directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r125973 - incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone
Date Fri, 21 Jan 2005 22:24:48 GMT
Author: erodriguez
Date: Fri Jan 21 14:24:46 2005
New Revision: 125973

URL: http://svn.apache.org/viewcvs?view=rev&rev=125973
Log:
Skeleton implementations of DNS Resource Record types used by the DNS LDAP schema.
Added:
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/A6Record.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/CertificateRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/DnameRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/Inet6AddressRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyExchangeRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/LocationRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NameAuthorityPointer.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NextNameRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/ServerSelectionRecord.java   (contents, props changed)
   incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/SignatureRecord.java   (contents, props changed)

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/A6Record.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/A6Record.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/A6Record.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,62 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 3.1.1.  Format
+ * 
+ *    The RDATA portion of the A6 record contains two or three fields.
+ * 
+ *            +-----------+------------------+-------------------+
+ *            |Prefix len.|  Address suffix  |    Prefix name    |
+ *            | (1 octet) |  (0..16 octets)  |  (0..255 octets)  |
+ *            +-----------+------------------+-------------------+
+ * 
+ *    o  A prefix length, encoded as an eight-bit unsigned integer with
+ *       value between 0 and 128 inclusive.
+ * 
+ *    o  An IPv6 address suffix, encoded in network order (high-order octet
+ *       first).  There MUST be exactly enough octets in this field to
+ *       contain a number of bits equal to 128 minus prefix length, with 0
+ *       to 7 leading pad bits to make this field an integral number of
+ *       octets.  Pad bits, if present, MUST be set to zero when loading a
+ *       zone file and ignored (other than for SIG [DNSSEC] verification)
+ *       on reception.
+ * 
+ *    o  The name of the prefix, encoded as a domain name.  By the rules of
+ *       [DNSIS], this name MUST NOT be compressed.
+ * 
+ *    The domain name component SHALL NOT be present if the prefix length
+ *    is zero.  The address suffix component SHALL NOT be present if the
+ *    prefix length is 128.
+ * 
+ *    It is SUGGESTED that an A6 record intended for use as a prefix for
+ *    other A6 records have all the insignificant trailing bits in its
+ *    address suffix field set to zero.
+ */
+public class A6Record extends InternetResource
+{
+	public A6Record( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.A6, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/CertificateRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/CertificateRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/CertificateRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,67 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 2. The CERT Resource Record
+ * 
+ *    The CERT resource record (RR) has the structure given below.  Its RR
+ *    type code is 37.
+ * 
+ *                          1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ *      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *     |             type              |             key tag           |
+ *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *     |   algorithm   |                                               /
+ *     +---------------+            certificate or CRL                 /
+ *     /                                                               /
+ *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
+ * 
+ *    The type field is the certificate type as define in section 2.1
+ *    below.
+ * 
+ *    The algorithm field has the same meaning as the algorithm field in
+ *    KEY and SIG RRs [RFC 2535] except that a zero algorithm field
+ *    indicates the algorithm is unknown to a secure DNS, which may simply
+ *    be the result of the algorithm not having been standardized for
+ *    secure DNS.
+ * 
+ *    The key tag field is the 16 bit value computed for the key embedded
+ *    in the certificate as specified in the DNSSEC Standard [RFC 2535].
+ *    This field is used as an efficiency measure to pick which CERT RRs
+ *    may be applicable to a particular key.  The key tag can be calculated
+ *    for the key in question and then only CERT RRs with the same key tag
+ *    need be examined. However, the key must always be transformed to the
+ *    format it would have as the public key portion of a KEY RR before the
+ *    key tag is computed.  This is only possible if the key is applicable
+ *    to an algorithm (and limits such as key size limits) defined for DNS
+ *    security.  If it is not, the algorithm field MUST BE zero and the tag
+ *    field is meaningless and SHOULD BE zero.
+ */
+public class CertificateRecord extends InternetResource
+{
+	public CertificateRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.CERT, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/DnameRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/DnameRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/DnameRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,72 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 3. The DNAME Resource Record
+ * 
+ *    The DNAME RR has mnemonic DNAME and type code 39 (decimal).
+ * 
+ *    DNAME has the following format:
+ * 
+ *       <owner> <ttl> <class> DNAME <target>
+ * 
+ *    The format is not class-sensitive.  All fields are required.  The
+ *    RDATA field <target> is a <domain-name> [DNSIS].
+ * 
+ *    The DNAME RR causes type NS additional section processing.
+ * 
+ *    The effect of the DNAME record is the substitution of the record's
+ *    <target> for its <owner> as a suffix of a domain name.  A "no-
+ *    descendants" limitation governs the use of DNAMEs in a zone file:
+ * 
+ *       If a DNAME RR is present at a node N, there may be other data at N
+ *       (except a CNAME or another DNAME), but there MUST be no data at
+ *       any descendant of N.  This restriction applies only to records of
+ *       the same class as the DNAME record.
+ * 
+ *    This rule assures predictable results when a DNAME record is cached
+ *    by a server which is not authoritative for the record's zone.  It
+ *    MUST be enforced when authoritative zone data is loaded.  Together
+ *    with the rules for DNS zone authority [DNSCLR] it implies that DNAME
+ *    and NS records can only coexist at the top of a zone which has only
+ *    one node.
+ * 
+ *    The compression scheme of [DNSIS] MUST NOT be applied to the RDATA
+ *    portion of a DNAME record unless the sending server has some way of
+ *    knowing that the receiver understands the DNAME record format.
+ *    Signalling such understanding is expected to be the subject of future
+ *    DNS Extensions.
+ * 
+ *    Naming loops can be created with DNAME records or a combination of
+ *    DNAME and CNAME records, just as they can with CNAME records alone.
+ *    Resolvers, including resolvers embedded in DNS servers, MUST limit
+ *    the resources they devote to any query.  Implementors should note,
+ *    however, that fairly lengthy chains of DNAME records may be valid.
+ */
+public class DnameRecord extends InternetResource
+{
+	public DnameRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.DNAME, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/Inet6AddressRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/Inet6AddressRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/Inet6AddressRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,84 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 2. New resource record definition and domain
+ * 
+ *    A record type is defined to store a host's IPv6 address.  A host that
+ *    has more than one IPv6 address must have more than one such record.
+ * 
+ * 2.1 AAAA record type
+ * 
+ *    The AAAA resource record type is a record specific to the Internet
+ *    class that stores a single IPv6 address.
+ * 
+ *    The IANA assigned value of the type is 28 (decimal).
+ * 
+ * 2.2 AAAA data format
+ * 
+ *    A 128 bit IPv6 address is encoded in the data portion of an AAAA
+ *    resource record in network byte order (high-order byte first).
+ * 
+ * 2.3 AAAA query
+ * 
+ *    An AAAA query for a specified domain name in the Internet class
+ *    returns all associated AAAA resource records in the answer section of
+ *    a response.
+ * 
+ *    A type AAAA query does not trigger additional section processing.
+ * 
+ * 2.4 Textual format of AAAA records
+ * 
+ *    The textual representation of the data portion of the AAAA resource
+ *    record used in a master database file is the textual representation
+ *    of an IPv6 address as defined in [3].
+ * 
+ * 2.5 IP6.ARPA Domain
+ * 
+ *    A special domain is defined to look up a record given an IPv6
+ *    address.  The intent of this domain is to provide a way of mapping an
+ *    IPv6 address to a host name, although it may be used for other
+ *    purposes as well.  The domain is rooted at IP6.ARPA.
+ * 
+ *    An IPv6 address is represented as a name in the IP6.ARPA domain by a
+ *    sequence of nibbles separated by dots with the suffix ".IP6.ARPA".
+ *    The sequence of nibbles is encoded in reverse order, i.e., the
+ *    low-order nibble is encoded first, followed by the next low-order
+ *    nibble and so on.  Each nibble is represented by a hexadecimal digit.
+ *    For example, the reverse lookup domain name corresponding to the
+ *    address
+ * 
+ *        4321:0:1:2:3:4:567:89ab
+ * 
+ *    would be
+ * 
+ *    b.a.9.8.7.6.5.0.4.0.0.0.3.0.0.0.2.0.0.0.1.0.0.0.0.0.0.0.1.2.3.4.IP6.
+ *                                                                   ARPA.
+ */
+public class Inet6AddressRecord extends InternetResource
+{
+	public Inet6AddressRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.AAAA, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyExchangeRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyExchangeRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyExchangeRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,58 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 3.1 KX RDATA format
+ * 
+ *    The KX DNS record has the following RDATA format:
+ * 
+ *     +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *     |                  PREFERENCE                   |
+ *     +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *     /                   EXCHANGER                   /
+ *     /                                               /
+ *     +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ * 
+ *    where:
+ * 
+ *    PREFERENCE      A 16 bit non-negative integer which specifies the
+ *                    preference given to this RR among other KX records
+ *                    at the same owner.  Lower values are preferred.
+ * 
+ *    EXCHANGER       A <domain-name> which specifies a host willing to
+ *                    act as a mail exchange for the owner name.
+ * 
+ *    KX records MUST cause type A additional section processing for the
+ *    host specified by EXCHANGER.  In the event that the host processing
+ *    the DNS transaction supports IPv6, KX records MUST also cause type
+ *    AAAA additional section processing.
+ * 
+ *    The KX RDATA field MUST NOT be compressed.
+ */
+public class KeyExchangeRecord extends InternetResource
+{
+	public KeyExchangeRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.KX, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/KeyRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,65 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 3. The KEY Resource Record
+ * 
+ *    The KEY resource record (RR) is used to store a public key that is
+ *    associated with a Domain Name System (DNS) name.  This can be the
+ *    public key of a zone, a user, or a host or other end entity. Security
+ *    aware DNS implementations MUST be designed to handle at least two
+ *    simultaneously valid keys of the same type associated with the same
+ *    name.
+ * 
+ *    The type number for the KEY RR is 25.
+ * 
+ *    A KEY RR is, like any other RR, authenticated by a SIG RR.  KEY RRs
+ *    must be signed by a zone level key.
+ * 
+ * 3.1 KEY RDATA format
+ * 
+ *    The RDATA for a KEY RR consists of flags, a protocol octet, the
+ *    algorithm number octet, and the public key itself.  The format is as
+ *    follows:
+ * 
+ *                         1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ *     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |             flags             |    protocol   |   algorithm   |
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *    |                                                               /
+ *    /                          public key                           /
+ *    /                                                               /
+ *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
+ * 
+ *    The KEY RR is not intended for storage of certificates and a separate
+ *    certificate RR has been developed for that purpose, defined in [RFC
+ *    2538].
+ */
+public class KeyRecord extends InternetResource
+{
+	public KeyRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.KEY, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/LocationRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/LocationRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/LocationRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,122 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 2. RDATA Format
+ * 
+ *        MSB                                           LSB
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *       0|        VERSION        |         SIZE          |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *       2|       HORIZ PRE       |       VERT PRE        |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *       4|                   LATITUDE                    |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *       6|                   LATITUDE                    |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *       8|                   LONGITUDE                   |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *      10|                   LONGITUDE                   |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *      12|                   ALTITUDE                    |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *      14|                   ALTITUDE                    |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *    (octet)
+ * 
+ * where:
+ * 
+ * VERSION      Version number of the representation.  This must be zero.
+ *              Implementations are required to check this field and make
+ *              no assumptions about the format of unrecognized versions.
+ * 
+ * SIZE         The diameter of a sphere enclosing the described entity, in
+ *              centimeters, expressed as a pair of four-bit unsigned
+ *              integers, each ranging from zero to nine, with the most
+ *              significant four bits representing the base and the second
+ *              number representing the power of ten by which to multiply
+ *              the base.  This allows sizes from 0e0 (<1cm) to 9e9
+ *              (90,000km) to be expressed.  This representation was chosen
+ *              such that the hexadecimal representation can be read by
+ *              eye; 0x15 = 1e5.  Four-bit values greater than 9 are
+ *              undefined, as are values with a base of zero and a non-zero
+ *              exponent.
+ * 
+ *              Since 20000000m (represented by the value 0x29) is greater
+ *              than the equatorial diameter of the WGS 84 ellipsoid
+ *              (12756274m), it is therefore suitable for use as a
+ *              "worldwide" size.
