adulau/pdns-qof
1
0
Fork 0
mirror of https://github.com/adulau/pdns-qof.git synced 2024-05-20 10:52:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add a section on MIME types. Closes issue #9.

Browse source
This commit is contained in:
aaronkaplan 2021-05-04 16:03:04 +02:00
parent 7fe69103d1
commit be9de2de88
No known key found for this signature in database
GPG key ID: 1AED8B672DD4C9B1
3 changed files with 41 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG
View file

@ -3,6 +3,7 @@
## Content changes
* added time_first_ms, time_last_ms
* clarified that time_{first,last} OR zone_time_{first,last} can be specified.
* Added MIME type SHOULD be "application/x-ndjson". As discussed in #9.
## Other changes
* Added JSON schema

74
i-d/pdns-qof.txt
View file

@ -90,6 +90,7 @@ Table of Contents
3.5.6. time_last_ms . . . . . . . . . . . . . . . . . . . . 7
3.6. Additional Fields Registry . . . . . . . . . . . . . . . 7
3.7. Additional notes . . . . . . . . . . . . . . . . . . . . 8
3.8. Suggested MIME Types . . . . . . . . . . . . . . . . . . 8
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8
@ -108,7 +109,6 @@ Table of Contents
Dulaunoy, et al. Expires December 3, 2020 [Page 2]
Internet-Draft Passive DNS - Common Output Format June 2020
@ -405,6 +405,12 @@ Internet-Draft Passive DNS - Common Output Format June 2020
parsers who will expect the mandatory fields time_{first,last}. See:
[github_issue_17]
3.8. Suggested MIME Types
An implementer of a passive DNS Server SHOULD server a document in
this Common Output Format with a MIME header of "application/
x-ndjson".
4. Acknowledgements
Thanks to the Passive DNS developers who contributed to the document.
@ -435,12 +441,6 @@ Internet-Draft Passive DNS - Common Output Format June 2020
taken into consideration when designing any application which uses
Passive DNS data.
In the scope of the General Data Protection Regulation (GDPR -
Directive 95/46/EC), operators of Passive DNS Server needs to ensure
the legal ground and lawfulness of its operation.
@ -450,6 +450,10 @@ Dulaunoy, et al. Expires December 3, 2020 [Page 8]
Internet-Draft Passive DNS - Common Output Format June 2020
In the scope of the General Data Protection Regulation (GDPR -
Directive 95/46/EC), operators of Passive DNS Server needs to ensure
the legal ground and lawfulness of its operation.
7. Security Considerations
In some cases, Passive DNS output might contain confidential
@ -491,10 +495,6 @@ Internet-Draft Passive DNS - Common Output Format June 2020
RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>.
[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627,
DOI 10.17487/RFC4627, July 2006,
<https://www.rfc-editor.org/info/rfc4627>.
@ -506,6 +506,11 @@ Dulaunoy, et al. Expires December 3, 2020 [Page 9]
Internet-Draft Passive DNS - Common Output Format June 2020
[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627,
DOI 10.17487/RFC4627, July 2006,
<https://www.rfc-editor.org/info/rfc4627>.
[RFC5001] Austein, R., "DNS Name Server Identifier (NSID) Option",
RFC 5001, DOI 10.17487/RFC5001, August 2007,
<https://www.rfc-editor.org/info/rfc5001>.
@ -549,11 +554,6 @@ Internet-Draft Passive DNS - Common Output Format June 2020
<http://www.centr.org/system/files/agenda/attachment/
rd4-papst-passive_dns.pdf>.
[PDNSCIRCL]
"CIRCL Passive DNS", 2012,
<https://www.circl.lu/services/passive-dns/>.
@ -562,6 +562,10 @@ Dulaunoy, et al. Expires December 3, 2020 [Page 10]
Internet-Draft Passive DNS - Common Output Format June 2020
[PDNSCIRCL]
"CIRCL Passive DNS", 2012,
<https://www.circl.lu/services/passive-dns/>.
[PDNSCLIENT]
"Queries 5 major Passive DNS databases: BFK, CERTEE,
DNSParse, ISC, and VirusTotal.", 2013,
@ -602,12 +606,8 @@ Appendix A. Examples
dns common output format can be:
{"count": 102, "time_first": 1298412391, "rrtype": "AAAA",
"rrname": "www.ietf.org", "rdata": "2001:1890:1112:1::20",
"time_last": 1302506851}
{"count": 59, "time_first": 1384865833, "rrtype": "A",
"rrname": "www.ietf.org", "rdata": "4.31.198.44",
"time_last": 1389022219}
@ -618,6 +618,14 @@ Dulaunoy, et al. Expires December 3, 2020 [Page 11]
Internet-Draft Passive DNS - Common Output Format June 2020
{"count": 102, "time_first": 1298412391, "rrtype": "AAAA",
"rrname": "www.ietf.org", "rdata": "2001:1890:1112:1::20",
"time_last": 1302506851}
{"count": 59, "time_first": 1384865833, "rrtype": "A",
"rrname": "www.ietf.org", "rdata": "4.31.198.44",
"time_last": 1389022219}
If you query a passive DNS for the rrname ietf.org, the passive dns
common output format can be:
@ -658,14 +666,6 @@ Authors' Addresses
URI: http://www.circl.lu/
L. Aaron Kaplan
Vienna A-1170
Austria
Email: aaron@lo-res.org
@ -674,6 +674,13 @@ Dulaunoy, et al. Expires December 3, 2020 [Page 12]
Internet-Draft Passive DNS - Common Output Format June 2020
L. Aaron Kaplan
Vienna A-1170
Austria
Email: aaron@lo-res.org
Paul Vixie
Farsight Security, Inc.
11400 La Honda Road
@ -710,13 +717,6 @@ Internet-Draft Passive DNS - Common Output Format June 2020

3
i-d/pdns-qof.xml
View file

@ -263,6 +263,9 @@ ws = *(
</section>
<section title="Additional notes">
<t>An implementer of a passive DNS Server MAY chose to either return time_first and time_last OR return zone_time_first and zone_time_last. In pseudocode: (time_first AND time_last) OR (zone_time_first AND zone_time_last). In this case, zone_time_{first,last} replace the time_{first,last} fields. However, this is not encouraged since it might be confusing for parsers who will expect the mandatory fields time_{first,last}. See: <xref target="github_issue_17"/></t>
</section>
<section title="Suggested MIME Types">
<t>An implementer of a passive DNS Server SHOULD server a document in this Common Output Format with a MIME header of "application/x-ndjson".</t>
</section>
</section>