TXT record
Internet protocol suite |
---|
Application layer |
Transport layer |
Internet layer |
Link layer |
A TXT record (short for text record) is a type of resource record in the Domain Name System (DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information.[1]
It is also often used in a more structured fashion to record small amounts of machine-readable data into the DNS.
Background
[edit]A domain may have multiple TXT records associated with it, provided the DNS server implementation supports this.[1] Each record can in turn have one or more character strings.[2] Traditionally these text fields were used for a variety of non-standardised uses, such as a full company or organisation name, or the address of a host.
Some examples of TXT usage:
- Verification of domain ownership[3][4]
- Implementation of Sender Policy Framework (SPF)[5]
- DomainKeys Identified Mail (DKIM) records for verifying the sender of email messages[6]
- Zero-configuration networking DNS-based service discovery[7][8]
- Domain-based Message Authentication, Reporting and Conformance (DMARC) policies
Using TXT records to store data for different purposes is not without problems. The DNS protocol specifies that when a client queries for a specific record type (e.g., TXT) for a certain domain name (e.g., example.com), all records of that type must be returned in the same DNS message. That may lead to large transactions with lots of "unnecessary" information being transferred and/or uncertainty about which TXT record to use. There are two ways around this: to specify a domain name prefix to be used when using TXT records for a specific purpose (e.g., _domainkey.example.com – in the DKIM case) or to create a new record type entirely. The former is "easy" because it doesn't require any changes to the DNS. The latter is sometimes considered "cleaner" as it matches the design of the DNS database model better. In the past, creating new record types was often avoided since it was a complicated procedure in the IETF. The reluctance lingers with some people despite the process having been replaced by a much lighter and quicker one.
Format
[edit]The structure of the TXT record is specified in RFC 1035[2] as follows. Note that the specification is silent on the subject of character encoding of the text string. It explicitly states that the interpretation of the string is context dependent, and that the data is treated as binary inside the DNS. Later specifications (e.g., RFC 6763[8] – DNS used for service discovery) may require the use of specific encodings for specific purposes.
The RDATA section may contain multiple consecutive occurrences of (TXT Length + TXT). Data Length is the length of them all combined.
Field | Type | Description |
---|---|---|
Name | Label Sequence | The domain name, encoded as a sequence of labels. |
Type | 2-byte Integer | The record type. In this case will be 0x0010 as the Type is TXT. |
Class | 2-byte Integer | The class. |
TTL | 4-byte Integer | Time-To-Live, i.e. how long a record can be cached before it should be requeried. |
Data Length | 2-byte Integer | Length of the record type-specific data. |
TXT Length | 1-byte Integer | Length of TXT string. |
TXT | String | The character-string. |
TXT response example from example.com
| ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
This is the hex returned as part of the DNS response from example.com when queried for TXT records.
0000 34 48 81 a0 00 01 00 02 00 00 00 01 07 65 78 61
0010 6d 70 6c 65 03 63 6f 6d 00 00 10 00 01 c0 0c 00
0020 10 00 01 00 00 54 5f 00 0c 0b 76 3d 73 70 66 31
0030 20 2d 61 6c 6c c0 0c 00 10 00 01 00 00 54 5f 00
0040 21 20 38 6a 35 6e 66 71 6c 64 32 30 7a 70 63 79
0050 72 38 78 6a 77 30 79 64 63 66 71 39 72 6b 38 68
0060 67 6d 00 00 29 02 00 00 00 00 00 00 00
0000 c0 0c 00 10 00 01 00 00 54 5f 00 0c 0b 76 3d 73
0010 70 66 31 20 2d 61 6c 6c
This decodes as follows:
|
As unstructured text, organisations can use the TXT string in any way they define, for example:
example.com. IN TXT "This domain name is reserved for use in documentation"
RFC 1464 defines a structured format that can be used to define attributes and their values in a single record,[1] as in these examples:
host.widgets.com. IN TXT "printer=lpr5"
sam.widgets.com. IN TXT "favorite drink=orange juice"
In practice, services using TXT records often do not follow this RFC, but instead have their own specific format.[9][10]
Example usage
[edit]The character string from a TXT record used for SPF:
"v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 ip6:2620:0:860::/46 a -all"
An example of use for DMARC:
"v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:dmarcreports@example.com;"
Use for site verification:
"google-site-verification=6P08Ow5E-8Q0m6vQ7FMAqAYIDprkVV8fUf_7hZ4Qvc8"
Use for custom email service:
_amazonses.example.com. IN TXT "pmBGN/7MjnfhTKUZ06Enqq1PeGUaOkw8lGhcfwefcHU="
Brand Indicators for Message Identification (BIMI):
default._bimi TXT "v=BIMI1; l=https://example.com/image.svg; a=https://example.com/image/certificate.pem"
See also
[edit]References
[edit]- ^ a b c R. Rosenbaum (May 1993). Using the Domain Name System To Store Arbitrary String Attributes. Network Working Group. doi:10.17487/RFC1464. RFC 1464. Experimental.
- ^ a b P. Mockapetris (November 1987). DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION. Network Working Group. doi:10.17487/RFC1035. STD 13. RFC 1035. Internet Standard 13. Obsoletes RFC 882, 883 and 973. Updated by RFC 1101, 1183, 1348, 1876, 1982, 1995, 1996, 2065, 2136, 2137, 2181, 2308, 2535, 2673, 2845, 3425, 3658, 4033, 4034, 4035, 4343, 5936, 5966, 6604, 7766, 8482, 8490 and 8767.
- ^ "Verify your site ownership". Retrieved 18 December 2018.
- ^ "Domain Verification". Facebook. Retrieved 18 December 2018.
- ^ S. Kitterman (April 2014). Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1. Internet Engineering Task Force. doi:10.17487/RFC7208. ISSN 2070-1721. RFC 7208. Proposed Standard. Obsoletes RFC 4408. Updated by RFC 7372, RFC 8553, and RFC 8616.
- ^ "About TXT records". Google Apps Administration. Retrieved 2014-08-17.
- ^ S. Cheshire; M. Krochmal (February 2013). Multicast DNS. IETF. doi:10.17487/RFC6762. ISSN 2070-1721. RFC 6762. Proposed Standard.
- ^ a b S. Cheshire; M. Krochmal (February 2013). DNS-Based Service Discovery. IETF. doi:10.17487/RFC6763. ISSN 2070-1721. RFC 6763. Proposed Standard. Updated by RFC 8553.
- ^ "DNS Record Verification". WebNots. 2 July 2013. Retrieved 21 December 2018.
- ^ "Amazon SES Domain Verification TXT Records". Amazon. Retrieved 21 December 2018.