+ * 
+ * HORIZ PRE    The horizontal precision of the data, in centimeters,
+ *              expressed using the same representation as SIZE.  This is
+ *              the diameter of the horizontal "circle of error", rather
+ *              than a "plus or minus" value.  (This was chosen to match
+ *              the interpretation of SIZE; to get a "plus or minus" value,
+ *              divide by 2.)
+ * 
+ * VERT PRE     The vertical precision of the data, in centimeters,
+ *              expressed using the sane representation as for SIZE.  This
+ *              is the total potential vertical error, rather than a "plus
+ *              or minus" value.  (This was chosen to match the
+ *              interpretation of SIZE; to get a "plus or minus" value,
+ *              divide by 2.)  Note that if altitude above or below sea
+ *              level is used as an approximation for altitude relative to
+ *              the [WGS 84] ellipsoid, the precision value should be
+ *              adjusted.
+ * 
+ * LATITUDE     The latitude of the center of the sphere described by the
+ *              SIZE field, expressed as a 32-bit integer, most significant
+ *              octet first (network standard byte order), in thousandths
+ *              of a second of arc.  2^31 represents the equator; numbers
+ *              above that are north latitude.
+ * 
+ * LONGITUDE    The longitude of the center of the sphere described by the
+ *              SIZE field, expressed as a 32-bit integer, most significant
+ *              octet first (network standard byte order), in thousandths
+ *              of a second of arc, rounded away from the prime meridian.
+ *              2^31 represents the prime meridian; numbers above that are
+ *              east longitude.
+ * 
+ * ALTITUDE     The altitude of the center of the sphere described by the
+ *              SIZE field, expressed as a 32-bit integer, most significant
+ *              octet first (network standard byte order), in centimeters,
+ *              from a base of 100,000m below the [WGS 84] reference
+ *              spheroid used by GPS (semimajor axis a=6378137.0,
+ *              reciprocal flattening rf=298.257223563).  Altitude above
+ *              (or below) sea level may be used as an approximation of
+ *              altitude relative to the the [WGS 84] spheroid, though due
+ *              to the Earth's surface not being a perfect spheroid, there
+ *              will be differences.  (For example, the geoid (which sea
+ *              level approximates) for the continental US ranges from 10
+ *              meters to 50 meters below the [WGS 84] spheroid.
+ *              Adjustments to ALTITUDE and/or VERT PRE will be necessary
+ *              in most cases.  The Defense Mapping Agency publishes geoid
+ *              height values relative to the [WGS 84] ellipsoid.
+ */
+public class LocationRecord extends InternetResource
+{
+	public LocationRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.LOC, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NameAuthorityPointer.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NameAuthorityPointer.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NameAuthorityPointer.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,139 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 4. NAPTR RR Format
+ * 
+ * 4.1 Packet Format
+ * 
+ *    The packet format of the NAPTR RR is given below.  The DNS type code
+ *    for NAPTR is 35.
+ * 
+ *       The packet format for the NAPTR record is as follows
+ *                                        1  1  1  1  1  1
+ *          0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        |                     ORDER                     |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        |                   PREFERENCE                  |
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        /                     FLAGS                     /
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        /                   SERVICES                    /
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        /                    REGEXP                     /
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ *        /                  REPLACEMENT                  /
+ *        /                                               /
+ *        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+ * 
+ *    <character-string> and <domain-name> as used here are defined in RFC
+ *    1035 [7].
+ * 
+ *    ORDER
+ *       A 16-bit unsigned integer specifying the order in which the NAPTR
+ *       records MUST be processed in order to accurately represent the
+ *       ordered list of Rules.  The ordering is from lowest to highest.
+ *       If two records have the same order value then they are considered
+ *       to be the same rule and should be selected based on the
+ *       combination of the Preference values and Services offered.
+ * 
+ *    PREFERENCE
+ *       Although it is called "preference" in deference to DNS
+ *       terminology, this field is equivalent to the Priority value in the
+ *       DDDS Algorithm.  It is a 16-bit unsigned integer that specifies
+ *       the order in which NAPTR records with equal Order values SHOULD be
+ *       processed, low numbers being processed before high numbers.  This
+ *       is similar to the preference field in an MX record, and is used so
+ *       domain administrators can direct clients towards more capable
+ *       hosts or lighter weight protocols.  A client MAY look at records
+ *       with higher preference values if it has a good reason to do so
+ *       such as not supporting some protocol or service very well.
+ * 
+ *       The important difference between Order and Preference is that once
+ *       a match is found the client MUST NOT consider records with a
+ *       different Order but they MAY process records with the same Order
+ *       but different Preferences.  The only exception to this is noted in
+ *       the second important Note in the DDDS algorithm specification
+ *       concerning allowing clients to use more complex Service
+ *       determination between steps 3 and 4 in the algorithm.  Preference
+ *       is used to give communicate a higher quality of service to rules
+ *       that are considered the same from an authority standpoint but not
+ *       from a simple load balancing standpoint.
+ * 
+ *       It is important to note that DNS contains several load balancing
+ *       mechanisms and if load balancing among otherwise equal services
+ *       should be needed then methods such as SRV records or multiple A
+ *       records should be utilized to accomplish load balancing.
+ * 
+ *    FLAGS
+ *       A <character-string> containing flags to control aspects of the
+ *       rewriting and interpretation of the fields in the record.  Flags
+ *       are single characters from the set A-Z and 0-9.  The case of the
+ *       alphabetic characters is not significant.  The field can be empty.
+ * 
+ *       It is up to the Application specifying how it is using this
+ *       Database to define the Flags in this field.  It must define which
+ *       ones are terminal and which ones are not.
+ * 
+ *    SERVICES
+ *       A <character-string> that specifies the Service Parameters
+ *       applicable to this this delegation path.  It is up to the
+ *       Application Specification to specify the values found in this
+ *       field.
+ * 
+ *    REGEXP
+ *       A <character-string> containing a substitution expression that is
+ *       applied to the original string held by the client in order to
+ *       construct the next domain name to lookup.  See the DDDS Algorithm
+ *       specification for the syntax of this field.
+ * 
+ *       As stated in the DDDS algorithm, The regular expressions MUST NOT
+ *       be used in a cumulative fashion, that is, they should only be
+ *       applied to the original string held by the client, never to the
+ *       domain name produced by a previous NAPTR rewrite.  The latter is
+ *       tempting in some applications but experience has shown such use to
+ *       be extremely fault sensitive, very error prone, and extremely
+ *       difficult to debug.
+ * 
+ *    REPLACEMENT
+ *       A <domain-name> which is the next domain-name to query for
+ *       depending on the potential values found in the flags field.  This
+ *       field is used when the regular expression is a simple replacement
+ *       operation.  Any value in this field MUST be a fully qualified
+ *       domain-name.  Name compression is not to be used for this field.
+ * 
+ *       This field and the REGEXP field together make up the Substitution
+ *       Expression in the DDDS Algorithm.  It is simply a historical
+ *       optimization specifically for DNS compression that this field
+ *       exists.  The fields are also mutually exclusive.  If a record is
+ *       returned that has values for both fields then it is considered to
+ *       be in error and SHOULD be either ignored or an error returned.
+ */
+public class NameAuthorityPointer extends InternetResource
+{
+	public NameAuthorityPointer( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.NAPTR, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NextNameRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NextNameRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/NextNameRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,61 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 5.2 NXT RDATA Format
+ * 
+ *    The RDATA for an NXT RR consists simply of a domain name followed by
+ *    a bit map.
+ * 
+ *    The type number for the NXT RR is 30.
+ * 
+ *                            1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ *        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |         next domain name                                      /
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |                    type bit map                               /
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * 
+ *    The NXT RR type bit map is one bit per RR type present for the owner
+ *    name similar to the WKS socket bit map.  The first bit represents RR
+ *    type zero (an illegal type which should not be present.) A one bit
+ *    indicates that at least one RR of that type is present for the owner
+ *    name.  A zero indicates that no such RR is present.  All bits not
+ *    specified because they are beyond the end of the bit map are assumed
+ *    to be zero.  Note that bit 30, for NXT, will always be on so the
+ *    minimum bit map length is actually four octets.  The NXT bit map
+ *    should be printed as a list of RR type mnemonics or decimal numbers
+ *    similar to the WKS RR.
+ * 
+ *    The domain name may be compressed with standard DNS name compression
+ *    when being transmitted over the network.  The size of the bit map can
+ *    be inferred from the RDLENGTH and the length of the next domain name.
+ */
+public class NextNameRecord extends InternetResource
+{
+	public NextNameRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.NXT, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/ServerSelectionRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/ServerSelectionRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/ServerSelectionRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,129 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * The format of the SRV RR
+ * 
+ *    Here is the format of the SRV RR, whose DNS type code is 33:
+ * 
+ *         _Service._Proto.Name TTL Class SRV Priority Weight Port Target
+ * 
+ *         (There is an example near the end of this document.)
+ * 
+ *    Service
+ *         The symbolic name of the desired service, as defined in Assigned
+ *         Numbers [STD 2] or locally.  An underscore (_) is prepended to
+ *         the service identifier to avoid collisions with DNS labels that
+ *         occur in nature.
+ * 
+ *         Some widely used services, notably POP, don't have a single
+ *         universal name.  If Assigned Numbers names the service
+ *         indicated, that name is the only name which is legal for SRV
+ *         lookups.  The Service is case insensitive.
+ * 
+ *    Proto
+ *         The symbolic name of the desired protocol, with an underscore
+ *         (_) prepended to prevent collisions with DNS labels that occur
+ *         in nature.  _TCP and _UDP are at present the most useful values
+ *         for this field, though any name defined by Assigned Numbers or
+ *         locally may be used (as for Service).  The Proto is case
+ *         insensitive.
+ * 
+ *    Name
+ *         The domain this RR refers to.  The SRV RR is unique in that the
+ *         name one searches for is not this name; the example near the end
+ *         shows this clearly.
+ * 
+ *    TTL
+ *         Standard DNS meaning [RFC 1035].
+ * 
+ *    Class
+ *         Standard DNS meaning [RFC 1035].   SRV records occur in the IN
+ *         Class.
+ * 
+ *    Priority
+ *         The priority of this target host.  A client MUST attempt to
+ *         contact the target host with the lowest-numbered priority it can
+ *         reach; target hosts with the same priority SHOULD be tried in an
+ *         order defined by the weight field.  The range is 0-65535.  This
+ *         is a 16 bit unsigned integer in network byte order.
+ * 
+ *    Weight
+ *         A server selection mechanism.  The weight field specifies a
+ *         relative weight for entries with the same priority. Larger
+ *         weights SHOULD be given a proportionately higher probability of
+ *         being selected. The range of this number is 0-65535.  This is a
+ *         16 bit unsigned integer in network byte order.  Domain
+ *         administrators SHOULD use Weight 0 when there isn't any server
+ *         selection to do, to make the RR easier to read for humans (less
+ *         noisy).  In the presence of records containing weights greater
+ *         than 0, records with weight 0 should have a very small chance of
+ *         being selected.
+ * 
+ *         In the absence of a protocol whose specification calls for the
+ *         use of other weighting information, a client arranges the SRV
+ *         RRs of the same Priority in the order in which target hosts,
+ *         specified by the SRV RRs, will be contacted. The following
+ *         algorithm SHOULD be used to order the SRV RRs of the same
+ *         priority:
+ * 
+ *         To select a target to be contacted next, arrange all SRV RRs
+ *         (that have not been ordered yet) in any order, except that all
+ *         those with weight 0 are placed at the beginning of the list.
+ * 
+ *         Compute the sum of the weights of those RRs, and with each RR
+ *         associate the running sum in the selected order. Then choose a
+ *         uniform random number between 0 and the sum computed
+ *         (inclusive), and select the RR whose running sum value is the
+ *         first in the selected order which is greater than or equal to
+ *         the random number selected. The target host specified in the
+ *         selected SRV RR is the next one to be contacted by the client.
+ *         Remove this SRV RR from the set of the unordered SRV RRs and
+ *         apply the described algorithm to the unordered SRV RRs to select
+ *         the next target host.  Continue the ordering process until there
+ *         are no unordered SRV RRs.  This process is repeated for each
+ *         Priority.
+ * 
+ *    Port
+ *         The port on this target host of this service.  The range is 0-
+ *         65535.  This is a 16 bit unsigned integer in network byte order.
+ *         This is often as specified in Assigned Numbers but need not be.
+ * 
+ *    Target
+ *         The domain name of the target host.  There MUST be one or more
+ *         address records for this name, the name MUST NOT be an alias (in
+ *         the sense of RFC 1034 or RFC 2181).  Implementors are urged, but
+ *         not required, to return the address record(s) in the Additional
+ *         Data section.  Unless and until permitted by future standards
+ *         action, name compression is not to be used for this field.
+ * 
+ *         A Target of "." means that the service is decidedly not
+ *         available at this domain.
+ */
+public class ServerSelectionRecord extends InternetResource
+{
+	public ServerSelectionRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.SRV, timeToLive, resourceData );
+	}
+}
+

Added: incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/SignatureRecord.java
Url: http://svn.apache.org/viewcvs/incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/SignatureRecord.java?view=auto&rev=125973
==============================================================================
--- (empty file)
+++ incubator/directory/dns/trunk/core/src/java/org/apache/dns/records/zone/SignatureRecord.java	Fri Jan 21 14:24:46 2005
@@ -0,0 +1,183 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.dns.records.zone;
+
+import org.apache.dns.records.InternetResource;
+import org.apache.dns.records.RecordType;
+
+/**
+ * 4.1 SIG RDATA Format
+ * 
+ *    The RDATA portion of a SIG RR is as shown below.  The integrity of
+ *    the RDATA information is protected by the signature field.
+ * 
+ *                            1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
+ *        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |        type covered           |  algorithm    |     labels    |
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |                         original TTL                          |
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |                      signature expiration                     |
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |                      signature inception                      |
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ *       |            key  tag           |                               |
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+         signer's name         +
+ *       |                                                               /
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-/
+ *       /                                                               /
+ *       /                            signature                          /
+ *       /                                                               /
+ *       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * 
+ * 4.1.1 Type Covered Field
+ * 
+ *    The "type covered" is the type of the other RRs covered by this SIG.
+ * 
+ * 4.1.2 Algorithm Number Field
+ * 
+ *    This octet is as described in section 3.2.
+ * 
+ * 4.1.3 Labels Field
+ * 
+ *    The "labels" octet is an unsigned count of how many labels there are
+ *    in the original SIG RR owner name not counting the null label for
+ *    root and not counting any initial "*" for a wildcard.  If a secured
+ *    retrieval is the result of wild card substitution, it is necessary
+ *    for the resolver to use the original form of the name in verifying
+ *    the digital signature.  This field makes it easy to determine the
+ *    original form.
+ * 
+ *    If, on retrieval, the RR appears to have a longer name than indicated
+ *    by "labels", the resolver can tell it is the result of wildcard
+ *    substitution.  If the RR owner name appears to be shorter than the
+ *    labels count, the SIG RR must be considered corrupt and ignored.  The
+ *    maximum number of labels allowed in the current DNS is 127 but the
+ *    entire octet is reserved and would be required should DNS names ever
+ *    be expanded to 255 labels.  The following table gives some examples.
+ *    The value of "labels" is at the top, the retrieved owner name on the
+ *    left, and the table entry is the name to use in signature
+ *    verification except that "bad" means the RR is corrupt.
+ * 
+ *    labels= |  0  |   1  |    2   |      3   |      4   |
+ *    --------+-----+------+--------+----------+----------+
+ *           .|   . | bad  |  bad   |    bad   |    bad   |
+ *          d.|  *. |   d. |  bad   |    bad   |    bad   |
+ *        c.d.|  *. | *.d. |   c.d. |    bad   |    bad   |
+ *      b.c.d.|  *. | *.d. | *.c.d. |   b.c.d. |    bad   |
+ *    a.b.c.d.|  *. | *.d. | *.c.d. | *.b.c.d. | a.b.c.d. |
+ * 
+ * 4.1.4 Original TTL Field
+ * 
+ *    The "original TTL" field is included in the RDATA portion to avoid
+ *    (1) authentication problems that caching servers would otherwise
+ *    cause by decrementing the real TTL field and (2) security problems
+ *    that unscrupulous servers could otherwise cause by manipulating the
+ *    real TTL field.  This original TTL is protected by the signature
+ *    while the current TTL field is not.
+ * 
+ *    NOTE:  The "original TTL" must be restored into the covered RRs when
+ *    the signature is verified (see Section 8).  This generaly implies
+ *    that all RRs for a particular type, name, and class, that is, all the
+ *    RRs in any particular RRset, must have the same TTL to start with.
+ * 
+ * 4.1.5 Signature Expiration and Inception Fields
+ * 
+ *    The SIG is valid from the "signature inception" time until the
+ *    "signature expiration" time.  Both are unsigned numbers of seconds
+ *    since the start of 1 January 1970, GMT, ignoring leap seconds.  (See
+ *    also Section 4.4.)  Ring arithmetic is used as for DNS SOA serial
+ *    numbers [RFC 1982] which means that these times can never be more
+ *    than about 68 years in the past or the future.  This means that these
+ *    times are ambiguous modulo ~136.09 years.  However there is no
+ *    security flaw because keys are required to be changed to new random
+ *    keys by [RFC 2541] at least every five years.  This means that the
+ *    probability that the same key is in use N*136.09 years later should
+ *    be the same as the probability that a random guess will work.
+ * 
+ *    A SIG RR may have an expiration time numerically less than the
+ *    inception time if the expiration time is near the 32 bit wrap around
+ *    point and/or the signature is long lived.
+ * 
+ *    (To prevent misordering of network requests to update a zone
+ *    dynamically, monotonically increasing "signature inception" times may
+ *    be necessary.)
+ * 
+ *    A secure zone must be considered changed for SOA serial number
+ *    purposes not only when its data is updated but also when new SIG RRs
+ *    are inserted (ie, the zone or any part of it is re-signed).
+ * 
+ * 4.1.6 Key Tag Field
+ * 
+ *    The "key Tag" is a two octet quantity that is used to efficiently
+ *    select between multiple keys which may be applicable and thus check
+ *    that a public key about to be used for the computationally expensive
+ *    effort to check the signature is possibly valid.  For algorithm 1
+ *    (MD5/RSA) as defined in [RFC 2537], it is the next to the bottom two
+ *    octets of the public key modulus needed to decode the signature
+ *    field.  That is to say, the most significant 16 of the least
+ *    significant 24 bits of the modulus in network (big endian) order. For
+ *    all other algorithms, including private algorithms, it is calculated
+ *    as a simple checksum of the KEY RR as described in Appendix C.
+ * 
+ * 4.1.7 Signer's Name Field
+ * 
+ *    The "signer's name" field is the domain name of the signer generating
+ *    the SIG RR.  This is the owner name of the public KEY RR that can be
+ *    used to verify the signature.  It is frequently the zone which
+ *    contained the RRset being authenticated.  Which signers should be
+ *    authorized to sign what is a significant resolver policy question as
+ *    discussed in Section 6. The signer's name may be compressed with
+ *    standard DNS name compression when being transmitted over the
+ *    network.
+ * 
+ * 4.1.8 Signature Field
+ * 
+ *    The actual signature portion of the SIG RR binds the other RDATA
+ *    fields to the RRset of the "type covered" RRs with that owner name
+ *    and class.  This covered RRset is thereby authenticated.  To
+ *    accomplish this, a data sequence is constructed as follows:
+ * 
+ *          data = RDATA | RR(s)...
+ * 
+ *    where "|" is concatenation,
+ * 
+ *    RDATA is the wire format of all the RDATA fields in the SIG RR itself
+ *    (including the canonical form of the signer's name) before but not
+ *    including the signature, and
+ * 
+ *    RR(s) is the RRset of the RR(s) of the type covered with the same
+ *    owner name and class as the SIG RR in canonical form and order as
+ *    defined in Section 8.
+ * 
+ *    How this data sequence is processed into the signature is algorithm
+ *    dependent.  These algorithm dependent formats and procedures are
+ *    described in separate documents (Section 3.2).
+ * 
+ *    SIGs SHOULD NOT be included in a zone for any "meta-type" such as
+ *    ANY, AXFR, etc. (but see section 5.6.2 with regard to IXFR).
+ */
+public class SignatureRecord extends InternetResource
+{
+	public SignatureRecord( String domainName, int timeToLive, byte[] resourceData )
+	{
+		super( domainName, RecordType.SIG, timeToLive, resourceData );
+	}
+}
+

Mime
View raw message