adulau/pdns-qof
1
0
Fork 0
mirror of https://github.com/adulau/pdns-qof.git synced 2024-11-22 18:17:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Additional Fields Registry added

Browse source
This commit is contained in:
Alexandre Dulaunoy 2013-12-25 14:39:02 +01:00
parent 53e7fa097a
commit 310bd0bc7c
2 changed files with 86 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

100
i-d/pdns-qof.txt
View file

@ -14,7 +14,7 @@ Expires: June 28, 2014 CERT.at
Passive DNS - Common Output Format Passive DNS - Common Output Format
draft-ietf-dulaunoy-kaplan-pdns-cof-01 draft-ietf-dulaunoy-passive-dns-cof-00
Abstract Abstract
@ -82,13 +82,14 @@ Table of Contents
3.4.1. sensor_id . . . . . . . . . . . . . . . . . . . . . . 5 3.4.1. sensor_id . . . . . . . . . . . . . . . . . . . . . . 5
3.4.2. zone_time_first . . . . . . . . . . . . . . . . . . . 5 3.4.2. zone_time_first . . . . . . . . . . . . . . . . . . . 5
3.4.3. zone_time_last . . . . . . . . . . . . . . . . . . . 6 3.4.3. zone_time_last . . . . . . . . . . . . . . . . . . . 6
3.5. Additional Fields Registry . . . . . . . . . . . . . . . 6
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
7.1. Normative References . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . 6
7.2. References . . . . . . . . . . . . . . . . . . . . . . . 7 7.2. References . . . . . . . . . . . . . . . . . . . . . . . 7
7.3. Informative References . . . . . . . . . . . . . . . . . 7 7.3. Informative References . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
@ -105,7 +106,6 @@ Table of Contents
their search. This document describes the output format of four their search. This document describes the output format of four
Passive DNS Systems ([DNSDB],[PDNSCERTAT], [PDNSCIRCL] and [PDNSCOF]) Passive DNS Systems ([DNSDB],[PDNSCERTAT], [PDNSCIRCL] and [PDNSCOF])
which are in use today and which already share a nearly identical which are in use today and which already share a nearly identical
output format. As the format and the meaning of output fields from
@ -114,6 +114,7 @@ Dulaunoy, et al. Expires June 28, 2014 [Page 2]
Internet-Draft Passive DNS - Common Output Format December 2013 Internet-Draft Passive DNS - Common Output Format December 2013
output format. As the format and the meaning of output fields from
each Passive DNS need to be consistent, we propose in this document a each Passive DNS need to be consistent, we propose in this document a
solution to commonly name each field along with their corresponding solution to commonly name each field along with their corresponding
interpretation. The format format is following a simple key-value interpretation. The format format is following a simple key-value
@ -164,7 +165,6 @@ Internet-Draft Passive DNS - Common Output Format December 2013
Dulaunoy, et al. Expires June 28, 2014 [Page 3] Dulaunoy, et al. Expires June 28, 2014 [Page 3]
Internet-Draft Passive DNS - Common Output Format December 2013 Internet-Draft Passive DNS - Common Output Format December 2013
@ -289,6 +289,13 @@ Internet-Draft Passive DNS - Common Output Format December 2013
is expressed in seconds (decimal ascii) since 1st of January 1970 is expressed in seconds (decimal ascii) since 1st of January 1970
(unix timestamp). The time zone MUST be UTC. (unix timestamp). The time zone MUST be UTC.
3.5. Additional Fields Registry
In accordance with [RFC6648], designers of new passive DNS
applications that would need additional fields can request and
register new field name at https://github.com/adulau/pdns-qof/wiki/
Additional-Fields.
4. Acknowledgements 4. Acknowledgements
Thanks to the Passive DNS developers who contributed to the document. Thanks to the Passive DNS developers who contributed to the document.
@ -323,13 +330,6 @@ Internet-Draft Passive DNS - Common Output Format December 2013
[RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912,
September 2004. September 2004.
[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006.
[RFC5001] Austein, R., "DNS Name Server Identifier (NSID) Option",
RFC 5001, August 2007.
@ -338,6 +338,16 @@ Dulaunoy, et al. Expires June 28, 2014 [Page 6]
Internet-Draft Passive DNS - Common Output Format December 2013 Internet-Draft Passive DNS - Common Output Format December 2013
[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006.
[RFC5001] Austein, R., "DNS Name Server Identifier (NSID) Option",
RFC 5001, August 2007.
[RFC6648] Saint-Andre, P., Crocker, D., and M. Nottingham,
"Deprecating the "X-" Prefix and Similar Constructs in
Application Protocols", BCP 178, RFC 6648, June 2012.
7.2. References 7.2. References
[BAILIWICK] [BAILIWICK]
@ -376,16 +386,6 @@ Internet-Draft Passive DNS - Common Output Format December 2013
"Passive DNS Replication", 2005, <http://www.enyo.de/fw/ "Passive DNS Replication", 2005, <http://www.enyo.de/fw/
software/dnslogger/first2005-paper.pdf>. software/dnslogger/first2005-paper.pdf>.
7.3. Informative References
[I-D.narten-iana-considerations-rfc2434bis]
Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", draft-narten-iana-
considerations-rfc2434bis-09 (work in progress), March
2008.
@ -394,6 +394,14 @@ Dulaunoy, et al. Expires June 28, 2014 [Page 7]
Internet-Draft Passive DNS - Common Output Format December 2013 Internet-Draft Passive DNS - Common Output Format December 2013
7.3. Informative References
[I-D.narten-iana-considerations-rfc2434bis]
Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", draft-narten-iana-
considerations-rfc2434bis-09 (work in progress), March
2008.
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552, July Text on Security Considerations", BCP 72, RFC 3552, July
2003. 2003.
@ -429,6 +437,19 @@ Authors' Addresses
URI: / URI: /
Dulaunoy, et al. Expires June 28, 2014 [Page 8]
Internet-Draft Passive DNS - Common Output Format December 2013
Henry Stern Henry Stern
Cisco Cisco
1741 Brunswick Street, Suite 500 1741 Brunswick Street, Suite 500
@ -445,4 +466,39 @@ Authors' Addresses
Dulaunoy, et al. Expires June 28, 2014 [Page 8]
Dulaunoy, et al. Expires June 28, 2014 [Page 9]

