Spec: 4.3.2 SERVICE SITE INFORMATION: HS_SITE

HS_SITE is used to provide information about a DO-IRP service to inform a DO-IRP clients how to contact it. This information specifies the server’s address, its protocol version, its public key. Each prefix identifier should have one or more HS_SITE elements in its prefix identifier record. This is called the service information for the prefix and denotes, among other things, the location of servers where any existing identifier that is based on that prefix can be created, updated, deleted, or resolved. A user that tries to resolve an identifier that does not exist will get a “identifier not found” response from the local service specified in the HS_SITE information. Attempts to resolve an invalid identifier, namely one that does not exist within the designated LIS, will get a “identifier not found” response from that local service.

The service information is managed by the system administrator. It must reflect the configuration of the DO-IRP service for each of the prefixes it manages. An additional layer of indirection is provided by the use of HS_SERV, which is called a service identifier; HS_SERV allows multiple prefixes to reference a single set of HS_SITE elements, as described in section 4.3.4. DO-IRP clients depend on the service information to locate a responsible DO-IRP server before they can send their service requests. The service information can also be used by clients to authenticate any service response from the server.

An HS_SITE element is one whose field is HS_SITE and whose field consists of the following entries encoded as binary data:

Field	Description
`version` uint32	current version number: 1
`protocolVersionMajor` uint32	Spec: A 2-byte integer value that identifies the highest DO-IRP protocol version understood by servers of the site. The higher byte of the value identifies the major version and the lower byte the minor version. Details of the message format for DO-IRP protocol version 3.0 are specified in section 6.2. Although the terminology used is the same, this field does not denote the protocol version of this DO-IRP specification. Rather, it denotes the protocol version as specified by the prefix administrator for the implementation of the local service that supports the identifier record. Local services which support the DO-IRP protocol version 3.0 specified in this document should be described with HS_SITE elements specifying 3.0.
`protocolVersionMinor` uint32
`serialNumber` uint32	This should be automatically increased on the IRS service side
`primaryMask` uint32	Spec: An 8-bit mask that identifies the primary site(s) of the DO-IRP service. The first bit of the octet is the bit. It indicates whether the HS_SITE element is a primary site. A primary site is the one that supports administrative operations for its identifiers. The second bit of the octet is the bit. It indicates whether the service has multiple primary sites. A entry with zero value indicates that the service has a single primary site and all administration has to be done at that site. A non-zero entry indicates that the service has multiple primary sites. Each primary site may be used to administer identifiers managed under the service.
`hashOption` HashOption	hash option used by the service site to distribute identifiers among its multiple servers; not meaningful for a typical service site with a single server.
`hashFilter` string	Spec: An UTF8-string entry reserved for future use.
`attributes` map<string, string>	represented as map from to here for convenience
`serverRecords` ServerRecord[]	a list of s each defines a server that is part of the service

ServerRecord

Spec: Each consists of the following data fields: ::=

Field	Description
`id` uint32	Spec: A 4-byte unsigned integer that uniquely identifies a server process under the service site. s do not have to begin with 1 and they don’t have to be consecutive numbers. They are used to distinguish servers under a service site from each other. Note that there can be multiple servers residing on any given computer, each with a different .
`address` string	represented as text here for convenience
`publicKeyRecord` HsPubkey	Spec: A 4-byte integer followed by a byte-array that contains the server’s public key (server authentication key). The integer specifies the size of the byte-array. For key types described in this specification, the byte-array (for the public key) consists of a number of parts: a UTF8-string that describes the key type, a two-byte option field reserved for future use, and a key-type-dependent number of length-prefixed byte-arrays that describe the public key itself. The key types in current use are “DSA_PUB_KEY,” where there are four byte-arrays after the two-byte option field for the four DSA parameters q, p, g, and y; and “RSA_PUB_KEY”, where after the two-byte option field are two byte- arrays for the exponent and modulus, followed by an empty byte-array (four zero bytes). Other key types may be useful to consider in the future. The public key in the can be used to authenticate any service response from the DO-IRP server.
`serviceInterface` ServiceInterface[]	service interface provided by the server

ServiceInterface

Spec: Consists of the following data fields: ::= [ ]

A 4-byte integer followed by an array of triplets consisting of <ServiceType, TransportProtocol, PortNumber>. The 4-byte integer specifies the number of triplets. Each triplet lists a service interface provided by the server.

Field	Description
`type` ServiceType	Spec: The is an octet (as a bit mask) that specifies whether the interface is for administration (0x01), resolution (0x02), or both (0x03).
`transportProtocol` TransportProtocol	Spec: The is also an octet (as a bit mask) that specifies the protocol. Possible protocols include UDP (0x00), TCP (0x01), HTTP (0x02), and HTTPS (0x03). The following are additional protocols not in the spec: gRPC (0x04)
`portNumber` uint32	Spec: The is a 4-byte unsigned integer that specifies the port number used by the interface.The conventional port number used by DO-IRP servers is 2641 for UDP and TCP, and 8000 for HTTP.

ServiceType

TransportProtocol

HashOption

HsPubkey

Name	Description
`SERVICE_TYPE_UNSPECIFIED`
`SERVICE_TYPE_ADMINISTRATION`
`SERVICE_TYPE_RESOLUTION`
`SERVICE_TYPE_BOTH`

Name	Description
`TRANSPORT_PROTOCOL_UDP`
`TRANSPORT_PROTOCOL_TCP`
`TRANSPORT_PROTOCOL_HTTP`
`TRANSPORT_PROTOCOL_HTTPS`
`TRANSPORT_PROTOCOL_GRPC`

Name	Description
`HASH_OPTION_HASH_BY_PREFIX`
`HASH_OPTION_HASH_BY_SUFFIX`
`HASH_OPTION_HASH_BY_IDENTIFIER`

Spec: 4.3.6 IDENTITY: HS_PUBKEY

An element of type HS_PUBKEY stores a public key. The element can be used as an administrative identity, for referring to in HS_ADMIN or HS_VLIST elements for authorization, or for identifying the administrative identity in DO-IRP authentication. A reference to the element for use as an administrative identity is as a pair of the identifier and the index of the element within the identifier record; in this document this is often written with a colon as :.

The of the element is a binary encoding of the public key which for key types considered in this specification is as follows. First, there is a UTF8-string that describes the key type; then, a two- byte option field reserved for future use; and finally, a key-type-dependent number of length- prefixed byte-arrays that contains the public key itself.