application protocol it could use. The client ...
... required for the client to reach the final server for a "ProtB"
service for EM for the thinkingcat.example domain is as follows:
...
... client uses ProtB to challenge that this server has
credentials to operate the service for the original domain
(thinkingcat.example)
...
... host and port providing the server.
This enables a distinction between naming an application service
target and actually hosting ...
... flexibility in hosting the target service, as follows:
o The server may be operated by a completely different organization
...
... That is, although SRV records can be used to map from a specific
service name and protocol for a specific domain to a specific server,
SRV records ...
... SRV RR allows administrators to use several servers for a single
domain, to move services from host to host with little fuss, and
...
... host with little fuss, and
to designate some hosts as primary servers for a service and
others as backups".
...
...
o Target servers by "service" (e.g., "ldap") and "protocol" (e.g.,
"tcp") in a given domain. The definition of these terms implies
...
... port. The use cases described herein require an
additional layer -- from some service label to servers that may in be
hosted within different administrative domains. We could tweak SRV ...
... NAPTR when all that is desired is simple DNS-
based location of services. This should be easy for applications to
use -- a few simple IANA registrations ...
... tools for expressing "rewrite" rules.
This power (==complexity) makes some protocol designers and service
administrators nervous. The concern is that these rewrites can
...
... Formal Definition of <Application Service Location> Application of ...
... The Application Unique String is domain label for which an
authoritative server for a particular service is sought.
...
... rule is the Application-Unique String, the domain label for which the
authoritative server for a particular service is sought.
...
... Service Parameters ...
...
Service Parameters for this Application take the form of a string of
characters that follow this ABNF ([2 ...
... app-service] *(":" app-protocol)]
app-service = experimental-service / iana-registered-service
...
... app-service = experimental-service / iana-registered-service
app-protocol = experimental-protocol ...
... experimental-protocol / iana-registered-protocol
experimental-service = "x-" 1*30ALPHANUMSYM
experimental-protocol = "x-" 1*30ALPHANUMSYM
...
... experimental-protocol = "x-" 1*30ALPHANUMSYM
iana-registered-service = ALPHA *31ALPHANUMSYM
iana-registered-protocol ...
... ; characters and must start with an alphabetic character.
; The service-parms are considered case-insensitive.
...
... case-insensitive.
Thus, the Service Parameters may consist of an empty string, an app-
service, or an app-service ...
... Thus, the Service Parameters may consist of an empty string, an app-
service, or an app-service with one or more app-protocol
...
... Service Parameters may consist of an empty string, an app-
service, or an app-service with one or more app-protocol
specifications separated by the ":" symbol.
...
... database requires each
DDDS application to define the syntax of allowable service strings.
The syntax here is expanded to allow the characters that are valid in
...
... 8]). As "+" (the separator used in the
RFC3404prop service parameter string) is an allowed character for URI
scheme names, ":" is chosen as the separator here.
...
... Application Services ...
... The "app-service" must be an IANA-registered service; see Section 7
for instructions on registering new application service tags.
...
... IANA-registered service; see Section 7
for instructions on registering new application service tags.
...
...
This document calls for two IANA registries: one for application
service tags, and one for application protocol tags.
...
... Application Service Tag IANA Registry ...
... registry for S-NAPTR
Application Service Tags, listing at least the following information
for each such tag:
...
... Application Service Tag: A string conforming with the IANA-
registered-service defined in section 6.5.
o Defining publication: The RFC used to define the Application
Service Tag ...
... service defined in section 6.5.
o Defining publication: The RFC used to define the Application
Service Tag, as defined in the registration process, below.
...
... registration process, below.
An initial Application Service Tag registration is contained in [9].
...
... risk.
All other application service and protocol tags are registered based
on the "specification required" option defined in [7 ...
...
o application protocol or service tag,
o intended usage,
...
...
The security of this approach to application service location is only
as good as the security of the DNS queries ...
... subjectAltName field. For Kerberos,
the name would be a service principle name.
3. Using the matching semantics ...
... Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2782prop, February 2000. ...
... IRIS: A Domain Registry (dreg) Type for the Internet Registry Information Service (IRIS)", RFC 3982prop, January 2005. ...
... Newton, A. and M. Sanz, "Using the Internet Registry Information Service (IRIS) over the Blocks Extensible Exchange Protocol (BEEP ...
... Assuming the client supports 1 protocol for a particular application
service, the following pseudocode outlines the expected process to
find the first (best) target ...
...
while (not rr-done)
if ([SERVICE field of cur-rr contains desired application
service and application protocol ...
... if ([SERVICE field of cur-rr contains desired application
service and application protocol])
rr-done = true
...
... preferred host-port pair for a particular application service and
protocol. If, for any reason, that host-port ...
... S-NAPTR resolution routine that finds *all* valid servers
for the required application service and protocol from the
originating domain and that provides them in a sorted order for
...