X-Git-Url: http://www.average.org/gitweb/?p=pdns-pipe-nmc.git;a=blobdiff_plain;f=SPEC.md;h=4a0fb4ac7fdf82a890821236345580353d9b828e;hp=1c1292ce803bf65d6558f3bd641045cdbd72768c;hb=0288e756cf28a0229c03a946e54cda94252526c1;hpb=2937774909c747862ae9fe6efe7613bffe3efad3

diff --git a/SPEC.md b/SPEC.md
index 1c1292c..4a0fb4a 100644
--- a/SPEC.md
+++ b/SPEC.md
@@ -307,9 +307,6 @@ the current domain object.
 
 #### map attribute
 
-FIXME - explain handling of the keys with dots.
-Also, add checks to the code to disallow empty elements.
-
 JSON Map object containing subdomain names as its keys and domain
 objects as values. Element of the map with empty key "" has special
 meaning: the value of this map element is merged into the current
@@ -322,11 +319,32 @@ the empty element of the `"map"` has been recursively merged into
 the current object.
 
 ```
-"map": { "www": { "alias" : "www.example.com." }
+"map": { "www": { "alias" : "www.example.com" }
        , "www2": { "delegate": "d/example" }
        }
 ```
 
+Note: When a key contains dots ".", it is converted to a nested
+map.  If empty element appears as a result of split, such as when
+a dot is at the beginning or at the end of the key, or there are
+consequitive dots, such elemets are ignored. For example,
+
+```
+"map": { "www.uk": { "alias" : "www.example.co.uk" }
+       , "www..us": { "alias" : "www.example.com" }
+       , "smtp.us.": { "alias" : "smtp.example.com" }
+```
+
+is equivalent to
+
+```
+"map": { "uk": { "map": { "www": { "alias" : "www.example.co.uk" }}}
+       , "us": { "map": { "www": { "alias" : "www.example.com" }
+                        , "smtp": { "alias" : "smtp.example.com" }}
+               }
+       }
+```
+
 #### fingerprint attribute
 
 Does not translate into any DNS RR. Contains a list of TLS
@@ -347,6 +365,20 @@ Intended to carry attributes as per
        }
 ```
 
+translates into:
+
+```
+_443._tcp      TLSA  (3 0 1 660008F9...7621B787)
+_25._tcp       TLSA  (3 0 1 660008F9...7621B787)
+```
+
+The third element of the `TlsObj` heterogenous array is an extention
+to the DANE definition. Value `0` means that this rule is not enforced
+upon subdomains, value `1` means that it is enforced on subdomains.
+Rule defined inside a subdomain `DomObj` that specifies `0` on a rule
+existing in upper domain, that specifies `1` should be ignored. I.e.
+subdomain rule cannot revoke enforcement imposed by an upper domain rule.
+
 #### ds attribute
 
 Translates into `DS` RR. Carries attributes defined by