10
i-d/pdns-qof.xml
View file

@ -15,6 +15,8 @@
<!ENTITY RFC5001 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5001.xml"> <!ENTITY RFC5001 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5001.xml">
<!ENTITY RFC3597 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3597.xml"> <!ENTITY RFC3597 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3597.xml">
<!ENTITY RFC3912 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml"> <!ENTITY RFC3912 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml">
<!ENTITY RFC6648 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6648.xml">
<!ENTITY I-D.narten-iana-considerations-rfc2434bis SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.narten-iana-considerations-rfc2434bis.xml"> <!ENTITY I-D.narten-iana-considerations-rfc2434bis SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.narten-iana-considerations-rfc2434bis.xml">
]> ]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?> <?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
@ -221,8 +223,11 @@ The document does not describe the protocol (e.g. <xref target="RFC3912">WHOIS</
<section title="zone_time_last"> <section title="zone_time_last">
<t>This field returns the last time that the unique tuple (rrname, rrtype, rdata) record has been seen via zone file import. The date is expressed in seconds (decimal ascii) since 1st of January 1970 (unix timestamp). The time zone MUST be UTC.</t> <t>This field returns the last time that the unique tuple (rrname, rrtype, rdata) record has been seen via zone file import. The date is expressed in seconds (decimal ascii) since 1st of January 1970 (unix timestamp). The time zone MUST be UTC.</t>
</section> </section>
</section> </section>
</section> <section title="Additional Fields Registry">
<t>In accordance with <xref target="RFC6648"/>, designers of new passive DNS applications that would need additional fields can request and register new field name at https://github.com/adulau/pdns-qof/wiki/Additional-Fields.</t>
</section>
</section>
<!-- This PI places the pagebreak correctly (before the section title) in the text output. --> <!-- This PI places the pagebreak correctly (before the section title) in the text output. -->
@ -273,6 +278,7 @@ The document does not describe the protocol (e.g. <xref target="RFC3912">WHOIS</
&RFC4627; &RFC4627;
&RFC5001; &RFC5001;
&RFC3597; &RFC3597;
&RFC6648;
</references> </references>
<references> <references>
<reference anchor="WEINERPDNS" target="http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf"> <reference anchor="WEINERPDNS" target="http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf">