Closed enygren closed 1 week ago
From reading the text in -04 version, it expands on base64url to include base32 and base16, and adds a paragraph of text on the encoding.
SOmeopne else should confirm this has been addressed.
We expanded on the encoding, but I think we still need to clarify that the RFC1464 reference is not adequate on its own to define the syntax.
Good point Erik and I never found a good example in 1464 of steps to generate.
I do get on my high horse on examples. apologies
Soooo - I have been down the rabbit hole of TXT record formats numerous times. I went and dumped all the TXT records at the zone apex for the alexa top 1000 domains. While this is not everything, when I combine it with things from the Underscore registry I have more thoughts. not many records use the semi-colon (DMARC/DKIM mainly) the majority are
as SVCB uses format of "tag=value tag=value" etc I feel we should continue with these style as resolvers can leverage the existing code uses. https://www.rfc-editor.org/rfc/rfc9460.html#name-zone-file-presentation-form
most tag=value have just one
total TXT records: 9173
tag=value 6045
I am also an idiot. Dawned on me it is Service Providers who will validate these records.
"Should we be consistent and always recommend a RFC1464 token= mechanism?" YES, but I also think just the value is fine, so I can not make up my mind
"As base64uri is often going to have trailing "=" as padding, we may want to include this in examples and make sure this is unambiguous as far as escaping/encoding goes."
How about examples of all three - here is example.com
base64 ZXhhbXBsZS5jb20uCg==
base32 MV4GC3LQNRSS4Y3PNUXAU===
base16 6578616d706c652e636f6d2e0a0a
yea? nay?
The biggest problem with the current text is that we reference rfc1464 but are in explicit conflict with it. It only supports space separation, not comma separation.
Switching from commas to spaces in the example is fine as long as we only ever have token per resource record. (ie, using the "long string" model from RFC 1035 introduces ambiguity)
If rfc1464 is specified then token= MUST be present, as otherwise a base64 value ending in = or == has specific handling and would get split up by the rfc1464 encoding.
Perhaps:
Oh these are all things I can agree on. Do you have time for some text or shall I?
I'll work on some text and have y'all review
We reference and use RFC1464 in the metadata sub-section but unless I'm misreading there inconsistency here, and the resulting syntax doesn't match RFC1464 and is under-specified and has some ambiguities.
In particular: