search.xml

<?xml version="1.0" encoding="utf-8"?>
<search> 
  
  
    
    <entry>
      <title></title>
      <link href="/2023/12/21/2023/Tuesdays%20with%20Morrie_%20An%20Old%20Man,%20a%20Young%20-%20Mitch%20Albom/"/>
      <url>/2023/12/21/2023/Tuesdays%20with%20Morrie_%20An%20Old%20Man,%20a%20Young%20-%20Mitch%20Albom/</url>
      
        <content type="html"><![CDATA[<p>an old man, a young man, and life’s greatest lesson by Mitch Albom</p><h2 id="Acknowledgments"><a href="#Acknowledgments" class="headerlink" title="Acknowledgments"></a>Acknowledgments</h2><p>I would like to acknowledge the enormous help given to me in creating this book. For their memories, their patience, and their guidance, I wish to thank Charlotte, Rob, and Jonathan Schwartz, Maurie Stein, Charlie Derber, Gordie Fellman, David Schwartz, Rabbi Al Axelrad, and the multitude of Morrie’s friends and colleagues. Also, special thanks to Bill Thomas, my editor, for handling this project with just the right touch. And, as always, my appreciation to David Black, who often believes in me more than I do myself.</p><p>Mostly, my thanks to Morrie, for wanting to do this last thesis together. Have you ever had a teacher like this?</p><h2 id="The-Curriculum"><a href="#The-Curriculum" class="headerlink" title="The Curriculum"></a>The Curriculum</h2><p>The last class of my old professor’s life took place once a week in his house, by a window in the study where he could watch a small hibiscus plant shed its pink leaves. The class met on Tuesdays. It began after breakfast. The subject was The Meaning of Life. It was taught from experience. No grades were given, but there were oral exams each week. You were expected to respond to questions, and you were expected to pose questions of your own. You were also required to perform physical tasks now and then, such as lifting the professor’s head to a comfortable spot on the pillow or placing his glasses on the bridge of his nose. Kissing him good-bye earned you extra credit.</p><p>No books were required, yet many topics were covered, including love, work, community, family, aging, forgiveness, and, finally, death. The last lecture was brief, only a few words.</p><p>A funeral was held in lieu of graduation. Although no final exam was given, you were expected to produce one long paper on what was learned. That paper is presented here. The last class of my old professor’s life had only one student. I was the student. It is the late spring of 1979, a hot, sticky Saturday afternoon. Hundreds of us sit together, side by side, in rows of wooden folding chairs on the main campus lawn. We wear blue nylon robes. We listen impatiently to long speeches. When the ceremony is over, we throw our caps in the air, and we are officially graduated from college, the senior class of Brandeis University in the city of Waltham, Massachusetts. For many of us, the curtain has just come down on childhood. Afterward, I find Morrie Schwartz, my favorite professor, and introduce him to my parents. He is a small man who takes small steps, as if a strong wind could, at any time, whisk him up into the clouds. In his graduation day robe, he looks like a cross between a biblical prophet and a Christmas elf He has sparkling blue green eyes, thinning silver hair that spills onto his forehead, big ears, a triangular nose, and tufts of graying eyebrows. Although his teeth are crooked and his lower ones are slanted back-as if someone had once punched them inwhen he smiles it’s as if you’d just told him the first joke on earth. He tells my parents how I took every class he taught. He tells them, “You have a special boy here. “ Embarrassed, I look at my feet. Before we leave, I hand my professor a present, a tan briefcase with his initials on the front. I bought this the day before at a shopping mall. I didn’t want to forget him. Maybe I didn’t want him to forget me.</p><p>“Mitch, you are one of the good ones,” he says, admiring the briefcase. Then he hugs me. I feel his thin arms around my back. I am taller than he is, and when he holds me, I feel awkward, older, as if I were the parent and he were the child. He asks if I will stay in touch, and without hesitation I say, “Of course.” When he steps back, I see that he is crying.</p><h2 id="The-Syllabus"><a href="#The-Syllabus" class="headerlink" title="The Syllabus"></a>The Syllabus</h2><p>His death sentence came in the summer of 1994. Looking back, Morrie knew something bad was coming long before that. He knew it the day he gave up dancing. He had always been a dancer, my old professor. The music didn’t matter. Rock and roll, big band, the blues. He loved them all. He would close his eyes and with a blissful smile begin to move to his own sense of rhythm. It wasn’t always pretty. But then, he didn’t worry about a partner. Morrie danced by himself. He used to go to this church in Harvard Square every Wednesday night for something called “Dance Free.” They had flashing lights and booming speakers and Morrie would wander in among the mostly student crowd, wearing a white T-shirt and black sweatpants and a towel around his neck, and whatever music was playing, that’s the music to which he danced. He’d do the lindy to Jimi Hendrix. He twisted and twirled, he waved his arms like a conductor on amphetamines, until sweat was dripping down the middle of his back. No one there knew he was a prominent doctor of sociology, with years of experience as a college professor and several well-respected books. They just thought he was some old nut. Once, he brought a tango tape and got them to play it over the speakers. Then he commandeered the floor, shooting back and forth like some hot Latin lover. When he finished, everyone applauded. He could have stayed in that moment forever. But then the dancing stopped.</p><p>He developed asthma in his sixties. His breathing became labored. One day he was walking along the Charles River, and a cold burst of wind left him choking for air. He was rushed to the hospital and injected with Adrenalin. A few years later, he began to have trouble walking. At a birthday party for a friend, he stumbled inexplicably. Another night, he fell down the steps of a theater, startling a small crowd of people. “Give him air!” someone yelled. He was in his seventies by this point, so they whispered “old age” and helped him to his feet. But Morrie, who was always more in touch with his insides than the rest of us, knew something else was wrong. This was more than old age. He was weary all the time. He had trouble sleeping. He dreamt he was dying.</p><p>He began to see doctors. Lots of them. They tested his blood. They tested his urine. They put a scope up his rear end and looked inside his intestines. Finally, when nothing could be found, one doctor ordered a muscle biopsy, taking a small piece out of Morrie’s calf. The lab report came back suggesting a neurological problem, and Morrie was brought in for yet another series of tests. In one of those tests, he sat in a special seat as they zapped him with electrical current-an electric chair, of sortsand studied his neurological responses. “We need to check this further,” the doctors said, looking over his results. “Why?” Morrie asked. “What is it?” “We’re not sure. Your times are slow.” His times were slow? What did that mean? Finally, on a hot, humid day in August 1994, Morrie and his wife, Charlotte, went to the neurologist’s office, and he asked them to sit before he broke the news: Morrie had amyotrophic lateral sclerosis (ALS), Lou Gehrig’s disease, a brutal, unforgiving illness of the neurological system.</p><p>There was no known cure.</p><p>“How did I get it?” Morrie asked. Nobody knew. “Is it terminal?” Yes. “So I’m going to die?” Yes, you are, the doctor said. I’m very sorry. He sat with Morrie and Charlotte for nearly two hours, patiently answering their questions. When they left, the doctor gave them some information on ALS, little pamphlets, as if they were opening a bank account. Outside, the sun was shining and people were going about their business. A woman ran to put money in the parking meter. Another carried groceries. Charlotte had a million thoughts running through her mind: How much time do we have left? How will we manage? How will we pay the bills? My old professor, meanwhile, was stunned by the normalcy of the day around him. Shouldn’t the world stop? Don’t they know what has happened to me? But the world did not stop, it took no notice at all, and as Morrie pulled weakly on the car door, he felt as if he were dropping into a hole. Now what? he thought. As my old professor searched for answers, the disease took him over, day by day, week by week. He backed the car out of the garage one morning and could barely push the brakes. That was the end of his driving.</p><p>He kept tripping, so he purchased a cane. That was the end of his walking free. He went for his regular swim at the YMCA, but found he could no longer undress himself. So he hired his first home care worker-a theology student named Tony-who helped him in and out of the pool, and in and out of his bathing suit. In the locker room, the other swimmers pretended not to stare. They stared anyhow. That was the end of his privacy. In the fall of 1994, Morrie came to the hilly Brandeis campus to teach his final college course. He could have skipped this, of course. The university would have understood. Why suffer in front of so many people? Stay at home. Get your affairs in order. But the idea of quitting did not occur to Morrie.</p><p>Instead, he hobbled into the classroom, his home for more than thirty years. Because of the cane, he took a while to reach the chair. Finally, he sat down, dropped his glasses off his nose, and looked out at the young faces who stared back in silence. “My friends, I assume you are all here for the Social Psychology class. I have been teaching this course for twenty years, and this is the first time I can say there is a risk in taking it, because I have a fatal illness. I may not live to finish the semester. “If you feel this is a problem, I understand if you wish to drop the course.” He smiled. And that was the end of his secret. ALS is like a lit candle: it melts your nerves and leaves your body a pile of wax. Often, it begins with the legs and works its way up. You lose control of your thigh muscles, so that you cannot support yourself standing. You lose control of your trunk muscles, so that you cannot sit up straight. By the end, if you are still alive, you are breathing through a tube in a hole in your throat, while your soul, perfectly awake, is imprisoned inside a limp husk, perhaps able to blink, or cluck a tongue, like something from a science fiction movie, the man frozen inside his own flesh. This takes no more than five years from the day you contract the disease. Morrie’s doctors guessed he had two years left. Morrie knew it was less. But my old professor had made a profound decision, one he began to construct the day he came out of the doctor’s office with a sword hanging over his head. Do I wither up and disappear, or do I make the best of my time left? he had asked himself. He would not wither. He would not be ashamed of dying.</p><p>Instead, he would make death his final project, the center point of his days. Since everyone was going to die, he could be of great value, right? He could be research. A human textbook. Study me in my slow and patient demise. Watch what happens to me. Learn with me. Morrie would walk that final bridge between life and death, and narrate the trip. The fall semester passed quickly. The pills increased. Therapy became a regular routine. Nurses came to his house to work with Morrie’s withering legs, to keep the muscles active, bending them back and forth as if pumping water from a well. Massage specialists came by once a week to try to soothe the constant, heavy stiffness he felt. He met with meditation teachers, and closed his eyes and narrowed his thoughts until his world shrunk down to a single breath, in and out, in and out. One day, using his cane, he stepped onto the curb and fell over into the street. The cane was exchanged for a walker. As his body weakened, the back and forth to the bathroom became too exhausting, so Morrie began to urinate into a large beaker. He had to support himself as he did this, meaning someone had to hold the beaker while Morrie filled it.</p><p>Most of us would be embarrassed by all this, especially at Morrie’s age. But Morrie was not like most of us. When some of his close colleagues would visit, he would say to them, “Listen, I have to pee. Would you mind helping? Are you okay with that?” Often, to their own surprise, they were. In fact, he entertained a growing stream of visitors. He had discussion groups about dying, what it really meant, how societies had always been afraid of it without necessarily understanding it. He told his friends that if they really wanted to help him, they would treat him not with sympathy but with visits, phone calls, a sharing of their problems-the way they had always shared their problems, because Morrie had always been a wonderful listener.</p><p>For all that was happening to him, his voice was strong and inviting, and his mind was vibrating with a million thoughts. He was intent on proving that the word “dying” was not synonymous with “useless.” The New Year came and went. Although he never said it to anyone, Morrie knew this would be the last year of his life. He was using a wheelchair now, and he was fighting time to say all the things he wanted to say to all the people he loved. When a colleague at Brandeis died suddenly of a heart attack, Morrie went to his funeral. He came home depressed. “What a waste,” he said. “All those people saying all those wonderful things, and Irv never got to hear any of it.” Morrie had a better idea. He made some calls. He chose a date. And on a cold Sunday afternoon, he was joined in his home by a small group of friends and family for a “living funeral.” Each of them spoke and paid tribute to my old professor. Some cried. Some laughed. One woman read a poem:</p><h2 id="Your-Ageless-Heart"><a href="#Your-Ageless-Heart" class="headerlink" title="Your Ageless Heart"></a>Your Ageless Heart</h2><p>as you move through time, layer on layer, tender sequoia . . .” Morrie cried and laughed with them. And all the heartfelt things we never get to say to those we love, Morrie said that day. His “living funeral” was a rousing success. Only Morrie wasn’t dead yet. In fact, the most unusual part of his life was about to unfold.</p><h2 id="The-Student"><a href="#The-Student" class="headerlink" title="The Student"></a>The Student</h2><p>At this point, I should explain what had happened to me since that summer day when I last hugged my dear and wise professor, and promised to keep in touch.</p><h2 id="I-Did-Not-Keep-In-Touch"><a href="#I-Did-Not-Keep-In-Touch" class="headerlink" title="I Did Not Keep In Touch."></a>I Did Not Keep In Touch.</h2><p>In fact, I lost contact with most of the people I knew in college, including my, beer-drinking friends and the first woman I ever woke up with in the morning. The years after graduation hardened me into someone quite different from the strutting graduate who left campus that day headed for New York City, ready to offer the world his talent. The world, I discovered, was not all that interested. I wandered around my early twenties, paying rent and reading classifieds and wondering why the lights were not turning green for me. My dream was to be a famous musician (I played the piano), but after several years of dark, empty nightclubs, broken promises, bands that kept breaking up and producers who seemed excited about everyone but me, the dream soured. I was failing for the first time in my life.</p><p>At the same time, I had my first serious encounter with death. My favorite uncle, my mother’s brother, the man who had taught me music, taught me to drive, teased me about girls, thrown me a football-that one adult whom I targeted as a child and said, “That’s who I want to be when I grow up”-died of pancreatic cancer at the age of forty-four. He was a short, handsome man with a thick mustache, and I was with him for the last year of his life, living in an apartment just below his. I watched his strong body wither, then bloat, saw him suffer, night after night, doubled over at the dinner table, pressing on his stomach, his eyes shut, his mouth contorted in pain. “Ahhhhh, God,” he would moan. “Ahhhhhh, Jesus!” The rest of us-my aunt, his two young sons, me-stood there, silently, cleaning the plates, averting our eyes. It was the most helpless I have ever felt in my life. One night in May, my uncle and I sat on the balcony of his apartment. It was breezy and warm. He looked out toward the horizon and said, through gritted teeth, that he wouldn’t be around to see his kids into the next school year. He asked if I would look after them. I told him not to talk that way. He stared at me sadly. He died a few weeks later. After the funeral, my life changed. I felt as if time were suddenly precious, water going down an open drain, and I could not move quickly enough. No more playing music at half-empty night clubs. No more writing songs in my apartment, songs that no one would hear. I returned to school. I earned a master’s degree in journalism and took the first job offered, as a sports writer. Instead of chasing my own fame, I wrote about famous athletes chasing theirs. I worked for newspapers and freelanced for magazines. I worked at a pace that knew no hours, no limits. I would wake up in the morning, brush my teeth, and sit down at the typewriter in the same clothes I had slept in. My uncle had worked for a corporation and hated it-same thing, every day-and I was determined never to end up like him. I bounced around from New York to Florida and eventually took a job in Detroit as a columnist for the Detroit Free Press. The sports appetite in that city was insatiable-they had professional teams in football, basketball, baseball, and hockey-and it matched my ambition. In a few years, I was not only penning columns, I was writing sports books, doing radio shows, and appearing regularly on TV, spouting my opinions on rich football players and hypocritical college sports programs. I was part of the media thunderstorm that now soaks our country. I was in demand. I stopped renting. I started buying. I bought a house on a hill. I bought cars. I invested in stocks and built a portfolio. I was cranked to a fifth gear, and everything I did, I did on a deadline. I exercised like a demon. I drove my car at breakneck speed. I made more money than I had ever figured to see. I met a dark-haired woman named Janine who somehow loved me despite my schedule and the constant absences. We married after a seven year courtship. I was back to work a week after the wedding. I told her-and myself-that we would one day start a family, something she wanted very much. But that day never came.</p><p>Instead, I buried myself in accomplishments, because with accomplishments, I believed I could control things, I could squeeze in every last piece of happiness before I got sick and died, like my uncle before me, which I figured was my natural fate. As for Morrie? Well, I thought about him now and then, the things he had taught me about “being human” and “relating to others,” but it was always in the distance, as if from another life. Over the years, I threw away any mail that came from Brandeis University, figuring they were only asking for money. So I did not know of Morrie’s illness. The people who might have told me were long forgotten, their phone numbers buried in some packed-away box in the attic. It might have stayed that way, had I not been flicking through the TV channels late one night, when something caught my ear . . .</p><h2 id="The-Audiovisual"><a href="#The-Audiovisual" class="headerlink" title="The Audiovisual"></a>The Audiovisual</h2><p>In March of 1995, a limousine carrying Ted Koppel, the host of ABC- TV’s “Nightline” pulled up to the snow-covered curb outside Morrie’s house in West Newton, Massachusetts.</p><p>Morrie was in a wheelchair full-time now, getting used to helpers lifting him like a heavy sack from the chair to the bed and the bed to the chair. He had begun to cough while eating, and chewing was a chore. His legs were dead; he would never walk again. Yet he refused to be depressed. Instead, Morrie had become a lightning rod of ideas. He jotted down his thoughts on yellow pads, envelopes, folders, scrap paper. He wrote bite-sized philosophies about living with death’s shadow: “Accept what you are able to do and what you are not able to do”; “Accept the past as past, without denying it or discarding it”; “Learn to forgive yourself and to forgive others”; “Don’t assume that it’s too late to get involved.” After a while, he had more than fifty of these “aphorisms,” which he shared with his friends. One friend, a fellow Brandeis professor named Maurie Stein, was so taken with the words that he sent them to a Boston Globe reporter, who came out and wrote a long feature story on Morrie. The headline read:</p><h2 id="A-Professor’S-Final-Course-His-Own-Death"><a href="#A-Professor’S-Final-Course-His-Own-Death" class="headerlink" title="A Professor’S Final Course: His Own Death"></a>A Professor’S Final Course: His Own Death</h2><p>The article caught the eye of a producer from the “Nightline” show, who brought it to Koppel in Washington, D. C. “Take a look at this,” the producer said. Next thing you knew, there were cameramen in Morrie’s living room and Koppel’s limousine was in front of the house. Several of Morrie’s friends and family members had gathered to meet Koppel, and when the famous man entered the house, they buzzed with excitement-all except Morrie, who wheeled himself forward, raised his eyebrows, and interrupted the clamor with his high, singsong voice. “Ted, I need to check you out before I agree to do this interview.”<br>There was an awkward moment of silence, then the two men were ushered into the study. The door was shut. “Man,” one friend whispered outside the door, “I hope Ted goes easy on Morrie.”<br>“I hope Morrie goes easy on Ted,” said the other. Inside the office, Morrie motioned for Koppel to sit down. He crossed his hands in his lap and smiled. “Tell me something close to your heart,” Morrie began.</p><h2 id="“My-Heart-”"><a href="#“My-Heart-”" class="headerlink" title="“My Heart?”"></a>“My Heart?”</h2><p>Koppel studied the old man. “All right,” he said cautiously, and he spoke about his children. They were close to his heart, weren’t they?</p><p>“Good,” Morrie said. “Now tell me something, about your faith.” Koppel was uncomfortable. “I usually don’t talk about such things with people I’ve only known a few minutes.” “Ted, I’m dying,” Morrie said, peering over his glasses. “I don’t have a lot of time here.” Koppel laughed. All right. Faith. He quoted a passage from Marcus Aurelius, something he felt strongly about. Morrie nodded. “Now let me ask you something,” Koppel said. “Have you ever seen my program?” Morrie shrugged. “Twice, I think.” “Twice? That’s all?” “Don’t feel bad. I’ve only seen <code>Oprah&#39; once.&quot; &quot;Well, the two times you saw my show, what did you think?&quot; Morrie paused. &quot;To be honest?&quot; &quot;Yes?&quot; &quot;I thought you were a narcissist.&quot; Koppel burst into laughter. &quot;I&#39;m too ugly to be a narcissist,&quot; he said. Soon the cameras were rolling in front of the living room fireplace, with Koppel in his crisp blue suit and Morrie in his shaggy gray sweater. He had refused fancy clothes or makeup for this interview. His philosophy was that death should not be embarrassing; he was not about to powder its nose. Because Morrie sat in the wheelchair, the camera never caught his withered legs. And because he was still able to move his hands-Morrie always spoke with both hands waving-he showed great passion when explaining how you face the end of life. &quot;Ted,&quot; he said, &quot;when all this started, I asked myself, </code>Am I going to withdraw from the world, like most people do, or am I going to live?’ I decided I’m going to live-or at least try to live-the way I want, with dignity, with courage, with humor, with composure. “There are some mornings when I cry and cry and mourn for myself. Some mornings, I’m so angry and bitter. But it doesn’t last too long. Then I get up and say, `I want to live . . .’ “So far, I’ve been able to do it. Will I be able to continue? I don’t know. But I’m betting on myself that I will.” Koppel seemed extremely taken with Morrie. He asked about the humility that death induced. “Well, Fred,” Morrie said accidentally, then he quickly corrected himself. “I mean Ted . . . “<br>“Now that’s inducing humility,” Koppel said, laughing.</p><p>The two men spoke about the afterlife. They spoke about Morrie’s increasing dependency on other people. He already needed help eating and sitting and moving from place to place. What, Koppel asked, did Morrie dread the most about his slow, insidious decay? Morrie paused. He asked if he could say this certain thing on television. Koppel said go ahead. Morrie looked straight into the eyes of the most famous interviewer in America. “Well, Ted, one day soon, someone’s gonna have to wipe my ass.”<br>The program aired on a Friday night. It began with Ted Koppel from behind the desk in Washington, his voice booming with authority. “Who is Morrie Schwartz,” he said, “and why, by the end of the night, are so many of you going to care about him?” A thousand miles away, in my house on the hill, I was casually flipping channels. I heard these words from the TV set “Who is Morrie Schwartz?”-and went numb. It is our first class together, in the spring of 1976. I enter Morrie’s large office and notice the seemingly countless books that line the wall, shelf after shelf. Books on sociology, philosophy, religion, psychology. There is a large rug on the hardwood floor and a window that looks out on the campus walk. Only a dozen or so students are there, fumbling with notebooks and syllabi. Most of them wear jeans and earth shoes and plaid flannel shirts. I tell myself it will not be easy to cut a class this small. Maybe I shouldn’t take it. “Mitchell?” Morrie says, reading from the attendance list. I raise a hand.</p><p>“Do you prefer Mitch? Or is Mitchell better?”<br>I have never been asked this by a teacher. I do a double take at this guy in his yellow turtleneck and green corduroy pants, the silver hair that falls on his forehead. He is smiling. Mitch, I say. Mitch is what my friends called me. “Well, Mitch it is then,” Morrie says, as if closing a deal. “And, Mitch?” Yes? “I hope that one day you will think of me as your friend.”</p><h2 id="The-Orientation"><a href="#The-Orientation" class="headerlink" title="The Orientation"></a>The Orientation</h2><p>As I turned the rental car onto Morrie’s street in West Newton, a quiet suburb of Boston, I had a cup of coffee in one hand and a cellular phone between my ear and shoulder. I was talking to a TV producer about a piece we were doing. My eyes jumped from the digital clockmy return flight was in a few hours-to the mailbox numbers on the tree-lined suburban street. The car radio was on, the all-news station. This was how I operated, five things at once. “Roll back the tape,” I said to the producer. “Let me hear that part again.” “Okay,” he said. “It’s gonna take a second.” Suddenly, I was upon the house. I pushed the brakes, spilling coffee in my lap. As the car stopped, I caught a glimpse of a large Japanese maple tree and three figures sitting near it in the driveway, a young man and a middleaged woman flanking a small old man in a wheelchair. Morrie.</p><p>At the sight of my old professor, I froze.</p><p>“Hello?” the producer said in my ear. “Did I lose you?… “<br>I had not seen him in sixteen years. His hair was thinner, nearly white, and his face was gaunt. I suddenly felt unprepared for this reunion-for one thing, I was stuck on the phone-and I hoped that he hadn’t noticed my arrival, so that I could drive around the block a few more times, finish my business, get mentally ready. But Morrie, this new, withered version of a man I had once known so well, was smiling at the car, hands folded in his lap, waiting for me to emerge. “Hey?” the producer said again. “Are you there?” For all the time we’d spent together, for all the kindness and patience Morrie had shown me when I was young, I should have dropped the phone and jumped from the car, run and held him and kissed him hello. Instead, I killed the engine and sunk down off the seat, as if I were looking for something.</p><p>“Yeah, yeah, I’m here,” I whispered, and continued my conversation with the TV producer until we were finished. I did what I had become best at doing: I tended to my work, even while my dying professor waited on his front lawn. I am not proud of this, but that is what I did. Now, five minutes later, Morrie was hugging me, his thinning hair rubbing against my cheek. I had told him I was searching for my keys, that’s what had taken me so long in the car, and I squeezed him tighter, as if I could crush my little lie. Although the spring sunshine was warm, he wore a windbreaker and his legs were covered by a blanket. He smelled faintly sour, the way people on medication sometimes do. With his face pressed close to mine, I could hear his labored breathing in my ear. “My old friend,” he whispered, “you’ve come back at last.” He rocked against me, not letting go, his hands reaching up for my elbows as I bent over him. I was surprised at such affection after all these years, but then, in the stone walls I had built between my present and my past, I had forgotten how close we once were. I remembered graduation day, the briefcase, his tears at my departure, and I swallowed because I knew, deep down, that I was no longer the good, gift-bearing student he remembered. I only hoped that, for the next few hours, I could fool him. Inside the house, we sat at a walnut dining room table, near a window that looked out on the neighbor’s house. Morrie fussed with his wheelchair, trying to get comfortable. As was his custom, he wanted to feed me, and I said all right. One of the helpers, a stout Italian woman named Connie, cut up bread and tomatoes and brought containers of chicken salad, hummus, and tabouli. She also brought some pills. Morrie looked at them and sighed. His eyes were more sunken than I remembered them, and his cheekbones more pronounced. This gave him a harsher, older look-until he smiled, of course, and the sagging cheeks gathered up like curtains. “Mitch,” he said softly, “you know that I’m dying.” I knew. “All right, then.” Morrie swallowed the pills, put down the paper cup, inhaled deeply, then let it out. “Shall I tell you what it’s like?” What it’s like? To die? “Yes,” he said. Although I was unaware of it, our last class had just begun. It is my freshman year. Morrie is older than most of the teachers, and I am younger than most of the students, having left high school a year early. To compensate for my youth on campus, I wear old gray sweatshirts and box in a local gym and walk around with an unlit cigarette in my mouth, even though I do not smoke. I drive a beat-up Mercury Cougar, with the windows down and the music up. I seek my identity in toughness-but it is Morrie’s softness that draws me, and because he does not look at me as a kid trying to be something more than I am, I relax. I finish that first course with him and enroll for another. He is an easy marker; he does not much care for grades. One year, they say, during the Vietnam War, Morrie gave all his male students A’s to help them keep their student deferments. I begin to call Morrie “Coach,” the way I used to address my high school track coach. Morrie likes the nickname. “Coach, “ he says. “All right, I’ll be your coach. And you can be my player. You can play all the lovely parts of life that I’m too old for now.”<br>Sometimes we eat together in the cafeteria. Morrie, to my delight, is even more of a slob than I am. He talks instead of chewing, laughs with his mouth open, delivers a passionate thought through a mouthful of egg salad, the little yellow pieces spewing from his teeth. It cracks me up. The whole time I know him, I have two overwhelming desires: to hug him and to give him a napkin.</p><h2 id="The-Classroom"><a href="#The-Classroom" class="headerlink" title="The Classroom"></a>The Classroom</h2><p>The sun beamed in through the dining room window, lighting up the hardwood floor. We had been talking there for nearly two hours. The phone rang yet again and Morrie asked his helper, Connie, to get it. She had been jotting the callers’ names in Morrie’s small black appointment book. Friends. Meditation teachers. A discussion group. Someone who wanted to photograph him for a magazine. It was clear I was not the only one interested in visiting my old professor-the “Nightline” appearance had made him something of a celebrity-but I was impressed with, perhaps even a bit envious of, all the friends that Morrie seemed to have. I thought about the “buddies” that circled my orbit back in college. Where had they gone?</p><p>“You know, Mitch, now that I’m dying, I’ve become much more interesting to people.” You were always interesting. “Ho.” Morrie smiled. “You’re kind.” No, I’m not, I thought. “Here’s the thing,” he said. “People see me as a bridge. I’m not as alive as I used to be, but I’m not yet dead. I’m sort of . . . in-between.” He coughed, then regained his smile. “I’m on the last great journey here-and people want me to tell them what to pack.” The phone rang again.</p><p>“Morrie, can you talk?” Connie asked. “I’m visiting with my old pal now,” he announced. “Let them call back.” I cannot tell you why he received me so warmly. I was hardly the promising student who had left him sixteen years earlier. Had it not been for “Nightline,” Morrie might have died without ever seeing me again. I had no good excuse for this, except the one that everyone these days seems to have. I had become too wrapped up in the siren song of my own life. I was busy. What happened to me? I asked myself. Morrie’s high, smoky voice took me back to my university years, when I thought rich people were evil, a shirt and tie were prison clothes, and life without freedom to get up and go motorcycle beneath you, breeze in your face, down the streets of Paris, into the mountains of Tibet-was not a good life at all. What happened to me? The eighties happened. The nineties happened. Death and sickness and getting fat and going bald happened. I traded lots of dreams for a bigger paycheck, and I never even realized I was doing it.</p><p>Yet here was Morrie talking with the wonder of our college years, as if I’d simply been on a long vacation. “Have you found someone to share your heart with?” he asked. “Are you giving to your community? “Are you at peace with yourself? “Are you trying to be as human as you can be?” I squirmed, wanting to show I had been grappling deeply with such questions. What happened to me? I once promised myself I would never work for money, that I would join the Peace Corps, that I would live in beautiful, inspirational places.</p><p>Instead, I had been in Detroit for ten years now, at the same workplace, using the same bank, visiting the same barber. I was thirtyseven, more efficient than in college, tied to computers and modems and cell phones. I wrote articles about rich athletes who, for the most part, could not care less about people like me. I was no longer young for my peer group, nor did I walk around in gray sweatshirts with unlit cigarettes in my mouth. I did not have long discussions over egg salad sandwiches about the meaning of life. My days were full, yet I remained, much of the time, unsatisfied.</p><h2 id="What-Happened-To-Me"><a href="#What-Happened-To-Me" class="headerlink" title="What Happened To Me?"></a>What Happened To Me?</h2><p>“Coach,” I said suddenly, remembering the nickname. Morrie beamed. “That’s me. I’m still your coach.” He laughed and resumed his eating, a meal he had started forty minutes earlier. I watched him now, his hands working gingerly, as if he were learning to use them for the very first time. He could not press down hard with a knife. His fingers shook. Each bite was a struggle; he chewed the food finely before swallowing, and sometimes it slid out the sides of his lips, so that he had to put down what he was holding to dab his face with a napkin. The skin from his wrist to his knuckles was dotted with age spots, and it was loose, like skin hanging from a chicken soup bone.</p><p>For a while, we just ate like that, a sick old man, a healthy, younger man, both absorbing the quiet of the room. I would say it was an embarrassed silence, but I seemed to be the only one embarrassed. “Dying,” Morrie suddenly said, “is only one thing to be sad over, Mitch. Living unhappily is something else. So many of the people who come to visit me are unhappy.” Why? “Well, for one thing, the culture we have does not make people feel good about themselves. We’re teaching the wrong things. And you have to be strong enough to say if the culture doesn’t work, don’t buy it. Create your own. Most people can’t do it. They’re more unhappy than me-even in my current condition.</p><p>“I may be dying, but I am surrounded by loving, caring souls. How many people can say that?” I was astonished by his complete lack of self-pity. Morrie, who could no longer dance, swim, bathe, or walk; Morrie, who could no longer answer his own door, dry himself after a shower, or even roll over in bed. How could he be so accepting? I watched him struggle with his fork, picking at a piece of tomato, missing it the first two times-a pathetic scene, and yet I could not deny that sitting in his presence was almost magically serene, the same calm breeze that soothed me back in college. I shot a glance at my watch-force of habit-it was getting late, and I thought about changing my plane reservation home. Then Morrie did something that haunts me to this day. “You know how I’m going to die?” he said. I raised my eyebrows.</p><p>“I’m going to suffocate. Yes. My lungs, because of my asthma, can’t handle the disease. It’s moving up my body, this ALS. It’s already got my legs. Pretty soon it’ll get my arms and hands. And when it hits my lungs . . .</p><p>He shrugged his shoulders. “. . . I’m sunk.” I had no idea what to say, so I said, “Well, you know, I mean . . . you never know.” Morrie closed his eyes. “I know, Mitch. You mustn’t be afraid of my dying. I’ve had a good life, and we all know it’s going to happen. I maybe have four or five months.”<br>Come on, I said nervously. Nobody can say “I can,” he said softly. “There’s even a little test. A doctor showed me.”</p><h2 id="A-Test"><a href="#A-Test" class="headerlink" title="A Test?"></a>A Test?</h2><p>“Inhale a few times.” I did as he said. “Now, once more, but this time, when you exhale, count as many numbers as you can before you take another breath.” I quickly exhaled the numbers. “One-two-three-four-five-six-seveneight . . .” I reached seventy before my breath was gone. “Good,” Morrie said. “You have healthy lungs. Now. Watch what I do.” He inhaled, then began his number count in a soft, wobbly voice. “One-two-three-four-five-six-seven-eight-nine-ten-eleven-twelvethirteen-fourteen-fifteensixteen-seventeen-eighteen-“<br>He stopped, gasping for air.</p><p>“When the doctor first asked me to do this, I could reach twenty-three.</p><p>Now it’s eighteen.” He closed his eyes, shook his head. “My tank is almost empty.” I tapped my thighs nervously. That was enough for one afternoon. “Come back and see your old professor,” Morrie said when I hugged him good-bye. I promised I would, and I tried not to think about the last time I promised this.</p><p>In the campus bookstore, I shop for the items on Morrie’s reading list. I purchase books that I never knew existed, titles such as Youth: Identity and Crisis, I and Thou, The Divided Self. Before college I did not know the study of human relations could be considered scholarly. Until I met Morrie, I did not believe it. But his passion for books is real and contagious. We begin to talk seriously sometimes, after class, when the room has emptied. He asks me questions about my life, then quotes lines from Erich Fromm, Martin Buber, Erik Erikson. Often he defers to their words, footnoting his own advice, even though he obviously thought the same things himself. It is at these times that I realize he is indeed a professor, not an uncle. One afternoon, I am complaining about the confusion of my age, what is expected of me versus what I want for myself. “Have I told you about the tension of opposites?” he says. The tension of opposites? “Life is a series of pulls back and forth. You want to do one thing, but you are bound to do something else. Something hurts you, yet you know it shouldn’t. You take certain things for granted, even when you know you should never take anything for granted.</p><p>“A tension of opposites, like a pull on a rubber band. And most of us live somewhere in the middle. “ Sounds like a wrestling match, I say. “A wrestling match.” He laughs. “Yes, you could describe life that way.” So which side wins, I ask? “ Which side wins?” He smiles at me, the crinkled eyes, the crooked teeth. “Love wins. Love always wins.”</p><h2 id="Taking-Attendance"><a href="#Taking-Attendance" class="headerlink" title="Taking Attendance"></a>Taking Attendance</h2><p>I flew to London a few weeks later. I was covering Wimbledon, the world’s premier tennis competition and one of the few events I go to where the crowd never boos and no one is drunk in the parking lot. England was warm and cloudy, and each morning I walked the treelined streets near the tennis courts, passing teenagers cued up for leftover tickets and vendors selling strawberries and cream. Outside the gate was a newsstand that sold a halfdozen colorful British tabloids, featuring photos of topless women, paparazzi pictures of the royal family, horoscopes, sports, lottery contests, and a wee bit of actual news. Their top headline of the day was written on a small chalkboard that leaned against the latest stack of papers, and usually read something like DIANA IN ROW WITH CHARLES! or GAZZA TO TEAM: GIVE ME MILLIONS! People scooped up these tabloids, devoured their gossip, and on previous trips to England, I had always done the same. But now, for some reason, I found myself thinking about Morrie whenever I read anything silly or mindless. I kept picturing him there, in the house with the Japanese maple and the hardwood floors, counting his breath, squeezing out every moment with his loved ones, while I spent so many hours on things that meant absolutely nothing to me personally: movie stars, supermodels, the latest noise out of Princess Di or Madonna or John F. Kennedy, Jr. In a strange way, I envied the quality of Morrie’s time even as I lamented its diminishing supply. Why did we, bother with all the distractions we did? Back home, the O. J. Simpson trial was in full swing, and there were people who surrendered their entire lunch hours watching it, then taped the rest so they could watch more at night. They didn’t know O. J. Simpson. They didn’t know anyone involved in the case. Yet they gave up days and weeks of their lives, addicted to someone else’s drama. I remembered what Morrie said during our visit: “The culture we have does not make people feel good about themselves. And you have to be strong enough to say if the culture doesn’t work, don’t buy it.” Morrie, true to these words, had developed his own culture-long before he got sick. Discussion groups, walks with friends, dancing to his music in the Harvard Square church. He started a project called Greenhouse, where poor people could receive mental health services. He read books to find new ideas for his classes, visited with colleagues, kept up with old students, wrote letters to distant friends. He took more time eating and looking at nature and wasted no time in front of TV sitcoms or “Movies of the Week.” He had created a cocoon of human activities-conversation, interaction, affection-and it filled his life like an overflowing soup bowl. I had also developed my own culture. Work. I did four or five media jobs in England, juggling them like a clown. I spent eight hours a day on a computer, feeding my stories back to the States. Then I did TV pieces, traveling with a crew throughout parts of London. I also phoned in radio reports every morning and afternoon. This was not an abnormal load. Over the years, I had taken labor as my companion and had moved everything else to the side. In Wimbledon; I ate meals at my little wooden work cubicle and thought nothing of it. On one particularly crazy day, a crush of reporters had tried to chase down Andre Agassi and his famous girlfriend, Brooke Shields, and I had gotten knocked over by a British photographer who barely muttered “Sorry” before sweeping past, his huge metal lenses strapped around his neck. I thought of something else Morrie had told me: “So many people walk around with a meaningless life. They seem half-asleep, even when they’re busy doing things they think are important. This is because they’re chasing the wrong things. The way you get meaning into your life is to devote yourself to loving others, devote yourself to your community around you, and devote yourself to creating something that gives you purpose and meaning.” I knew he was right. Not that I did anything about it. At the end of the tournament-and the countless cups of coffee I drank to get through it-I closed my computer, cleaned out my cubicle, and went back to the apartment to pack. It was late. The TV was nothing but fuzz. I flew to Detroit, arrived late in the afternoon, dragged myself home and went to sleep. I awoke to a jolting piece of news: the unions at my newspaper had gone on strike. The place was shut down. There were picketers at the front entrance and marchers chanting up and down the street. As a member of the union, I had no choice: I was suddenly, and for the first time in my life, out of a job, out of a paycheck, and pitted against my employers. Union leaders called my home and warned me against any contact with my former editors, many of whom were my friends, telling me to hang up if they tried to call and plead their case. “We’re going to fight until we win!” the union leaders swore, sounding like soldiers. I felt confused and depressed. Although the TV and radio work were nice supplements, the newspaper had been my lifeline, my oxygen; when I saw my stories in print in each morning, I knew that, in at least one way, I was alive. Now it was gone. And as the strike continued-the first day, the second day, the third day-there were worried phone calls and rumors that this could go on for months. Everything I had known was upside down. There were sporting events each night that I would have gone to cover. Instead, I stayed home, watched them on TV. I had grown used to thinking readers somehow needed my column. I was stunned at how easily things went on without me.</p><p>After a week of this, I picked up the phone and dialed Morrie’s number. Connie brought him to the phone. “You’re coming to visit me,” he said, less a question than a statement. Well. Could I? “How about Tuesday?” Tuesday would be good, I said. Tuesday would be fine. In my sophomore year, I take two more of his courses. We go beyond the classroom, meeting now and then just to talk. I have never done this before with an adult who was not a relative, yet I feel comfortable doing it with Morrie, and he seems comfortable making the time. “Where shall we visit today?” he asks cheerily when I enter his office. In the spring, we sit under a tree outside the sociology building, and in the winter, we sit by his desk, me in my gray sweatshirts and Adidas sneakers, Morrie in Rockport shoes and corduroy pants. Each time we talk, lie listens to me ramble, then he tries to pass on some sort of life lesson. He warns me that money is not the most important thing, contrary to the popular view on campus. He tells me I need to be “fully human.” He speaks of the alienation of youth and the need for “connectedness” with the society around me. Some of these things I understand, some I do not. It makes no difference. The discussions give me an excuse to talk to him, fatherly conversations I cannot have with my own father, who would like me to be a lawyer. Morrie hates lawyers. “What do you want to do when you get out of college?” he asks. I want to be a musician, I say. Piano player. “Wonderful,” he says. “But that’s a hard life.” Yeah.</p><p>“A lot of sharks.” That’s what I hear.</p><p>“Still,” he says, “if you really want it, then you’ll make your dream happen. “ I want to hug him, to thank him for saying that, but I am not that open. I only nod instead. “I’ll bet you play piano with a lot of pep,” he says. I laugh. Pep? He laughs back. “Pep. What’s the matter? They don’t say that anymore?”</p><h2 id="The-First-Tuesday-We-Talk-About-The-World"><a href="#The-First-Tuesday-We-Talk-About-The-World" class="headerlink" title="The First Tuesday We Talk About The World"></a>The First Tuesday We Talk About The World</h2><p>Connie opened the door and let me in. Morrie was in his wheelchair by the kitchen table, wearing a loose cotton shirt and even looser black sweatpants. They were loose because his legs had atrophied beyond normal clothing size-you could get two hands around his thighs and have your fingers touch. Had he been able to stand, he’d have been no more than five feet tall, and he’d probably have fit into a sixth grader’s jeans. “I got you something,” I announced, holding up a brown paper bag. I had stopped on my way from the airport at a nearby supermarket and purchased some turkey, potato salad, macaroni salad, and bagels. I knew there was plenty of food at the house, but I wanted to contribute something. I was so powerless to help Morrie otherwise. And I remembered his fondness for eating. “Ah, so much food!” he sang. “Well. Now you have to eat it with me.” We sat at the kitchen table, surrounded by wicker chairs. This time, without the need to make up sixteen years of information, we slid quickly into the familiar waters of our old college dialogue, Morrie asking questions, listening to my replies, stopping like a chef to sprinkle in something I’d forgotten or hadn’t realized. He asked about the newspaper strike, and true to form, he couldn’t understand why both sides didn’t simply communicate with each other and solve their problems. I told him not everyone was as smart as he was. Occasionally, he had to stop to use the bathroom, a process that took some time. Connie would wheel him to the toilet, then lift him from the chair and support him as he urinated into the beaker. Each time he came back, he looked tired. “Do you remember when I told Ted Koppel that pretty soon someone was gonna have to wipe my ass?” he said. I laughed. You don’t forget a moment like that. “Well, I think that day is coming. That one bothers me.”</p><h2 id="Why"><a href="#Why" class="headerlink" title="Why?"></a>Why?</h2><p>“Because it’s the ultimate sign of dependency. Someone wiping your bottom. But I’m working on it. I’m trying to enjoy the process.”</p><h2 id="Enjoy-It"><a href="#Enjoy-It" class="headerlink" title="Enjoy It?"></a>Enjoy It?</h2><p>“Yes. After all, I get to be a baby one more time.” That’s a unique way of looking at it. “Well, I have to look at life uniquely now. Let’s face it. I can’t go shopping, I can’t take care of the bank accounts, I can’t take out the garbage. But I can sit here with my dwindling days and look at what I think is important in life. I have both the time-and the reason-to do that.” So, I said, in a reflexively cynical response, I guess the key to finding the meaning of life is to stop taking out the garbage? He laughed, and I was relieved that he did.</p><p>As Connie took the plates away, I noticed a stack of newspapers that had obviously been read before I got there.</p><p>You bother keeping up with the news, I asked? “Yes,” Morrie said. “Do you think that’s strange? Do you think because I’m dying, I shouldn’t care what happens in this world?” Maybe. He sighed. “Maybe you’re right. Maybe I shouldn’t care. After all, I won’t be around to see how it all turns out. “But it’s hard to explain, Mitch. Now that I’m suffering, I feel closer to people who suffer than I ever did before. The other night, on TV, I saw people in Bosnia running across the street, getting fired upon, killed, innocent victims . . . and I just started to cry. I feel their anguish as if it were my own. I don’t know any of these people. But-how can I put this?-I’m almost . . . drawn to them.” His eyes got moist, and I tried to change the subject, but he dabbed his face and waved me off. “I cry all the time now,” he said. “Never mind.” Amazing, I thought. I worked in the news business. I covered stories where people died. I interviewed grieving family members. I even attended the funerals. I never cried. Morrie, for the suffering of people half a world away, was weeping. Is this what comes at the end, I wondered? Maybe death is the great equalizer, the one big thing that can finally make strangers shed a tear for one another. Morrie honked loudly into the tissue. “This is okay with you, isn’t it? Men crying?” Sure, I said, too quickly.</p><p>He grinned. “Ah, Mitch, I’m gonna loosen you up. One day, I’m gonna show you it’s okay to cry.”<br>Yeah, yeah, I said. “Yeah, yeah,” he said. We laughed because he used to say the same thing nearly twenty years earlier. Mostly on Tuesdays. In fact, Tuesday had always been our day together. Most of my courses with Morrie were on Tuesdays, he had office hours on Tuesdays, and when I wrote my senior thesiswhich was pretty much Morrie’s suggestion, right from the startit was on Tuesdays that we sat together, by his desk, or in the cafeteria, or on the steps of Pearlman Hall, going over the work. So it seemed only fitting that we were back together on a Tuesday, here in the house with the Japanese maple out front. As I readied to go, I mentioned this to Morrie.</p><p>“We’re Tuesday people,” he said. Tuesday people, I repeated. Morrie smiled. “Mitch, you asked about caring for people I don’t even know. But can I tell you the thing I’m learning most with this disease?”</p><h2 id="What’S-That"><a href="#What’S-That" class="headerlink" title="What’S That?"></a>What’S That?</h2><p>“The most important thing in life is to learn how to give out love, and to let it come in.” His voice dropped to a whisper. “Let it come in. We think we don’t deserve love, we think if we let it in we’ll become too soft. But a wise man named Levine said it right. He said, <code>Love is the only rational act.&#39; &quot; He repeated it carefully, pausing for effect. &quot; </code>Love is the only rational act.’ “<br>I nodded, like a good student, and he exhaled weakly. I leaned over to give him a hug. And then, although it is not really like me, I kissed him on the cheek. I felt his weakened hands on my arms, the thin stubble of his whiskers brushing my face.</p><p>“So you’ll come back next Tuesday?” he whispered. He enters the classroom, sits down, doesn’t say anything. He looks at its, we look at him. At first, there are a few giggles, but Morrie only shrugs, and eventually a deep silence falls and we begin to notice the smallest sounds, the radiator humming in the corner of the room, the nasal breathing of one of the fat students. Some of us are agitated. When is lie going to say something? We squirm, check our watches. A few students look out the window, trying to be above it all. This goes on a good fifteen minutes, before Morrie finally breaks in with a whisper.</p><p>“What’s happening here?” he asks. And slowly a discussion begins as Morrie has wanted all along-about the effect of silence on human relations. My are we embarrassed by silence? What comfort do we find in all the noise? I am not bothered by the silence. For all the noise I make with my friends, I am still not comfortable talking about my feelings in front of others-especially not classmates. I could sit in the quiet for hours if that is what the class demanded. On my way out, Morrie stops me. “You didn’t say much today,” he remarks. I don’t know. I just didn’t have anything to add. “I think you have a lot to add. In fact, Mitch, you remind me of someone I knew who also liked to keep things to himself when he was younger.”</p><h2 id="The-Second-Tuesday-We-Talk-About-Feeling-Sorry-For-Yourself"><a href="#The-Second-Tuesday-We-Talk-About-Feeling-Sorry-For-Yourself" class="headerlink" title="The Second Tuesday We Talk About Feeling Sorry For Yourself"></a>The Second Tuesday We Talk About Feeling Sorry For Yourself</h2><p>I came back the next Tuesday. And for many Tuesdays that followed. I looked forward to these visits more than one would think, considering I was flying seven hundred miles to sit alongside a dying man. But I seemed to slip into a time warp when I visited Morrie, and I liked myself better when I was there. I no longer rented a cellular phone for the rides from the airport. Let them wait, I told myself, mimicking Morrie. The newspaper situation in Detroit had not improved. In fact, it had grown increasingly insane, with nasty confrontations between picketers and replacement workers, people arrested, beaten, lying in the street in front of delivery trucks. In light of this, my visits with Morrie felt like a cleansing rinse of human kindness. We talked about life and we talked about love. We talked about one of Morrie’s favorite subjects, compassion, and why our society had such a shortage of it. Before my third visit, I stopped at a market called Bread and Circus-I had seen their bags in Morrie’s house and figured he must like the food there-and I loaded up with plastic containers from their fresh food take-away, things like vermicelli with vegetables and carrot soup and baklava. When I entered Morrie’s study, I lifted the bags as if I’d just robbed a bank. “Food man!” I bellowed. Morrie rolled his eyes and smiled. Meanwhile, I looked for signs of the disease’s progression. His fingers worked well enough to write with a pencil, or hold up his glasses, but he could not lift his arms much higher than his chest. He was spending less and less time in the kitchen or living room and more in his study, where he had a large reclining chair set up with pillows, blankets, and specially cut pieces of foam rubber that held his feet and gave support to his withered legs. He kept a bell near his side, and when his head needed adjusting or he had to “go on the commode,” as he referred to it, he would shake the bell and Connie, Tony, Bertha, or Amy-his small army of home care workerswould come in. It wasn’t always easy for him to lift the bell, and he got frustrated when he couldn’t make it work. I asked Morrie if he felt sorry for himself. “Sometimes, in the mornings,” he said. “That’s when I mourn. I feel around my body, I move my fingers and my hands-whatever I can still move-and I mourn what I’ve lost. I mourn the slow, insidious way in which I’m dying. But then I stop mourning.”</p><h2 id="Just-Like-That"><a href="#Just-Like-That" class="headerlink" title="Just Like That?"></a>Just Like That?</h2><p>“I give myself a good cry if I need it. But then I concentrate on all the good things still in my life. On the people who are coming to see me. On the stories I’m going to hear. On you-if it’s Tuesday. Because we’re Tuesday people.” I grinned. Tuesday people. “Mitch, I don’t allow myself any more self-pity than that. A little each morning, a few tears, and that’s all.” I thought about all the people I knew who spent many of their waking hours feeling sorry for themselves. How useful it would be to put a daily limit on self-pity. just a few tearful minutes, then on with the day. And if Morrie could do it, with such a horrible disease . . . “It’s only horrible if you see it that way,” Morrie said. “It’s horrible to watch my body slowly wilt away to nothing. But it’s also wonderful because of all the time I get to say good-bye.”<br>He smiled. “Not everyone is so lucky.”<br>I studied him in his chair, unable to stand, to wash, to pull on his pants. Lucky? Did he really say lucky? During a break, when Morrie had to use the bathroom, I leafed through the Boston newspaper that sat near his chair. There was a story about a small timber town where two teenage girls tortured and killed a seventy-three-year-old man who had befriended them, then threw a party in his trailer home and showed off the corpse. There was another story, about the upcoming trial of a straight man who killed a gay man after the latter had gone on a TV talk show and said he had a crush on him. I put the paper away. Morrie was rolled back insmiling, as always-and Connie went to lift him from the wheelchair to the recliner.</p><p>You want me to do that? I asked. There was a momentary silence, and I’m not even sure why I offered, but Morrie looked at Connie and said, “Can you show him how to do it?” “Sure,” Connie said. Following her instructions, I leaned over, locked my forearms under Morrie’s armpits, and hooked him toward me, as if lifting a large log from underneath. Then I straightened up, hoisting him as I rose. Normally, when you lift someone, you expect their arms to tighten around your grip, but Morrie could not do this. He was mostly dead weight, and I felt his head bounce softly on my shoulder and his body sag against me like a big damp loaf. “Ahhhn,” he softly groaned. I gotcha, I gotcha, I said.</p><p>Holding him like that moved me in a way I cannot describe, except to say I felt the seeds of death inside his shriveling frame, and as I laid him in his chair, adjusting his head on the pillows, I had the coldest realization that our time was running out.</p><h2 id="And-I-Had-To-Do-Something"><a href="#And-I-Had-To-Do-Something" class="headerlink" title="And I Had To Do Something."></a>And I Had To Do Something.</h2><p>It is my junior year, 1978, when disco and Rocky movies are the cultural rage. We are in an unusual sociology class at Brandeis, something Morrie calls “Group Process.” Each week we study the ways in which the students in the group interact with one another, how they respond to anger, jealousy, attention. We are human lab rats. More often than not, someone ends up crying. I refer to it as the “touchy -feely” course. Morrie says I should be more open-minded. On this day, Morrie says he has an exercise for us to try. We are to stand, facing away from our classmates, and fall backward, relying on another student to catch us. Most of us are uncomfortable with this, and we cannot let go for more than a few inches before stopping ourselves. We laugh in embarrassment. Finally, one student, a thin, quiet, dark-haired girl whom I notice almost always wears bulky white fisherman sweaters, crosses her arms over her chest, closes her eyes, leans back, and does not flinch, like one of those Lipton tea commercials where the model splashes into the pool. For a moment, I am sure she is going to thump on the floor. At the last instant, her assigned partner grabs her head and shoulders and yanks her up harshly. “Whoa!” several students yell. Some clap. Morrie _finally smiles. “You see,” he says to the girl, “you closed your eyes. That was the difference. Sometimes you cannot believe what you see, you have to believe what you feel. And if you are ever going to have other people trust you, you must feel that you can trust them, too-even when you’re in the dark. Even when you’re falling. “<br>The next Tuesday, I arrived with the normal bags of food-pasta with corn, potato salad, apple cobbler–and something else: a Sony tape recorder. I want to remember what we talk about, I told Morrie. I want to have your voice so I can listen to it . . . later. “When I’m dead.” Don’t say that. He laughed. “Mitch, I’m going to die. And sooner, not later.” He regarded the new machine. “So big,” he said. I felt intrusive, as reporters often do, and I began to think that a tape machine between two people who were supposedly friends was a foreign object, an artificial ear. With all the people clamoring for his time, perhaps I was trying to take too much away from these Tuesdays. Listen, I said, picking up the recorder. We don’t have to use this. If it makes you uncomfortable He stopped me, wagged a finger, then hooked his glasses off his nose, letting them dangle on the string around his neck. He looked me square in the eye. “Put it down,” he said. I put it down. “Mitch,” he continued, softly now, “you don’t understand. I want to tell you about my life. I want to tell you before I can’t tell you anymore.” His voice dropped to a whisper. “I want someone to hear my story. Will you?” I nodded. We sat quietly for a moment.</p><p>“So,” he said, “is it turned on?”<br>Now, the truth is, that tape recorder was more than nostalgia. I was losing Morrie, we were all losing Morrie–his family, his friends, his ex-students, his fellow professors, his pals from the political discussion groups that he loved so much, his former dance partners, all of us. And I suppose tapes, like photographs and videos, are a desperate attempt to steal something from death’s suitcase. But it was also becoming clear to me -through his courage, his humor, his patience, and his openness-that Morrie was looking at life from some very different place than anyone else I knew. A healthier place. A more sensible place. And he was about to die. If some mystical clarity of thought came when you looked death in the eye, then I knew Morrie wanted to share it. And I wanted to remember it for as long as I could. The first time I saw Morrie on “Nightline,” 1 wondered what regrets he had once he knew his death was imminent. Did he lament lost friends? Would he have done much differently? Selfishly, I wondered if I were in his shoes, would I be consumed with sad thoughts of all that I had missed? Would I regret the secrets I had kept hidden? When I mentioned this to Morrie, he nodded. “It’s what everyone worries about, isn’t it? What if today were my last day on earth?” He studied my face, and perhaps he saw an ambivalence about my own choices. I had this vision of me keeling over at my desk one day, halfway through a story, my editors snatching the copy even as the medics carried my body away. “Mitch?” Morrie said. I shook my head and said nothing. But Morrie picked up on my hesitation.</p><p>“Mitch,” he said, “the culture doesn’t encourage you to think about such things until you’re about to die. We’re so wrapped up with egotistical things, career, family, having enough money, meeting the mortgage, getting a new car, fixing the radiator when it breaks-we’re involved in trillions of little acts just to keep going. So we don’t get into the habit of standing back and looking at our lives and saying, Is this all? Is this all I want? Is something missing?” He paused. “You need someone to probe you in that direction. It won’t just happen automatically.” I knew what he was saying. We all need teachers in our lives. And mine was sitting in front of me.</p><p>Fine, I figured. If I was to be the student, then I would be as good a student as I could be. On the plane ride home that day, I made a small list on a yellow legal pad, issues and questions that we all grapple with, from happiness to aging to having children to death. Of course, there were a million selfhelp books on these subjects, and plenty of cable TV shows, and $9oper-hour consultation sessions. America had become a Persian bazaar of self-help. But there still seemed to be no clear answers. Do you take care of others or take care of your “inner child”? Return to traditional values or reject tradition as useless? Seek success or seek simplicity? Just Say No or just Do It? All I knew was this: Morrie, my old professor, wasn’t in the self-help business. He was standing on the tracks, listening to death’s locomotive whistle, and he was very clear about the important things in life. I wanted that clarity. Every confused and tortured soul I knew wanted that clarity.</p><p>“Ask me anything,” Morrie always said.</p><p>So I wrote this list:<br>Death Fear Aging Greed Marriage Family Society Forgiveness A meaningful life The list was in my bag when I returned to West Newton for the fourth time, a Tuesday in late August when the air-conditioning at the Logan Airport terminal was not working, and people fanned themselves and wiped sweat angrily from their foreheads, and every face I saw looked ready to kill somebody. By the start of my senior year, I have taken so many sociology classes, I am only a few credits shy of a degree. Morrie suggests I try an honors thesis. Me? I ask. What would I write about? “What interests you?” he says. We bat it back and forth, until we finally settle on, of all things, sports. I begin a year-long project on how football in America has become ritualistic, almost a religion, an opiate for the masses. I have no idea that this is training for my future career. I only know it gives me another once-a-week session with Morrie.</p><p>And, with his help, by spring I have a 112 page thesis, researched, footnoted, documented, and neatly bound in black leather. I show it to Morrie with the pride of a Little Leaguer rounding the bases on his first home run. “Congratulations,” Morrie says. I grin as he leafs through it, and I glance around his office. The shelves of books, the hardwood floor, the throw rug, the couch. I think to myself that I have sat just about everywhere there is to sit in this room. “I don’t know, Mitch,” Morrie muses, adjusting his glasses as he reads, “with work like this, we may have to get you back here for grad school.”<br>Yeah, right, I say. I snicker, but the idea is momentarily appealing. Part of me is scared of leaving school. Part of me wants to go desperately. Tension of opposites. I watch Morrie as he reads my thesis, and wonder what the big world will be like out there.</p><h2 id="The-Audiovisual-Part-Two"><a href="#The-Audiovisual-Part-Two" class="headerlink" title="The Audiovisual, Part Two"></a>The Audiovisual, Part Two</h2><p>The “Nightline” show had done a follow-up story on Morrie partly becau°e the reception for the first show had been so strong. This time, when the cameramen and producers came through the door, they already felt like family. And Koppel himself was noticeably warmer. There was no feeling-out process, no interview before the interview. As warm-up, Koppel and Morrie exchanged stories about their childhood backgrounds: Koppel spoke of growing up in England, and Morrie spoke of growing up in the Bronx. Morrie wore a longsleeved blue shirt-he was almost always chilly, even when it was ninety degrees outside-but Koppel removed his jacket and did the interview in shirt and tie. It was as if Morrie were breaking him down, one layer at a time.</p><p>“You look fine,” Koppel said when the tape began to roll. “That’s what everybody tells me,” Morrie said. “You sound fine.” “That’s what everybody tells me.” “So how do you know things are going downhill?” Morrie sighed.. “Nobody can know it but me, Ted. But I know it.” And as he spoke, it became obvious. He was not waving his hands to make a point as freely as he had in their first conversation. He had trouble pronouncing certain words-the l sound seemed to get caught in his throat. In a few more months, he might no longer speak at all. “Here’s how my emotions go,” Morrie told Koppel. “When I have people and friends here, I’m very up. The loving relationships maintain me. “But there are days when I am depressed. Let me not deceive you. I see certain things going and I feel a sense of dread. What am I going to do without my hands? What happens when I can’t speak? Swallowing, I don’t care so much about-so they feed me through a tube, so what? But my voice? My hands? They’re such an essential part of me. I talk with my voice. I gesture with my hands. This is how I give to people.” “How will you give when you can no longer speak?” Koppel asked. Morrie shrugged. “Maybe I’ll have everyone ask me yes or no questions.” It was such a simple answer that Koppel had to smile. He asked Morrie about silence. He mentioned a dear friend Morrie had, Maurie Stein, who had first sent Morrie’s aphorisms to the Boston Globe. They had been together at Brandeis since the early sixties. Now Stein was going deaf. Koppel imagined the two men together one day, one unable to speak, the other unable to hear. What would that be like?</p><p>“We will hold hands,” Morrie said. “And there’ll be a lot of love passing between us. Ted, we’ve had thirty-five years of friendship. You don’t need speech or hearing to feel that.” Before the show ended, Morrie read Koppel one of the letters he’d received. Since the first “Nightline” program, there had been a great deal of mail. One particular letter came from a schoolteacher in Pennsylvania who taught a special class of nine children; every child in the class had suffered the death of a parent. “Here’s what I sent her back,” Morrie told Koppel, perching his glasses gingerly on his nose and ears. “ <code>Dear Barbara . . . I was very moved by your letter. I feel the work you have done with the children who have lost a parent is very important. I also lost a parent at an early age . . .&#39; &quot; Suddenly, with the cameras still humming, Morrie adjusted the glasses. He stopped, bit his lip, and began to choke up. Tears fell down his nose. &quot; </code>I lost my mother when I was a child . . . and it was quite a blow to me . . . I wish I’d had a group like yours where I would have been able to talk about my sorrows. I would have joined your group because . . . “ His voice cracked. “ `. . . because I was so lonely . . . “ “Morrie,” Koppel said, “that was seventy years ago your mother died. The pain still goes on?” “You bet,” Morrie whispered.</p><p>He was eight years old. A telegram came from the hospital, and since his father, a Russian immigrant, could not read English, Morrie had to break the news, reading his mother’s death notice like a student in front of the class. “We regret to inform you . . .” he began. On the morning of the funeral, Morrie’s relatives came down the steps of his tenement building on the poor Lower East Side of Manhattan. The men wore dark suits, the women wore veils. The kids in the neighborhood were going off to school, and as they passed, Morrie looked down, ashamed that his classmates would see him this way. One of his aunts, a heavyset woman, grabbed Morrie and began to wail: “What will you do without your mother? What will become of you?” Morrie burst into tears. His classmates ran away.</p><p>At the cemetery, Morrie watched as they shoveled dirt into his mother’s grave. He tried to recall the tender moments they had shared when she was alive. She had operated a candy store until she got sick, after which she mostly slept or sat by the window, looking frail and weak. Sometimes she would yell out for her son to get her some medicine, and young Morrie, playing stickball in the street, would pretend he did not hear her. In his mind he believed he could make the illness go away by ignoring it.</p><h2 id="How-Else-Can-A-Child-Confront-Death"><a href="#How-Else-Can-A-Child-Confront-Death" class="headerlink" title="How Else Can A Child Confront Death?"></a>How Else Can A Child Confront Death?</h2><p>Morrie’s father, whom everyone called Charlie, had come to America to escape the Russian Army. He worked in the fur business, but was constantly out of a job. Uneducated and barely able to speak English, he was terribly poor, and the family was on public assistance much of the time. Their apartment was a dark, cramped, depressing place behind the candy store. They had no luxuries. No car. Sometimes, to make money, Morrie and his younger brother, David, would wash porch steps together for a nickel. After their mother’s death, the two boys were sent off to a small hotel in the Connecticut woods where several families shared a large cabin and a communal kitchen. The fresh air might be good for the children, the relatives thought. Morrie and David had never seen so much greenery, and they ran and played in the fields. One night after dinner, they went for a walk and it began to rain. Rather than come inside, they splashed around for hours. The next morning, when they awoke, Morrie hopped out of bed. “Come on,” he said to his brother. “Get up.” “I can’t.” “What do you mean?” David’s face was panicked. “I can’t . . . move.”</p><h2 id="He-Had-Polio"><a href="#He-Had-Polio" class="headerlink" title="He Had Polio."></a>He Had Polio.</h2><p>Of course, the rain did not cause this. But a child Morrie’s age could not understand that. For a long time-as his brother was taken back and forth to a special medical home and was forced to wear braces on his legs, which left him limping-Morrie felt responsible. So in the mornings, he went to synagogue-by himself, because his father was not a religious man-and he stood among the swaying men in their long black coats and he asked God to take care of his dead mother and his sick brother. And in the afternoons, he stood at the bottom of the subway steps and hawked magazines, turning whatever money he made over to his family to buy food. In the evenings, he watched his father eat in silence, hoping for-but never getting–a show of affection, communication, warmth. At nine years old, he felt as if the weight of a mountain were on his shoulders.</p><p>But a saving embrace came into Morrie’s life the following year: his new stepmother, Eva. She was a short Romanian immigrant with plain features, curly brown hair, and the energy of two women. She had a glow that warmed the otherwise murky atmosphere his father created.</p><p>She talked when her new husband was silent, she sang songs to the children at night. Morrie took comfort in her soothing voice, her school lessons, her strong character. When his brother returned from the medical home, still wearing leg braces from the polio, the two of them shared a rollaway bed in the kitchen of their apartment, and Eva would kiss them good-night. Morrie waited on those kisses like a puppy waits on milk, and he felt, deep down, that he had a mother again. There was no escaping their poverty, however. They lived now in the Bronx, in a one-bedroom apartment in a redbrick building on Tremont Avenue, next to an Italian beer garden where the old men played boccie on summer evenings. Because of the Depression, Morrie’s father found even less work in the fur business. Sometimes when the family sat at the dinner table, all Eva could put out was bread.</p><p>“What else is there?” David would ask. “Nothing else,” she would answer. When she tucked Morrie and David into bed, she would sing to them in Yiddish. Even the songs were sad and poor. There was one about a girl trying to sell her cigarettes: Please buy my cigarettes. They are dry, not wet by rain. Take pity on me, take pity on me. Still, despite their circumstances, Morrie was taught to love and to care. And to learn. Eva would accept nothing less than excellence in school, because she saw education as the only antidote to their poverty. She herself went to night school to improve her English. Morrie’s love for education was hatched in her arms.</p><p>He studied at night, by the lamp at the kitchen table. And in the mornings he would go to synagogue to say Yizkor-the memorial prayer for the dead-for his mother. He did this to keep her memory alive. Incredibly, Morrie had been told by his father never to talk about her. Charlie wanted young David to think Eva was his natural mother. It was a terrible burden to Morrie. For years, the only evidence Morrie had of his mother was the telegram announcing her death. He had hidden it the day it arrived. He would keep it the rest of his life.</p><p>When Morrie was a teenager, his father took him to a fur factory where he worked. This was during the Depression. The idea was to get Morrie a job. He entered the factory, and immediately felt as if the walls had closed in around him. The room was dark and hot, the windows covered with filth, and the machines were packed tightly together, churning like train wheels. The fur hairs were flying, creating a thickened air, and the workers, sewing the pelts together, were bent over their needles as the boss marched up and down the rows, screaming for them to go faster. Morrie could barely breathe. He stood next to his father, frozen with fear, hoping the boss wouldn’t scream at him, too. During lunch break, his father took Morrie to the boss and pushed him in front of him, asking if there was any work for his son. But there was barely enough work for the adult laborers, and no one was giving it up. This, for Morrie, was a blessing. He hated the place. He made another vow that he kept to the end of his life: he would never do any work that exploited someone else, and he would never allow himself to make money off the sweat of others.</p><p>“What will you do?” Eva would ask him.</p><p>“I don’t know,” he would say. He ruled out law, because he didn’t like lawyers, and he ruled out medicine, because he couldn’t take the sight of blood.</p><h2 id="“What-Will-You-Do-”"><a href="#“What-Will-You-Do-”" class="headerlink" title="“What Will You Do?”"></a>“What Will You Do?”</h2><p>It was only through default that the best professor I ever had became a teacher. “A teacher affects eternity; he can never tell where his influence stops. “</p><h2 id="Henry-Adams-The-Fourth-Tuesday-We-Talk-About-Death"><a href="#Henry-Adams-The-Fourth-Tuesday-We-Talk-About-Death" class="headerlink" title="-Henry Adams The Fourth Tuesday We Talk About Death"></a>-Henry Adams The Fourth Tuesday We Talk About Death</h2><p>“Let’s begin with this idea,” Morrie said. “Everyone knows they’re going to die, but nobody believes it.” He was in a businesslike mood this Tuesday. The subject was death, the first item on my list. Before I arrived, Morrie had scribbled a few notes on small white pieces of paper so that he wouldn’t forget. His shaky handwriting was now indecipherable to everyone but him. It was almost Labor Day, and through the office window I could see the spinach-colored hedges of the backyard and hear the yells of children playing down the street, their last week of freedom before school began. Back in Detroit, the newspaper strikers were gearing up for a huge holiday demonstration, to show the solidarity of unions against management. On the plane ride in, I had read about a woman who had shot her husband and two daughters as they lay sleeping, claiming she was protecting them from “the bad people.” In California, the lawyers in the O. J. Simpson trial were becoming huge celebrities.</p><p>Here in Morrie’s office, life went on one precious day at a time. Now we sat together, a few feet from the newest addition to the house: an oxygen machine. It was small and portable, about knee-high. On some nights, when he couldn’t get enough air to swallow, Morrie attached the long plastic tubing to his nose, clamping on his nostrils like a leech. I hated the idea of Morrie connected to a machine of any kind, and I tried not to look at it as Morrie spoke. “Everyone knows they’re going to die,” he said again, “but nobody believes it. If we did, we would do things differently.” So we kid ourselves about death, I said. “Yes. But there’s a better approach. To know you’re going to die, and to be prepared for it at any time. That’s better. That way you can actually be more involved in your life while you’re living.”</p><h2 id="How-Can-You-Ever-Be-Prepared-To-Die"><a href="#How-Can-You-Ever-Be-Prepared-To-Die" class="headerlink" title="How Can You Ever Be Prepared To Die?"></a>How Can You Ever Be Prepared To Die?</h2><p>“Do what the Buddhists do. Every day, have a little bird on your shoulder that asks, `Is today the day? Am I ready? Am I doing all I need to do? Am I being the person I want to be?’ “ He turned his head to his shoulder as if the bird were there now. “Is today the day I die?” he said. Morrie borrowed freely from all religions. He was born Jewish, but became an agnostic when he was a teenager, partly because of all that had happened to him as a child. He enjoyed some of the philosophies of Buddhism and Christianity, and he still felt at home, culturally, in Judaism. He was a religious mutt, which made him even more open to the students he taught over the years. And the things he was saying in his final months on earth seemed to transcend all religious differences. Death has a way of doing that. “The truth is, Mitch,” he said, “once you learn how to die, you learn how to live.”<br>I nodded.</p><p>“I’m going to say it again,” he said. “Once you learn how to die, you learn how to live.” He smiled, and I realized what he was doing. He was making sure I absorbed this point, without embarrassing me by asking. It was part of what made him a good teacher.</p><h2 id="Did-You-Think-Much-About-Death-Before-You-Got-Sick-I-Asked"><a href="#Did-You-Think-Much-About-Death-Before-You-Got-Sick-I-Asked" class="headerlink" title="Did You Think Much About Death Before You Got Sick, I Asked."></a>Did You Think Much About Death Before You Got Sick, I Asked.</h2><p>“No.” Morrie smiled. “I was like everyone else. I once told a friend of mine, in a moment of exuberance, `I’m gonna be the healthiest old man you ever met!’ “ How old were you? “In my sixties.” So you were optimistic.</p><p>“Why not? Like I said, no one really believes they’re going to die.” But everyone knows someone who has died, I said. Why is it so hard to think about dying? “Because,” Morrie continued, “most of us all walk around as if we’re sleepwalking. We really don’t experience the world fully, because we’re half-asleep, doing things we automatically think we have to do.” And facing death changes all that? “Oh, yes. You strip away all that stuff and you focus on the essentials. When you realize you are going to die, you see everything much differently. He sighed. “Learn how to die, and you learn how to live.” I noticed that he quivered now when he moved his hands. His glasses hung around his neck, and when he lifted them to his eyes, they slid around his temples, as if he were trying to put them on someone else in the dark. I reached over to help guide them onto his ears.</p><p>“Thank you,” Morrie whispered. He smiled when my hand brushed up against his head. The slightest human contact was immediate joy. “Mitch. Can I tell you something?” Of course, I said. “You might not like it.” Why not? “Well, the truth is, if you really listen to that bird on your shoulder, if you accept that you can die at any timethen you might not be as ambitious as you are.” I forced a small grin.</p><p>“The things you spend so much time on-all this work you do-might not seem as important. You might have to make room for some more spiritual things.”</p><h2 id="Spiritual-Things"><a href="#Spiritual-Things" class="headerlink" title="Spiritual Things?"></a>Spiritual Things?</h2><p>“You hate that word, don’t you? <code>Spiritual.&#39; You think it&#39;s touchy-feely stuff.&quot; Well, I said. He tried to wink, a bad try, and I broke down and laughed. &quot;Mitch,&quot; he said, laughing along, &quot;even I don&#39;t know what </code>spiritual development’ really means. But I do know we’re deficient in some way. We are too involved in materialistic things, and they don’t satisfy us. The loving relationships we have, the universe around us, we take these things for granted.”<br>He nodded toward the window with the sunshine streaming in. “You see that? You can go out there, outside, anytime. You can run up and down the block and go crazy. I can’t do that. I can’t go out. I can’t run.</p><p>I can’t be out there without fear of getting sick. But you know what? I<br>appreciate that window more than you do.” Appreciate it? “Yes. I look out that window every day. I notice the change in the trees, how strong the wind is blowing. It’s as if I can see time actually passing through that windowpane. Because I know my time is almost done, I am drawn to nature like I’m seeing it for the first time.” He stopped, and for a moment we both just looked out the window. I tried to see what he saw. I tried to see time and seasons, my life passing in slow motion. Morrie dropped his head slightly and curled it toward his shoulder. “Is it today, little bird?” he asked. “Is it today?”<br>Letters from around the world kept coming to Morrie, thanks to the “Nightline” appearances. He would sit, when he was up to it, and dictate the responses to friends and family who gathered for their letter-writing sessions. One Sunday when his sons, Rob and Jon, were home, they all gathered in the living room. Morrie sat in his wheelchair, his skinny legs under a blanket. When he got cold, one of his helpers draped a nylon jacket over his shoulders. “What’s the first letter?” Morrie said. A colleague read a note from a woman named Nancy, who had lost her mother to ALS. She wrote to say how much she had suffered through the loss and how she knew that Morrie must be suffering, too. “All right,” Morrie said when the reading was complete. He shut his eyes. “Let’s start by saying, `Dear Nancy, you touched me very much with your story about your mother. And I understand what you went through. There is sadness and suffering on both parts.</p><p>DRAWDEGrieving has been good for me, and I hope it has been good for you also.’ “<br>“You might want to change that last line,” Rob said. Morrie thought for a second, then said, “You’re right. How about <code>I hope you can find the healing power in grieving.&#39; Is that better?&quot; Rob nodded. &quot;Add </code>thank you, Morrie,’ “ Morrie said. Another letter was read from a woman named Jane, who was thanking him for his inspiration on the “Nightline” program. She referred to him as a prophet.</p><p>“That’s a very high compliment,” said a colleague. “A prophet.” Morrie made a face. He obviously didn’t agree with the assessment. “Let’s thank her for her high praise. And tell her I’m glad my words meant something to her. “And don’t forget to sign <code>Thank you, Morrie.&#39; &quot; There was a letter from a man in England who had lost his mother and asked Morrie to help him contact her through the spiritual world. There was a letter from a couple who wanted to drive to Boston to meet him. There was a long letter from a former graduate student who wrote about her life after the university. It told of a murder-suicide and three stillborn births. It told of a mother who died from ALS. It expressed fear that she, the daughter, would also contract the disease. It went on and on. Two pages. Three pages. Four pages. Morrie sat through the long, grim tale. When it was finally finished, he said softly, &quot;Well, what do we answer?&quot; The group was quiet. Finally, Rob said, &quot;How about, </code>Thanks for your Everyone laughed. Morrie looked at his son and beamed.</p><p>The newspaper near his chair has a photo of a Boston baseball player who is smiling after pitching a shutout. Of all the diseases, I think to myself, Morrie gets one named after an athlete. You remember Lou Gehrig, I ask? “I remember him in the stadium, saying good-bye.” So you remember the famous line. “Which one?”<br>Come on. Lou Gehrig. “Pride of the Yankees”? The speech that echoes over the loudspeakers? “Remind me,” Morrie says. “Do the speech.” Through the open window I hear the sound of a garbage truck. Although it is hot, Morrie is wearing long sleeves, with a blanket over his legs, his skin pale. The disease owns him. I raise my voice and do the Gehrig imitation, where the words bounce off the stadium walls: “Too-dayyy . . . I feeel like . . . the luckiest maaaan . . . on the face of the earth . . . “ Morrie closes his eyes and nods slowly. “Yeah. Well. I didn’t say that.”<br>It was the first week in September, back-toschool week, and after thirty-five consecutive autumns, my old professor did not have a class waiting for him on a college campus. Boston was teeming with students, double-parked on side streets, unloading trunks. And here was Morrie in his study. It seemed wrong, like those football players who finally retire and have to face that first Sunday at home, watching on TV, thinking, I could still do that. I have learned from dealing with those players that it is best to leave them alone when their old seasons come around. Don’t say anything. But then, I didn’t need to remind Morrie of his dwindling time. For our taped conversations, we had switched from handheld microphones-because it was too difficult now for Morrie to hold anything that long-to the lavaliere kind popular with TV newspeople. You can clip these onto a collar or lapel. Of course, since Morrie only wore soft cotton shirts that hung loosely on his ever-shrinking frame, the microphone sagged and flopped, and I had to reach over and adjust it frequently. Morrie seemed to enjoy this because it brought me close to him, in hugging range, and his need for physical affection was stronger than ever. When I leaned in, I heard his wheezing breath and his weak coughing, and he smacked his lips softly before he swallowed. “Well, my friend,” he said, “what are we talking about today?”</p><h2 id="How-About-Family"><a href="#How-About-Family" class="headerlink" title="How About Family?"></a>How About Family?</h2><p>“Family.” He mulled it over for a moment. “Well, you see mine, all around me.” He nodded to photos on his bookshelves, of Morrie as a child with his grandmother; Morrie as a young man with his brother, David; Morrie with his wife, Charlotte; Morrie with his two sons, Rob, a journalist in Tokyo, and ion, a computer expert in Boston. “I think, in light of what we’ve been talking about all these weeks, family becomes even more important,” he said. “The fact is, there is no foundation, no secure ground, upon which people may stand today if it isn’t the family. It’s become quite clear to me as I’ve been sick. If you don’t have the support and love and caring and concern that you get from a family, you don’t have much at all. Love is so supremely important. As our great poet Auden said, `Love each other or perish.’ “<br>“Love each other or perish.” I wrote it down. Auden said that? “Love each other or perish,” Morrie said. “It’s good, no? And it’s so true. Without love, we are birds with broken wings. “Say I was divorced, or living alone, or had no children. This diseasewhat I’m going through-would be so much harder. I’m not sure I could do it. Sure, people would come visit, friends, associates, but it’s not the same as having someone who will not leave. It’s not the same as having someone whom you know has an eye on you, is watching you the whole time.</p><p>“This is part of what a family is about, not just love, but letting others know there’s someone who is watching out for them. It’s what I missed so much when my mother died-what I call your `spiritual security’- knowing that your family will be there watching out for you. Nothing else will give you that. Not money. Not fame.” He shot me a look. “Not work,” he added. Raising a family was one of those issues on my little list-things you want to get right before it’s too late. I told Morrie about my generation’s dilemma with having children, how we often saw them as tying us down, making us into these “parent” things that we did not want to be. I admitted to some of these emotions myself. Yet when I looked at Morrie, I wondered if I were in his shoes, about to die, and I had no family, no children, would the emptiness be unbearable? He had raised his two sons to be loving and caring, and like Morrie, they were not shy with their affection. Had he so desired, they would have stopped what they were doing to be with their father every minute of his final months. But that was not what he wanted.</p><p>“Do not stop your lives,” he told them. “Otherwise, this disease will have ruined three of us instead of one.” In this way, even as he was dying, he showed respect for his children’s worlds. Little wonder that when they sat with him, there was a waterfall of affection, lots of kisses and jokes and crouching by the side of the bed, holding hands. “Whenever people ask me about having children or not having children, I never tell them what to do,” Morrie said now, looking at a photo of his oldest son. “I simply say, `There is no experience like having children.’ That’s all. There is no substitute for it. You cannot do it with a friend. You cannot do it with a lover. If you want the experience of having complete responsibility for another human being, and to learn how to love and bond in the deepest way, then you should have children.” So you would do it again? I asked.</p><p>I glanced at the photo. Rob was kissing Morrie on the forehead, and Morrie was laughing with his eyes closed. “Would I do it again?” he said to me, looking surprised. “Mitch, I would not have missed that experience for anything. Even though . . . “ He swallowed and put the picture in his lap. “Even though there is a painful price to pay,” he said. Because you’ll be leaving them. “Because I’ll be leaving them soon.” He pulled his lips together, closed his eyes, and I watched the first teardrop fall down the side of his cheek. “And now,” he whispered, “you talk.”</p><h2 id="Me"><a href="#Me" class="headerlink" title="Me?"></a>Me?</h2><p>“Your family. I know about your parents. I met them, years ago, at graduation. You have a sister, too, right?” Yes, I said. “Older, yes?” Older. “And one brother, right?” I nodded. “Younger?” Younger. “Like me,” Morrie said. “I have a younger brother.”<br>Like you, I said. “He also came to your graduation, didn’t he?” I blinked, and in my mind I saw us all there, sixteen years earlier, the hot sun, the blue robes, squinting as we put our arms around each other and posed for Instamatic photos, someone saying, “One, two, threeee . . . “ “What is it?” Morrie said, noticing my sudden quiet. “What’s on your mind?” Nothing, I said, changing the subject. The truth is, I do indeed have a brother, a blondhaired, hazel-eyed, two-years-younger brother, who looks so unlike me or my dark-haired sister that we used to tease him by claiming strangers had left him as a baby on our doorstep. “And one day,” we’d say, “they’re coming back to get you.” He cried when we said this, but we said it just the same.</p><p>He grew up the way many youngest children grow up, pampered, adored, and inwardly tortured. He dreamed of being an actor or a singer; he reenacted TV shows at the dinner table, playing every part, his bright smile practically jumping through his lips. I was the good student, he was the bad; I was obedient, he broke the rules; I stayed away from drugs and alcohol, he tried everything you could ingest. He moved to Europe not long after high school, preferring the more casual lifestyle he found there. Yet he remained the family favorite. When he visited home, in his wild and funny presence, I often felt stiff and conservative. As different as we were, I reasoned that our fates would shoot in opposite directions once we hit adulthood. I was right in all ways but one. From the day my uncle died, I believed that I would suffer a similar death, an untimely disease that would take me out. So I worked at a feverish pace, and I braced myself for cancer. I could feel its breath. I knew it was coming. I waited for it the way a condemned man waits for the executioner.</p><p>And I was right. It came. But it missed me. It struck my brother. The same type of cancer as my uncle. The pancreas. A rare form. And so the youngest of our family, with the blond hair and the hazel eyes, had the chemotherapy and the radiation. His hair fell out, his face went gaunt as a skeleton. It’s supposed to be me, I thought. But my brother was not me, and he was not my uncle. He was a fighter, and had been since his youngest days, when we wrestled in the basement and he actually bit through my shoe until I screamed in pain and let him go. And so he fought back. He battled the disease in Spain, where he lived, with the aid of an experimental drug that was not-and still is not-available in the United States. He flew all over Europe for treatments. After five years of treatment, the drug appeared to chase the cancer into remission.</p><p>That was the good news. The bad news was, my brother did not want me around-not me, nor anyone in the family. Much as we tried to call and visit, he held us at bay, insisting this fight was something he needed to do by himself. Months would pass without a word from him. Messages on his answering machine would go without reply. I was ripped with guilt for what I felt I should be doing for him and fueled with anger for his denying us the right to do it. So once again, I dove into work. I worked because I could control it. I worked because work was sensible and responsive. And each time I would call my brother’s apartment in Spain and get the answering machine-him speaking in Spanish, another sign of how far apart we had drifted-I would hang up and work some more. Perhaps this is one reason I was drawn to Morrie. He let me be where my brother would not. Looking back, perhaps Morrie knew this all along.</p><p>It is a winter in my childhood, on a snow packed hill in our suburban neighborhood. My brother and I are on the sled, him on top, me on the bottom. I feel his chin on my shoulder and his feet on the backs of my knees. The sled rumbles on icy patches beneath us. We pick up speed as we descend the hill. “CAR!” someone yells. We see it coming, down the street to our left. We scream and try to steer away, but the runners do not move. The driver slams his horn and hits his brakes, and we do what all kids do: we jump off. In our hooded parkas, we roll like logs down the cold, wet snow, thinking the next thing to touch us will be the hard rubber of a car tire. We are yelling “AHHHHHH” and we are tingling with fear, turning over and over, the world upside down, right side up, upside down. And then, nothing. We stop rolling and catch our breath and wipe the dripping snow from our faces. The driver turns down the street, wagging his finger. We are safe. Our sled has thudded quietly into a snowbank, and ourfriends are slapping us now, saying “Cool” and “You could have died.”<br>I grin at my brother, and we are united by childish pride. That wasn’t so hard, we think, and we are ready to take on death again.</p><h2 id="The-Sixth-Tuesday-We-Talk-About-Emotions"><a href="#The-Sixth-Tuesday-We-Talk-About-Emotions" class="headerlink" title="The Sixth Tuesday We Talk About Emotions"></a>The Sixth Tuesday We Talk About Emotions</h2><p>I walked past the mountain laurels and the Japanese maple, up the bluestone steps of Morrie’s house. The white rain gutter hung like a lid over the doorway. I rang the bell and was greeted not by Connie but by Morrie’s wife, Charlotte, a beautiful gray-haired woman who spoke in a lilting voice. She was not often at home when I came by-she continued working at MIT, as Morrie wished-and I was surprised this morning to see her. “Morrie’s having a bit of a hard time today,” she said. She stared over my shoulder for a moment, then moved toward the kitchen. I’m sorry, I said. “No, no, he’ll be happy to see you,” she said quickly. “Sure . . .” She stopped in the middle of the sentence, turning her head slightly, listening for something. Then she continued. “I’m sure . . . he’ll feel better when he knows you’re here.” I lifted up the bags from the market-my normal food supply, I said jokingly-and she seemed to smile and fret at the same time. “There’s already so much food. He hasn’t eaten any from last time.” This took me by surprise. He hasn’t eaten any, I asked?</p><p>She opened the refrigerator and I saw familiar containers of chicken salad, vermicelli, vegetables, stuffed squash, all things I had brought for Morrie. She opened the freezer and there was even more.</p><p>“Morrie can’t eat most of this food. It’s too hard for him to swallow. He has to eat soft things and liquid drinks now.” But he never said anything, I said. Charlotte smiled. “He doesn’t want to hurt your feelings.” It wouldn’t have hurt my feelings. I just wanted to help in some way. I mean, I just wanted to bring him something . . . “You are bringing him something. He looks forward to your visits. He talks about having to do this project with you, how he has to concentrate and put the time aside. I think it’s giving him a good sense of purpose . . .” Again, she gave that faraway look, the tuning-in-something-fromsomewhere-else. I knew Morrie’s nights were becoming difficult, that he didn’t sleep through them, and that meant Charlotte often did not sleep through them either. Sometimes Morrie would lie awake coughing for hours-it would take that long to get the phlegm from his throat. There were health care workers now staying through the night and all those visitors during the day, former students, fellow professors, meditation teachers, tramping in and out of the house. On some days, Morrie had a half a dozen visitors, and they were often there when Charlotte returned from work. She handled it with patience, even though all these outsiders were soaking up her precious minutes with Morrie. “. . . a sense of purpose,” she continued. “Yes. That’s good, you know.”</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/12/21/2023/Sweetbitter_1/"/>
      <url>/2023/12/21/2023/Sweetbitter_1/</url>
      
        <content type="html"><![CDATA[<p>Stephanie Danler Sweetbitter For my grandparents Margaret Barton Ferrero and James Vercelli Ferrero Eros once again limb-loosener whirls me Sweetbitter, impossible to fight off, creature stealing up. — Sappho, translated by Anne Carson, Eros the Bittersweet “Let us now cast a philosophical glance at the pleasure or pain of which taste may be the occasion.” — Brillat-Savarin, translated by Anne Drayton, The Physiology of Taste</p><h2 id="Summer-I-You-Will-Develop-A-Palate"><a href="#Summer-I-You-Will-Develop-A-Palate" class="headerlink" title="Summer I You Will Develop A Palate."></a>Summer I You Will Develop A Palate.</h2><p>A palate is a spot on your tongue where you remember. Where you assign words to the textures of taste. Eating becomes a discipline, language-obsessed. You will never simply eat food again.</p><p>I DON’T KNOW what it is exactly, being a server. It’s a job, certainly, but not exclusively. There’s a transparency to it, an occupation stripped of the usual ambitions. One doesn’t move up or down. One waits. You are a waiter.</p><p>It is fast money - loose, slippery bills that inflate and disappear over the course of an evening. It can be a means, to those with concrete ends and unwavering vision. I grasped most of that easily enough when I was hired at the restaurant at twenty-two. Some of it was a draw: the money, the sense of safety that came from having a place to wait. What I didn’t see was that the time had severe brackets around it. Within those brackets nothing else existed. Outside of them, all you could remember was the blur of a momentary madness. Ninety percent of us wouldn’t even put it on a résumé. We might mention it as a tossed-off reference to our moral rigor, a badge of a certain kind of misery, like enduring earthquakes, or spending time in the army. It was so finite.</p><p>I CAME HERE in a car like everybody else. In a car filled with shit I thought meant something and shortly thereafter tossed on the street: DVDs, soon to be irrelevant, a box of digital and film cameras for a still-latent photography talent, a copy of On the Road that I couldn’t finish, and a Swedish-modern lamp from Walmart. It was a long, dark drive from a place so small you couldn’t find it on a generous map. Does anyone come to New York clean? I’m afraid not. But crossing the Hudson I thought of crossing Lethe, milky river of forgetting. I forgot that I had a mother who drove away before I could open my eyes, and a father who moved invisibly through the rooms of our house. I forgot the parade of people in my life as thin as mesh screens, who couldn’t catch whatever it was I wanted to say to them, and I forgot how I drove down dirt roads between desiccated fields, under an oppressive guard of stars, and felt nothing. Yes, I’d come to escape, but from what? The twin pillars of football and church? The low, faded homes on childless cul-de-sacs?</p><p>Mornings of the <em>Gazette</em> and boxed doughnuts? The sedated, sentimental middle of it? It didn’t matter. I would never know exactly, for my life, like most, moved only imperceptibly and definitively forward. Let’s say I was born in late June of 2006 when I came over the George Washington Bridge at seven a.m. with the sun circulating and dawning, the sky full of sharp corners of light, before the exhaust rose, before the heat gridlocked in, windows unrolled, radio turned up to some impossibly hopeful pop song, open, open, open. - SOUR: all the puckering citrus juices, the thin-skinned Meyer lemons, knobbed Kaffirs. Astringent yogurts and vinegars. Lemons resting in pint containers at all the cooks’ sides. Chef yelled, This needs acid! and they eviscerated lemons, leaving the caressing sting of food that’s alive. - I DIDN’T KNOW about the tollbooths. “I didn’t know,” I said to the tollbooth lady. “Can’t I squeeze through this one time?” The woman in the booth was as unmoved as an obelisk. The driver in the car behind me started honking, and then the driver behind him, until I wanted to duck under the steering wheel. She directed me to the side where I reversed, turned, and found myself facing the direction from which I had just come. I pulled off into a maze of industrial streets, each one more misleading than the next. It was irrational but I was terrified of not being able to find an ATM and having to go all the way back. I pulled into a Dunkin’ Donuts. I took out twenty dollars and looked at my remaining balance: $146.00. I used the restroom and rinsed off my face. <em>Almost,</em> I said to my strained face in the mirror.</p><p>“Can I get a large iced hazelnut coffee?” I asked. The man wheezing behind the counter masticated me with his eyes. “You’re back?” He handed me the change.</p><h2 id="“Excuse-Me-”"><a href="#“Excuse-Me-”" class="headerlink" title="“Excuse Me?”"></a>“Excuse Me?”</h2><p>“You were in here yesterday. You got that same coffee.” “No. I. Did. Not.” I shook my head for emphasis. I imagined myself getting out of the car yesterday, tomorrow, and every day of my new life, pulling into the Dunkin’ Donuts in motherfucking New Jersey, and ordering that coffee. I felt sick. “I didn’t,” I said again, still shaking my head. “I’m back, it’s me,” I said to the tollbooth woman, rolling the window down triumphantly. She raised one eyebrow and hooked her thumb into her belt loop. I handed her money like it was nothing. “Can I get in now?”</p><p>SALT: your mouth waters itself. Flakes from Brittany, liquescent on contact. Blocks of pink salt from the Himalayas, matte gray clumps from Japan. An endless stream of kosher salt, falling from Chef’s hand. Salting the most nuanced of enterprises, the food always requesting more, but the tipping point fatal. - A FRIEND OF a friend of a friend, his name was Jesse. A spare bedroom for $700 a month. A neighborhood called Williamsburg. The city was in the grips of a tyrannical heat wave, the daily papers headlined with news of people dying in Queens and the outer boroughs where there were blackouts. The cops were passing out bags of ice, an evaporating consolation. The streets were wide and vacant and I parked my car on Roebling. It was midafternoon, there wasn’t enough shade, and every business seemed closed. I walked over to Bedford Avenue to look for signs of life. I saw a coffee shop and thought about asking if they needed a barista. When I looked through the window the kids on laptops were thin lipped, pierced, gaunt, so much older than me. I had promised myself to find work swiftly and unthinkingly - as a waitress, a barista, a whatever-the-fuck-job so I could feel planted. But when I told myself to open the door my hand objected. The waterfront skyline was plastered with skeletons of high-rises, escalating out of the low buildings. They looked like mistakes that had been rubbed out with an eraser. Creaking above an overgrown, abandoned lot was a rusted-out Mobil gas sign - all around me ambivalent evidence of extinction. This new roommate had left the keys at a bar near the apartment. He worked in an office in Midtown during the day and couldn’t meet me. Clem’s was a dark spot on a bright corner, the air conditioner rumbling like a diesel motor. It anointed me with a drip when I walked in, and I stood blinking in the airstream while my eyes adjusted. There was a bartender leaning heavily against the back counter with his boots up on the bar in front of him. He wore a patched and studded denim vest with no shirt underneath. Two women sat in front of him in yellow print dresses, twirling straws in big drinks. No one said anything to me. “Keys, keys, keys,” he said when I asked. In addition to his body odor, which hit me in the face on my approach, this man was covered in terrifying - demonic - tattoos. The skin of his ribs seemed glued on. A mustache as defined as pigtails. He pulled out the register, threw it on the bar, and rummaged through the drawer underneath. Stacks of credit cards, foreign change, envelopes, receipts. The bills fluttered against the clamps. “You Jesse’s girl?” “Ha,” one of the women said from down the bar. She pressed her drink onto her forehead and rolled it back and forth. “That was funny.” “It’s South Second and Roebling,” I said. “Am I a fucking real estate agent?” He threw a handful of keys with plastic colored tags at me. “Aw, don’t scare her,” the second woman said. They didn’t look like sisters exactly, but they were both fleshy, rising out of their halter necklines like figureheads on the prow of a ship. One was blond, the other brunette - and now that I was looking, their dresses were definitely identical. They murmured inside jokes to each other. How am I going to live here? I wondered. Someone is going to have to change, them or me. I found the keys marked 220 Roebling. The bartender ducked down. “Thank you very much, sir,” I said to the air. “Oh, no problem, madame,” he said, popping up and batting his eyes at me. He opened a can of beer, pushed his mustache up, and ran his tongue around it while looking at me. “Okay,” I said, backing away. “Well, maybe I’ll come in again. For like…a drink.” “I’ll be here with bells on,” he said, turning his back on me. His stench lingered. Just before I stepped out into the heat I heard one of the women say, “Oh god,” and then from that bartender: “There goes the fucking neighborhood.”</p><p>SWEET: granular, powdered, brown, slow like honey or molasses. The mouth-coating sugars in milk. Once, when we were wild, sugar intoxicated us, the first narcotic we craved and languished in. We’ve tamed, refined it, but the juice from a peach still runs like a flash flood.</p><p>I DON’T REMEMBER why I went to that restaurant first. I do remember - in perfect detail - that stretch of Sixteenth Street that gave away so little: the impersonal, midcentury teal of Coffee Shop, the battalion of dumpsters between us and Blue Water Grill, the bodega with two small card tables where they let you drink beer. Always uniformed servers buying Altoids and energy drinks. The alley where the cooks lined up to smoke cigarettes between services, the recesses of the alley where they smoked pot and kicked at the rats tearing through the trash. And just beyond our line of vision we could sense the outlines of the scrawny park.</p><h2 id="What-Did-The-Owner-Gaze-At-When-He-Built-It-The-Future"><a href="#What-Did-The-Owner-Gaze-At-When-He-Built-It-The-Future" class="headerlink" title="What Did The Owner Gaze At When He Built It? The Future."></a>What Did The Owner Gaze At When He Built It? The Future.</h2><p>When I got there they told me a lot of stories. Nobody went to Union Square in the eighties, they said. Only a few of the publishing houses had moved down there. That city has been replaced by another city. The Whole Foods, the Barnes &amp; Noble, the Best Buy - they got stacked right on top of it. In Rome, they dig for a subway and find whole civilizations. With all the artists, the politicians, the tailors, the hairdressers, the bartenders. If you dug right here on Sixteenth Street you’d find us, younger, and all the stale haunts, and all the old bums in the park younger too. What did those original servers see when they went to the first interviews in 1985? A tavern, a grill, a bistro? A mess of Italy, France, and some burgeoning American cuisine that nobody really believed in yet? A hodgepodge that shouldn’t have worked? When I asked them what they saw, they said he’d built a kind of restaurant that hadn’t been there before. They all said that when they walked in, it felt like coming home.</p><p>BITTER: always a bit unanticipated. Coffee, chocolate, rosemary, citrus rinds, wine. Once, when we were wild, it told us about poison. The mouth still hesitates at each new encounter. We urge it forward, say, Adapt. Now, enjoy it.</p><p>I SMILED too much. At the end of the interview the corners of my mouth ached like stakes in a tent. I wore a black sundress and a pilled cardigan, which was the most conservative and professional thing I owned. I had a handful of résumés folded up in my purse, and my loose plan - if that’s even the right word for the hesitant brand of instinct I forced myself to follow with a sense of doom - was to walk into restaurants until I got hired. When I asked my roommate where I should look for a job, he said the best restaurant in New York City was in Union Square. Within a minute of getting off the train I developed giant wet half-moons of sweat in the cardigan, but the top of my dress was too revealing to remove it. “Why did you choose New York?” asked Howard, the general manager. “I thought you were going to ask me why I chose this restaurant,” I said. “Let’s start with New York.”<br>I knew from books, movies, and <em>Sex and the City</em> how I was supposed to answer. I’ve always dreamed of living here, they say.</p><p>They stress the word <em>dreamed,</em> lengthen it, to make it sound true.</p><p>I knew so many said: I came here to be a singer/dancer/actress/ photographer/painter. In finance/fashion/publishing. I came here to be powerful/beautiful/wealthy. This always seemed to mean: I’m stopping here to become someone else. I said, “It really didn’t feel like a choice. Where else is there to go?” “Ah,” he said. “It’s a bit of a calling, isn’t it?”<br>That’s all. Ah. And I felt like he understood that I didn’t have endless options, that there was only one place large enough to hold so much unbridled, unfocused desire. Ah. Maybe he knew how I<br>fantasized about living a twenty-four-hour life. Maybe he knew how bored I had been up until now. Howard was in his late forties with a cultivated, square face. His hair receded finely, emphasizing bulging eyes that told me he didn’t need much sleep. He stood squarely on athletic legs, balancing a prominent belly. Judicious eyes, I thought, as he tapped his fingers on the white tablecloth and assessed me. “You have nice nails,” I said, looking at his hands. “It’s part of the job,” he said, unswayed. “Tell me what you know about wine.” “Oh, the basics. I’m competent in the basics.” As in I knew the difference between white and red wine and it couldn’t get more basic than that. “For example,” he said, looking around the room as if plucking a question from the air, “what are the five noble grapes of Bordeaux?” I pictured cartoon grapes wearing crowns on their heads, welcoming me to their châteaux - Hello, we are the noble grapes of Bordeaux, they said. I debated lying. It was impossible to know how much honesty about my ignorance would be valued.</p><h2 id="“Mer…Lot-”"><a href="#“Mer…Lot-”" class="headerlink" title="“Mer…Lot?”"></a>“Mer…Lot?”</h2><p>“Yes,” he said. “That’s one.” “Cabernet? I’m sorry, I don’t really drink Bordeaux.” He seemed sympathetic. “Of course, it’s a bit above the average price point.” “Yep.” I nodded. “That’s totally it.”</p><h2 id="“What-Do-You-Drink-”"><a href="#“What-Do-You-Drink-”" class="headerlink" title="“What Do You Drink?”"></a>“What Do You Drink?”</h2><p>My first instinct was to list the different beverages I drank on a daily basis. The noble grapes were back in my head, dancing, telling him all about my Dunkin’ Donuts iced coffee. “What do I drink when?” “When you purchase a bottle of wine, what do you tend toward?” I imagined myself purchasing a bottle of wine, not based on price or proximity to the checkout line, not based on what animal was on the label, but by an internal matrix of my own taste. That image was as laughable as my noble grapes, even if I was wearing a cardigan. “Beaujolais? Is that a wine?” “It is. Beaujolais, c’est un vin fainéant et radin.” “Yes. That.” “Which cru do you prefer?” “I’m not sure,” I said, batting my eyelashes forcibly, falsely. “Do you have any experience as a server?” “Yes. I’ve been working at that coffee shop for years. It’s on my résumé.” “I mean in a restaurant. Do you know what it means to be a server?”<br>“Yes. When the plates are ready I bring them out and <em>serve</em> them to customers.” “You mean guests.” “Guests?” “Your guests.” “Yes, that’s what I meant.” He scribbled on the top of my résumé. Server? Guests? What was the difference between a guest and a customer? “It says here you were an English major.” “Yes. I know. It’s generic.” “What are you reading?” “Reading?” “What are you reading right now?”</p><h2 id="“Is-That-A-Job-Question-”"><a href="#“Is-That-A-Job-Question-”" class="headerlink" title="“Is That A Job Question?”"></a>“Is That A Job Question?”</h2><p>“Perhaps.” He smiled. His eyes made an unabashed, slow circle around my face. “Um. Nothing. For the first time in my life, I’m reading nothing.” I paused and looked out the window. I don’t think anyone, even my professors, had once asked me what I was reading. He was digging, and though I had no idea what he was looking for, I decided it was better to play. “You know, Howard, if I can call you that, when I was leaving for here I packed a few boxes of books. But then I really started looking at them. These books were…I don’t know…totems of who I was….I…” My words had a point, I had just felt the point coming, I was trying to tell him the truth. “I left them behind. That’s what I mean.” He rested his cheek on an aristocratic hand. He listened. No, he perceived. I felt perceived. “Yes. It’s startling to look back on the passionate epiphanies of our youth. But a good sign perhaps. That our minds have changed, that we’ve evolved.” “Or maybe it means we’ve forgotten ourselves. And we keep forgetting ourselves. And that’s the big grown-up secret to survival.” I stared out the window. The city passed on, obliviously. If this went badly I would forget it too.</p><h2 id="“Are-You-A-Writer-”"><a href="#“Are-You-A-Writer-”" class="headerlink" title="“Are You A Writer?”"></a>“Are You A Writer?”</h2><p>“No,” I said. The table came back into focus. He was looking at me. “I like books. And everything else.” “You like everything else?” “You know what I mean, I like it all. I like being moved.” He made another note on my résumé. “What do you dislike?” “What?” I thought I’d misheard him. “If you like being moved, what do you dislike?” “Are these normal questions?” “This isn’t a normal restaurant.” He smiled and crossed his hands. “Okay.” I looked back out the window. Enough. “I don’t like that question.”</p><h2 id="“Why-”"><a href="#“Why-”" class="headerlink" title="“Why?”"></a>“Why?”</h2><p>My palms were damp. That was the moment I realized I wanted the job. That job, at that restaurant specifically. I looked at my hands and said, “It feels a little personal.” “All right.” He didn’t skip a beat, a quick glance at my résumé and he was on track. “Can you tell me about a problem at one of your last jobs? At that coffee shop, I suppose. Tell me about a problem there and how you solved it.” As if I had dreamed it, the interior of the coffee shop dissolved when I tried to recall it directly. And when I tried to remember punching in there, tried to remember the sink, the register, the coffee grinds, the objects faded. And then her fat, gloating, vindictive face appeared. “There was this awful woman, Mrs. Pound. I mean it, she was insufferable. We called her The Hammer. From the second she walked in everything was wrong, the coffee scalded her or it tasted like dirt, the music was too loud, or her blueberry muffin had poisoned her the night before. She was always threatening to shut us down, telling us to get our lawyer ready each time she bumped into a table. She wanted scrambled eggs for her dog. Never tipped us a cent. She was dreaded. But then, this was a little over a year ago, she had her foot amputated. She was diabetic. None of us ever knew, I mean, why would we know? And she would wheel by in her wheelchair and everyone was like, Finally, The Hammer is done.” “Finally, what?” Howard asked. “Oh, I forgot that part. We didn’t have a ramp. And there were stairs. So she was finished, more or less.” “More or less,” he said. “But, the real part of the story. One day she was wheeling by, and she was glaring, I mean, hateful. And I don’t know why, but I missed her. I missed her face. So I made her coffee and I ran after her. I wheeled her across the street to the park and she complained about everything from the weather to indigestion. From then on it was our thing. Every day. I even brought the scrambled eggs in a togo container for her dog. My coworkers made so much fun of me.” The Hammer’s swollen, varicosed legs. Flashing her stump at me from under her housedress. Her purple fingers. “Does that answer your question? The problem was not having a ramp, I guess. The solution was to bring out the coffee. I’m sorry, I didn’t explain it very well.” “I think you explained it perfectly. That was a kind thing to do.” I shrugged. “I really liked her actually.” The Hammer was the only impolite person I knew. She put me in that restaurant. I felt it then but didn’t understand it. It was her niece’s daughter who was a friend of a friend of my new roommate in Williamsburg. Our goodbye had been tearful - on my end, not hers. I promised to write her letters, but the weeks were eclipsing our small relationship. And as I looked at Howard and the perfectly set table and the tasteful hydrangea arrangement between us, I<br>understood what he meant by <em>guest,</em> and I also knew that I would never see her again. “Did you move here with anyone? Girlfriends? A boyfriend?” “No.” “That’s very brave.” “Is it? It’s been two days and I feel pretty foolish.” “It’s brave if you make it, foolish if you fail.” I wanted to ask him how I would be able to tell the difference and when. “If you’re hired here, what do you want the next year to bring you?” I forgot that I was being interviewed. I forgot about my negative bank account, my pit stains, and the noble grapes. I said something about wanting to learn. About my work ethic. I was never good at the future. I grew up with girls whose chief occupation was the future - designing it, instigating it. They could talk about it with so much confidence that it sounded like the past. During those talks, I had contributed nothing. I had visions, too abstract and flat for me to hang on to. For years I saw a generic city lit up at night. I would use those remote, artificial lights to soothe myself to sleep. One day I was quitting my job with no sense of exhilaration, one day I was leaving a note for my father, pulling out of his driveway, slightly bewildered, and two days later I was sitting in front of Howard. That was the way the future came to me. The vision that accompanied me on my drive was a girl, a lady actually. We had the same hair but she didn’t look like me. She was in a camel coat and ankle boots. A dress under the coat was belted high on her waist. She carried various shopping bags from specialty stores and as she was walking, pausing at certain windows, her coat would fly back in the wind. Her boot heels tapped on the cobblestones. She had lovers and breakups, an analyst, a library, acquaintances she ran into on the street whose names she couldn’t call to mind. She belonged to herself only. She had edges, boundaries, tastes, definition down to her eyelashes. And when she walked it was clear she knew where she was going. As I thanked him and we reviewed my contact information, I didn’t know what had transpired, whether it was good or bad. It took me a moment to even remember the name of the restaurant. He held my hand too long and as I stood, his eyes traveled down my body, not like an employer’s, but like a man’s. “I dislike mopping. And lying,” I said. I don’t know why. “Those are the two that come to mind.” He nodded and smiled - what I wanted to call a private smile. The backs of my legs were damp with sweat and as I walked away I felt his eyes unabashedly on my ass. At the door, I rolled my cardigan off my shoulders, and arched as if stretching. No one knows how I got the job, but it’s better to be honest about these things.</p><p>TASTE, Chef said, is all about balance. The sour, the salty, the sweet, the bitter. Now your tongue is coded. A certain connoisseurship of taste, a mark of how you deal with the world, is the ability to relish the bitter, to crave it even, the way you do the sweet.</p><h2 id="Ii"><a href="#Ii" class="headerlink" title="Ii"></a>Ii</h2><p>THE SPACE WAS aesthetically unremarkable, even ugly in places. Not ragged by any means - the paint fresh, the dust banished - but defiantly past its peak. The art was dated, gaudy, some of it honestly preposterous, purchased in the eighties or whenever. The dining room had three levels, as if it had been built during different periods and linked together as an afterthought. Tables cluttered on one side of the room, sparse on the other. The cumulative effect was like someone hadn’t quite made up his mind, but insisted on having you over anyway.</p><p>THE OWNER TOLD ME at orientation, “There are many endeavors to bring pleasure to people. Every artist assumes that challenge. But what we do here is the most intimate. We are making something you take inside you. Not the food, the experience.”</p><p>TWO AREAS OF the restaurant were flawless: first, three café-style tables in the front framed by a large window at the entrance. The tables were set in the day’s changing light. Some people - I mean guests—hated to be next to the entrance, to be sectioned off from the main dining rooms. But some of them wouldn’t sit anywhere else. These tables were often held for the most poised guests - rarely a sloucher or anyone in denim. The Owner said, “Running a restaurant means setting a stage. The believability hinges on the details. We control how they experience the world: sight, sound, taste, smell, touch. That starts at the door, with the host and the flowers.” And then, the bar. Timeless: long, dark mahogany, with stools high enough to make you feel like you were afloat. The bar had soft music, dim lighting, tinkling layers of noise, the bumps of a neighbor’s knee, the reach of someone’s arm by your face to take a glittering martini, the tap of a hostess as she escorted guests behind your back, the blur of plates being passed, the rattle of drinks, the virtuoso performance of bartenders slapping bottles into the back bar while also delivering bread, while also taking an order with the requisite substitutions and complications. All the best regulars came in and greeted the hostess saying, Any space at the bar tonight?</p><p>“OUR GOAL,” he said, “is to make the guests feel that we are on their side. Any business transaction - actually any life transaction</p><ul><li>is negotiated by how you are making the other person <em>feel.</em>“ The Owner looked and spoke like a deity. Sometimes the New York Post referred to him as the mayor. Tall, tan, handsome with perfect white teeth, effortless articulation, and gorgeous gesticulation. I listened to him accordingly, with my hands in my lap. Yet there was a tension I couldn’t quite put my finger on. Something false about making guests “feel” that we were on their side. I looked around the room and suddenly everything looked like currency to me: the silver, the wooden beams, the regal floral arrangement crowning the bar. Jesus, I thought, you can get rich by making people <em>feel</em> good about spending their money. We weren’t on their side; we were on the Owner’s side. All the emphasis on details, all the jargon - it was still just a business, right? When orientation was over, I wanted to catch his eye and let him know that I got it. I wanted to ask someone how much of that money I would be taking home. Then I approached him at the exit and he looked me in the eyes. I stopped. He said my name though I hadn’t told him. He shook my hand and nodded like he had already forgiven me for all my shortcomings and would remember my face forever. He said, “We are creating the world as it should be. We don’t have to pay any attention to how it is.”</li></ul><p>WHEN I GOT the job I didn’t actually get the job. I got to train for the job. And the position was “backwaiter,” which wasn’t the same as being a server. Howard led me up a narrow spiral staircase in the back of the kitchen and deposited me in the locker room. He said, “You’re the new girl now. You have a certain responsibility.” He left without clarifying what that responsibility was. In the corner of the windowless room sat two older Latino men and a woman. They had been speaking in Spanish but were now staring at me. A small electric fan shuddered behind them. I tried a smile.</p><h2 id="“Is-There-Somewhere-I-Can-Change-”"><a href="#“Is-There-Somewhere-I-Can-Change-”" class="headerlink" title="“Is There Somewhere I Can Change?”"></a>“Is There Somewhere I Can Change?”</h2><p>“Right here mami,” the woman said. She had unruly black hair, held back by a bandana. Rivulets of sweat made track marks down her face. She pursed her lips. The men with their outsized, destroyed faces. “Okay,” I said. I opened my locker and stuck my face into it, blocking them from my sight. Howard had told me to buy a white button-down shirt, and I put it on over my tank top to avoid undressing. The shirt was as breathable as cardboard. Sweat ran down my back and into my underwear. They began talking again, fanning themselves, walking to a small sink and splashing water on their faces. The room was stacked with chairs in the back, and along the walls were pairs of Crocs and clogs covered in white splotches, with heels worn down to nothing. There was no air, my chest contracted. The door burst open and a man said, “Are you not hungry? Are you coming?” I looked at the three in the corner to make sure he was talking to me. He had an adolescent, tame face, but was irritated, his brows narrowed together. “No, I’m hungry,” I said. I wasn’t, I just wanted something to do. “Well family is almost over. How much more primping do you have left?” I shut my locker door and put my hair back in a ponytail. “I’m done. Are you in charge of me?” “Yes, I’m in charge of you. I’m your trailer. First lesson, if you miss family, you don’t eat.” “Well it’s nice to meet you. I’m—“ “I know who you are.” He slammed the door behind us. “You’re the new girl. Don’t forget to clock in.” - THERE WERE tables in the back dining room set with stainless steel sheet trays and bowls so big I could bathe in them. Macaroni and cheese, fried chicken, potato salad, biscuits, an oily green salad with shredded carrots. Pitchers of iced tea. It looked like food for a large catered event, but my trailer handed me a white plate and started helping himself to family meal. He went and sat at a table in the corner without inviting me to follow. The staff had taken over the back dining room. They came from every department: the servers in aprons, people in white coats, women removing headsets, men in suits, tugging at ties. I sat near the servers, in the very last chair - it was the best seat if I needed to run. Preshift turned out to be a turbulent affair. A frazzled, skittish manager named Zoe was looking at me like it was my fault. She kept calling out numbers or names - things like “Section 6” and “Mr. Blah-blah at eight p.m.” but the servers talked right through her. I nodded deafly. I couldn’t touch my food. The servers looked like actors - each perfectly idiosyncratic, but rehearsed. It all felt staged for my benefit. They wore striped shirts of every color. They were performing, snapping, clapping, kissing, cutting each other off, layers of noise colluding while I sank into my seat. Howard walked up with wineglasses hanging like spokes from his hand. A young man in a suit trailed behind him with a bottle of wine wrapped in brown paper. The servers passed around the glasses with tastes of wine, but one never made it to me. When Howard clapped his hands everyone went silent. “Who would like to begin?” Someone called out, “Pinot, obviously.” “New World or Old?” Howard asked, scanning the room. His eyes fell on me for a second and I dropped my face to my plate. I remembered every time a teacher had called on me and I didn’t know the answer. I remembered wetting my pants in the fourth grade and thought that if he called on me I would again now. “Old World,” a voice called out. “Obviously,” someone else said. “It’s old. I mean, it’s got age - look, it’s beginning to pale.” “So we’re talking Burgundy.” “It’s just a matter of deduction now, HR.” This man lifted his glass and pointed it to Howard. “I’m onto you.” Howard waited. “A little austere to be Côte de Beaune.” “Is it off?” “I was thinking it might be off!” “No, it’s perfect.” They stopped talking. I leaned forward to see who had said that. She was in the same row as me, behind too many people. I saw the bowl of her glass as she pulled it away from her nose and then brought it back. Her voice, low, ponderous, continued: “Côte de Nuits…hmm, Howard, this is a treat. Gevrey-Chambertin, of course. The Harmand-Geoffroy.” She put the glass down in front of her. From what I saw, she hadn’t taken a sip. The wine caught the light rebelliously. “The 2000. It’s actually showing really well.” “I agree, Simone. Thank you.” Howard clapped his hands together. “Friends, this wine is a steal, and don’t let the difficult 2000 vintage put you off. Côte de Nuits was able to pull off some stunning wines and they are drinking well, today, right now, this minute. As far as this gift goes, pass it on to your guests tonight.” Everyone stood up together. The people around me stacked their plates on top of my full one and left. I held them to my chest and pushed through the swinging doors in the kitchen. Two servers walked by on my right and I heard one of them say in a false singsong, “Oh, the Harmand-Geoffroy, of course,” and the other girl rolled her eyes. Someone walked by on my left and said to me, “Seriously? You don’t know what a dishwasher looks like?” I moved toward a trough laden with dirty dishes that ran the length of the room. I set my stack down apologetically. A tiny, gray-haired man on the other side of the trough huffed and took my stack, scraping the food off of each one and into a trash can. “Pinche idiota,” he said, and spat into the trough in front of him. “Thank you,” I said. Maybe I had never actually made a mistake before in my life and this is what it felt like. Like your hands were slipping off of every facet, like you didn’t have the words or directions and even gravity wasn’t reliable. I felt my trailer behind me and spun around to grab him. “Where do I—“ I reached out for an arm and noticed too late that it wasn’t striped. It was bare. There was a static shock when I touched it. “Oh. You’re not my person.” I looked up. Black jeans and a white T- shirt with a backpack on one shoulder. Eyes so pale, a weatherworn, spectral blue. He was covered in sweat and slightly out of breath. I inhaled sharply. “My trailer person I mean. You’re not him.” His eyes were a vise. “Are you sure?” I nodded. He looked me up and down, indiscreetly. “What are you?” “I’m new.” “Jake.” We both turned. The woman who knew the wine stood in the doorway. She didn’t see me. Her gaze distilled the kitchen light to its purest element. “Good morning. What time does your shift start again?” “Oh fuck off Simone.” She smiled, pleased. “I have your plate,” she said, and turned into the dining room. The doors swung back violently. And then all I could see was his feet pounding the last few stairs.</p><p>THEY SHOWED ME how to fold. Stacks of plastic-wrapped, blindingly white linens. Crease, turn, crease, fold, fan. Wrap with napkin bands, stack. The servers used that time to catch up, engaging in full conversations. Crease, turn, crease, fold, fan. I was lulled into a trance by the motions, by the lint gathering in my apron. No one addressed me. At least I can fold napkins, I said to myself, over and over. I watched Jake and Simone. He stood at the end of the bar hunched over his plate with his back to me, and she talked without looking at him. She tapped the screen at the computer terminal. I could tell they were attached far underneath the surface of the restaurant. Maybe because they weren’t laughing, or bantering - there was no performance. They were just talking. A girl with a button nose and a debutante’s smile said, “Hey,” and stuck her chewing gum into the napkin on my lap, and the trance was over.</p><p>I DIDN’T LOOK UP for weeks. I asked to work as many days as possible, but there was an alarming delay in money while the new paycheck cycle started. And when it came it was training pay. Nothing. With my first paycheck I bought a used mattress for $250 from a couple moving out a few apartments down. “Don’t worry,” they said, “no bugs. It’s full of love.” I took it, but that to me was more disturbing.</p><p>ON THE OTHER END of the linen spectrum came the bar mops. Every new trailer opened the session with, “Did someone explain bar mops?” And when I said yes they said, “Who? So-and-so always fucks it up. I have a secret stash.” I learned four different and elaborate systems for managing what were essentially rags they kept under lock and key. There were never enough. We could never attain healthy bar mop equilibrium. The kitchen always needed more, or the guy in the back never got set up before service, or the bartenders went on a cleaning spree. Invariably you forgot to save some for yourself. The victim of this bar mop negligence got to yell at you. When you asked a manager for more, they got to yell at you too, for burning through bar mops before service even started. If you begged - and everyone begged - the manager would unlock the cupboard and count out ten more. You told no one about the ten extra bar mops. You hid them, and then doled them out heroically during emergencies.</p><p>“THE KITCHEN IS a church,” Chef screamed at me when I asked my trailer a question. “No fucking talking.” Silence was observed in the kitchen. People entered on tiptoe. The only person allowed to directly address Chef during service was Howard - sometimes the other managers tried to do it and got their heads bitten off. The silence probably helped the cooks, but it made learning anything difficult to impossible.</p><p>IN BETWEEN shifts I went to the Starbucks that smelled like a toilet and drank one cup of coffee. On my evening off, I bought individual Coronas from the bodega and drank them on my mattress. I was so tired I couldn’t finish them. Half-empty bottles of warm beer lined my windowsills, looking like urine and filtering sunlight. I put slices of bread from the restaurant into my purse and made myself toast in the mornings. If I had a double I took naps in the park between the shifts. I slept hard, dreaming that I was sinking into the ground, and I felt safe. When I woke I slapped myself to get the grass marks off my cheeks. - NO NAMES. I didn’t know people. I grabbed whatever characteristics I could: crooked or fluorescent teeth, tattoos, accents, lipsticks, I even recognized some people by their gait. It’s not that my trailers were withholding information. I was just so stupid that I couldn’t learn table numbers and names at the same time. They explained to me that this restaurant was different - real paychecks first of all, and health benefits, sick days. Some nonsalaried servers even got hourly raises. People owned homes, had children, took vacations. Everyone had been there years. There were senior servers who would never leave. Debutante-Smile, Guy-with-Clark-Kent-Glasses, Guy-with-Long-Hair-and-Bun, Overweight-Gray-Hair-Guy. Even the backwaiters had been there at least three years. There was Mean- Girl, and Russian-Pouty-Lips, and my first trailer, whom I called Sergeant because of the way he ordered me around. Simone was Wine-Woman, and a senior server. She and Clark-Kent- Glasses had been there the longest. One of my trailers called her the tree of knowledge. Every preshift the maître d’ rearranged the seating chart because regulars demanded to sit in her section. The servers would line up to ask her questions, or they sent her to their VIP tables with a wine list. She never looked at me. And Sweaty-Boy, Jake? In those weeks of training I didn’t see him again. I thought maybe he didn’t work there, had just been filling in that day. But then I came in to pick up my first check on a Friday night and he was there. I put my head down when I saw him. He was a bartender.</p><p>“SO I HEARD you’re a barista,” drawled Guy-with-Long-Hair-and- Bun. “That makes my training day real easy.” It was like arriving to a coffee station on another planet. Everything silver, futuristic, elegant. More intelligent than me. “Ever worked on a Marzocco before?” “I’m sorry?” “The machine, the Marzocco. It’s the Cadillac of espresso machines.” All right, all right, I thought. I know how to make fucking coffee. Even a Cadillac was still a car. I picked out the portafilters, saw the grinder, the tamper. “You know the four Ms? What kind of espresso were you guys using?” “The kind that got dropped off in big bags,” I said. “It wasn’t exactly a gourmet place.” “Oh shit, okay, I heard you were a barista. No big deal, I’ll train you and we’ll check in with Howard after—“ “No. No.” I twisted the portafilter out and discharged the spent espresso into the trash can. “Where are your bar mops?” He handed me one and I wiped the basket. “You guys use timers or what?” “We use our eyes.” I exhaled. “Okay.” I turned on the grinder, wiped the steamer wand, flushed out the group head. Twenty-five seconds was a perfect shot of espresso. I would count it myself. “One cappuccino, coming right up.”</p><p>I STUDIED the menu, I studied the manual. At the end of every service a manager asked me questions. I found that even if I didn’t know what on earth a Lobster Shepherd’s Pie was, even if I couldn’t imagine it, if I knew it was the Monday night special I was going to pass my trails. Even if I didn’t know what the fuck our tenets meant, I repeated back to Zoe perfectly, “The first tenet is to take care of each other.” “And do you know what makes a fifty-one percenter?” Zoe was eating the hanger steak at her desk in the office. She swirled a piece of it through mashed potatoes and frizzled leeks. I was so hungry I could have slapped her. “Um.” I forgot that the Owner had said to me: “You were hired because you are a fifty-one percenter. That’s not something we can train for - you have to be born with it.” I had no idea what that meant. I looked at the choking sign on the wall. The man asphyxiating in the sign looked calm and I envied him.</p><p>FORTY-NINE PERCENT of the job was the mechanics. Anyone can do this job - that’s what I was always told about waitressing. I’m sorry, serving.</p><p>You know, just memorize the table numbers and positions, stack plates up along your arm, know all the menu items and their ingredients, never let the water levels drop, never spill a drop of wine, bus the tables cleanly, mise-en-place, fire orders, know the basic characteristics of the basic grape varieties and basic regions of the entire wine world, know the origins of the tuna, pair a wine with the foie gras, know the type of animal the cheeses come from, know what is pasteurized, what contains gluten, what contains nuts, where the extra straws are, how to count. Know how to show up on time. “And what’s the rest of it?” I asked my trailer, out of breath, dabbing paper towels into my armpits. “Oh, the fifty-one percent. That’s the tricky stuff.”</p><p>I FLUNG OFF my sweated-through work jeans, twisted the top off a Pacifico because they were out of Corona, and sat on my mattress with the manual. I am a fifty-one percenter, I said to myself. This is Me:</p><p>• <em>Unfailingly optimistic:</em> doesn’t let the world get him or her down. • <em>Insatiably curious:</em> and humble enough to ask questions. • <em>Precise:</em> there are no shortcuts. • <em>Compassionate:</em> has a core of emotional intelligence. • <em>Honest:</em> not just with others, but most essentially with oneself.<br>I lay back on the bed and laughed. Rarely, but sometimes, I thought about my old coworkers back in nowhere - where our training consisted of learning how to switch on the coffeepot - watching me sweat and run and parrot back this manual, unable to see five feet in front of me. They watched me spend every clocked-in moment blind and terrified, and then we laughed about it. The corner of South Second and Roebling was crowded with Puerto Rican families in their lawn chairs with adjacent coolers. They played dominoes. Kids screamed through the stream from a detonated hydrant. I watched them and thought back to that coffee shop on Bedford from the first day. I could probably walk in there now. I would say, Yeah I’ve worked on a Marzocco - oh, you don’t know it? But it wouldn’t be enough. Whatever it was, just being a backwaiter, a server, a barista - at this restaurant I wasn’t just anything. And I wouldn’t call it being a fifty-one percenter because that sounded like a robot. But I felt marked. I felt noticed, not just by my coworkers who scorned me, but by the city. And every time a complaint, a moan, or an eye roll rose to the surface, I smiled instead. AND ONE DAY I ran up the stairs into the locker room and a woman from the office followed me. She carried three hangers hung with stiff, striped Brooks Brothers button-downs. They were the androgynous kind of shirt that straddles the line between the boardroom and a circus. “Congratulations,” she said in monotone, like her clothes. “These are your stripes.” I put them in my locker and stared at them. I wasn’t training anymore. I had a job. At the most popular restaurant in New York City. I fingered the shirts and it happened: The escape was complete. I put on navy stripes. I thought I felt a breeze. It was as if I were coming out of anesthesia. I saw, I recognized, a person. - SHE STOPPED ME on my first steps into the dining room, holding a glass of wine in her hand. I had the fleeting impression that she had been waiting for me a long time. “Open your mouth,” Simone said, her head raised, imperious. Both of us looked at each other. She painted her lips before each service with an unyielding shade of red. She had dark-blond hair, untamable, frizzy, wisped out from her face like a seventies rock goddess. But her face was strict, classical. She held the glass of wine out to me and waited. I threw it back like a tequila shot, an accident, a habit. “Open your mouth now,” she commanded me. “The air has to interact with the wine. They flower together.” I opened my mouth but I had already swallowed. “Tasting is a farce,” she said with her eyes closed, nose deep in the bowl of the glass. “The only way to get to know a wine is to take a few hours with it. Let it change and then let it change you. That’s the only way to learn anything - you have to live with it.”</p><p>I HAD the next day off and wanted to celebrate. I took myself to the Met. The servers were always talking about the shows they saw - music, film, theater, art. I didn’t know a single thing they mentioned though I had taken an Intro to Art History course in college. I went because I needed something to contribute during napkin time. I don’t know how long I had been in the city, but when I got off the train at Eighty-Sixth Street I realized how narrowly I had been living. My days were contained to five square blocks in Union Square, the L train, and five square blocks in Williamsburg. When I saw the trees in Central Park I laughed out loud. The lobby of the Met - that holy labyrinth - appropriately took my breath away. I imagined being interviewed ten years from now. Not like with Howard where I was tested, but interviewed with admiration. My amicable interviewer would ask me about my origins. I would tell him that for so long I thought I would be nothing; that my loneliness had been so total that I was unable to project into the future. And that this changed when I got to the city and my present expanded, and my future skipped out in front of me. I stuck to the Impressionist galleries. They were paintings I had seen a hundred times reproduced in books. They were the rooms that people dozed in. Your body could go into a kind of coma from the dreamscapes, but if the mind was alert, the paintings galvanized. They were almost confrontational. “And that confirmed what I had always suspected,” I told my interviewer. “That my life before the city had only been a reproduction.” After I ran out of rooms I started again. Cézanne, Monet, Manet, Pissarro, Degas, Van Gogh. “This is what I want,” I said, showing my interviewer the painting of Van Gogh’s cypresses. “Do you see how, up close, it’s blurry and passionate? And from a distance, whole?” “And what about love?” my interviewer asked me, unprompted, as I stared at Cézanne’s apples. For a second I saw Simone’s red lips asking the question. “Love?” I looked around the gallery for the answer. I had wandered out of Impressionism, into early Symbolism. Where a moment earlier I could have sworn the room was crowded, it was now nearly empty except for an elderly man who stood with a cane and a younger woman holding his arm in support. When I was driving to the city I had said to myself, I’m not one of those girls who moves to New York to fall in love. Now, in front of a jury of Symbolists, Simone, and the old man, my denial felt thin. “I don’t know anything about it yet,” I said. I moved next to the man and his friend. His huge ears looked like they were carved of wax, and I was sure he was deaf. He was too at peace. We looked at Klimt’s woman in white, <em>Portrait of Serena Lederer,</em> the title said. She certainly wasn’t one of his most daring, and stood in contrast to his later gold-leafed, erotic works. But though she looked like a virginal column, she had in her face a restrained joy. I remembered something about an affair between the artist and the model, rumors that her daughter was actually Klimt’s. She stood above the three of us, unconcerned with being stared at. The old man smiled at me before he walked off. “Show me,” I said to the woman in white. We regarded each other and waited.</p><p>I GOT OFF the train and the streets were glowing. I went to the wine stall in the mini-mall on North Fifth and Bedford. The man behind the counter had long hair and tired, hanging eyes. He turned down the Biggie he’d been blasting when I came in. I looked at every single bottle, but I didn’t recognize anything. Finally, after ten minutes, I asked, “Do you have an affordable Chardonnay?” He had paint all over him and a cigarette behind his ear. “What kind of Chardonnay do you like?” “Um,” I swallowed. “France?” He nodded. “Yeah, that’s the only kind, right? None of that Cali shit. How’s this? I have one cold.” I paid him and held the bag to my chest. I ran home, crossing to the opposite side of Grand Street so I wouldn’t be contaminated by the demons lounging outside of Clem’s. I ran up my four flights of stairs too, ran into the apartment, stole Jesse’s wine key and a mug, and ran up the last flight, pushing out onto the roof. The sky was like the paintings. No, the paintings were trying to represent this sunset. The sky was aflame and throwing sparks, the orange clouds rimmed with purple like ash. The windows in each high-rise in Manhattan were lit up like the buildings were burning down. I was out of breath, overtired from the museum. My heart drummed. A voice said, You have to live with it. Another voice said, You made it, you made it, and at the same time, in a blistering chorus I said, Made it where? Live with what?</p><p>I WALKED IN on them in the locker room. Simone had been speaking loudly, sitting in a spare chair in her stripes with her legs crossed. He was standing in front of his locker, buttoning his shirt. They both looked at me, startled. “Sorry. Do you want me to come back?” “Of course not,” she said. But neither of them said anything else. The silence was accusatory. He dropped his pants, stepped out of them, and turned back to Simone. “Ignore him,” she said. It sounded like an order, so I obeyed. I looked away.</p><p>“PICK UP” was the call. “Picking up” was the echo. “Six and six, table 45, share,” Chef said. His eyes didn’t leave the board of tickets in front of him. “Pick up.” I put my hands in front of me and grabbed. Another sweltering day. Air conditioners all around the city were giving up. As I pushed into the tepid dining room I noticed the ice was melting in the oyster tray in my hands. Pale blue bodies amid sloshing ice chips. It looked disgusting. And six and six meant nothing to me. I had forgotten to check the day’s oysters. I forgot the table I was going to. Simone flooded by me and I reached for her. “Excuse me, Simone, sorry, but which are which oyster? Do you know?” “Do you remember when you tasted them?” She didn’t look at the plate. I hadn’t tasted them when they had been passed around at family meal. I hadn’t looked at the menu notes. “Do you remember tasting them?” she asked again, slowly, like I was dumb. “East Coast oysters are brinier, more mineral. West Coasts are plumper, creamier, sweeter. They’re even physically different. One has a flat cup, the other tends to be deeper.” “Okay, so which are which on this plate?” I held the plate closer to her face but she wouldn’t look. “Those are covered in water. Take them back to Chef.” I shook my head. Absolutely not. “You’re not going to serve those. Take them back to Chef.” I shook my head again but sucked in my lips. I saw it all unfolding ahead of me. His anger at me, his yelling about the waste, my embarrassment. But I could look at the menu notes while I waited for the new ones. I could hear the table number again. I could figure it out. “Okay.” “Next time look at them but use your tongue.”</p><p>THE MANAGERS MAINTAINED power by shifting things. They came into a server’s station and moved their dupe pad, moved their checks, rearranged the tickets on the bar. They pulled white wines out of the ice bucket, wiped them down, and reinserted them in a new pattern. They would pause you when you were running, obviously in a hurry, and ask you how you thought you were settling in. Simone maintained power by centrifugal force. When she moved, the restaurant was pulled as if by a tailwind. She led the servers by her ability to shift their focus - her own focus was a spotlight. Service unfolded in her parentheses.</p><p>“WHAT’S THAT bartender’s name again? The one who only talks to Simone?” I asked Sasha. I was casual about it. Sasha was a backwaiter. He was otherworldly beautiful: broad alien cheekbones, blue eyes, bee-stung, haughty lips. He could have been a model, except he was barely five foot four. His gaze was so cold, you knew he had been everyone: a rich man, a poor man, in love, abandoned, a murderer, and close to death. None of these states impressed him much. “That bartender? Jake.” He was Russian, and though he was clearly fluent in English, he didn’t bother to adhere to its rules. His accent was both elegant and comical. He rolled his eyes at me while he cut bread. “Okay, Pollyanna, let me tell you few truths. You’re too new.” “What does that mean?” “What you think it means? Jakey will eat you for dinner and spit you out. You even know what I’m speaking of? You’re not bouncing around after that.” I shrugged like I didn’t care and filled the bread baskets. “Besides. He’s mine. I’ll cut your fucking throat if you touch him and I’m not a joker.” “Silence in the kitchen! Pick up.”</p><h2 id="“Picking-Up-”"><a href="#“Picking-Up-”" class="headerlink" title="- “Picking Up!”"></a>- “Picking Up!”</h2><p>The kitchen was a riot of misshapen, ugly tomatoes. They smelled like the green insides of plants, like sap, like dirt. There were tomatoes of every color: yellow, green, orange, redpurple, mottled, striped, dotted. They were bursting. “Seaming” is what Chef called it, when the curves and indentations pulled apart from each other, but not completely, like parted lips. “Heirloom season,” Ariel sang out. She was also a backwaiter. She always had pounds of eyeliner on, even if it was the morning. She had bangs and dark-brown hair that she twisted up onto her head and held with chopsticks. She was still named Mean-Girl in my head because she wouldn’t speak to me during training, only pointed and gave exasperated sighs. But today she was passing out dripping bar mops to the line cooks from a bucket of ice water. They wrapped them around their heads like bandanas or slung them over the backs of their necks. That didn’t seem like something a Mean-Girl would do. In fact, I hadn’t seen anyone do something that compassionate with their bar mop stash. I heard from my own head, Our first tenet is to take care of each other. She handed me a bar mop. I put it on the back of my neck and it felt like rising out of a soggy cloud into clean air.</p><h2 id="“Pick-Up-”"><a href="#“Pick-Up-”" class="headerlink" title="“Pick Up.”"></a>“Pick Up.”</h2><p>“Picking up,” I said. I looked expectantly to the window but there were no plates lined up. Instead Scott, the young, tattooed sous chef, passed me a sliver of tomato. The insides were tie-dyed pink and red. “A Marvel-Striped from Blooming Hill Farm,” he said, as if I had asked him a question. I cupped it while it dripped. He pinched up flakes of sea salt from a plastic tub and flicked it on the slice. “When they’re like this don’t fuck with them. Just a little salt.” “Wow,” I said. And I meant it. I had never thought of a tomato as a fruit - the ones I had known were mostly white in the center and rock hard. But this was so luscious, so tart I thought it victorious. So - some tomatoes tasted like water, and some tasted like summer lightning.</p><p>“WHAT ARE HEIRLOOMS?” I asked Simone as I ran to get behind her in line for family meal. She had two white plates in her hand and I felt a shiver of expectation looking at that second plate. I noted how she made her own - a generous tongful of green salad and a cup of the vichyssoise. “Exciting, isn’t it? The season? They’re rare or unique breeds of plants and animals. Once all our tomatoes were like that. Before preservatives and supermarkets and this commercial food production hell we’re living in. Breeds evolved in places based on one evolutionary principle: they tasted better. The point is not longevity or flawlessness. All of our vegetables were biologically diverse, pungent with the nuances of their breed. They reflected their specific time and space - their terroir.” On the second plate she took the biggest pork chop on the bone, a scoop of the rice salad, and a wedge of gratin potatoes. She said, “Now everything tastes like nothing.”</p><p>THEY CONJOINED in my mind. It wasn’t that they were always together. Theirs was an oblique connection, not always direct. If I saw one, my eyes started to move, looking for the other. Simone was easy to find, ubiquitous, directing everyone - she seemed to have some sort of system where she divided her attention between the servers equally. But I had a harder time tracking him, his alliances, his rhythms. If they were in the restaurant together they had one eye on each other and I had one eye on them, trying to understand what I was seeing. It wasn’t like they were the only fascinating people at the restaurant. But they were an island if the rest of us were the continent - distant, inaccessible, picking up stray light.</p><h2 id="“Pick-Up-”-1"><a href="#“Pick-Up-”-1" class="headerlink" title="- “Pick Up.”"></a>- “Pick Up.”</h2><p>My eyes snapped open but I was the barista today, the kitchen was far away. Howard looked at me from the Micros terminal. He was waiting for me to make him a macchiato but I was overthinking it. I threw the first two shots away. “I’m hearing Chef scream, ‘Pick up’ in my sleep,” I said, swirling the warm milk. It was as glossy as new paint. “Punishing myself I guess.” “Thanatos - the death drive,” Howard said. He laid a napkin over his arm and inspected a bottle of wine on the service bar. “We fantasize about traumatizing events to maintain our equilibrium. Lovely.” He took the macchiato and smelled it before taking a sip. He regarded me. The other managers wore suits but somehow everyone in the restaurant always knew that Howard was the man in charge - as if his suits were cut from a finer fabric. “It’s compulsive but we actually find the painful repetition pleasurable.” He took another sip.</p><h2 id="“It-Doesn’T-Sound-Pleasurable-”"><a href="#“It-Doesn’T-Sound-Pleasurable-”" class="headerlink" title="“It Doesn’T Sound Pleasurable.”"></a>“It Doesn’T Sound Pleasurable.”</h2><p>“It’s how we self-soothe. How we maintain the illusion that we are in control of our lives. For example, you repeat ‘Pick up’ in hopes that the outcome each time will be different. And you are repeatedly embarrassed, are you not?” He waited for me to respond but I wouldn’t meet his eyes. “You are hoping to master the experience. The pain is what we know. It’s our barometer of reality. We never trust pleasure.” Every time Howard looked at me I felt bare. A coffee ticket printed up and I used it as an excuse to turn around. “Are you dreaming about work often?” he asked. It felt like he spoke it into my neck. “No.” I slammed a portafilter to empty it and I could feel him walk away. But I was. The dreams were tidal, consumptive, chaotic. Service played over in my head, but no one had faces. And I heard voices, layered on top of one another, a cacophony. Phrases would rise then evanesce: Behind You, Pick Up, To Your Right, To Your Left, Picking Up, Candles, Can You, Now, Toothpicks, Pick Up, Bar Mops, Now, Excuse Me, Picking Up. In my dreams these words were a code. I was blind and the directives were all I had to pick my way through the blackness. The syllables quaked and separated. I woke up talking: I couldn’t remember what I had been saying, only that I was driven to keep saying it.</p><p>TERROIR. I looked it up in <em>The World Atlas of Wine</em> in the manager’s office. The definition was people talking around it without identifying it. It seemed a bit far-fetched. That food had character, composed of the soil, the climate, the time of year. That you could taste that character. But still. An idea mystical enough to be highly seductive.</p><p>IGNORE HIM. That’s what I did. When Jake came into family meal late and took his seat next to Simone, when he pulled up on his bike outside the front window, when he called harshly out for bar mops,</p><h2 id="I-Looked-Away"><a href="#I-Looked-Away" class="headerlink" title="I Looked Away."></a>I Looked Away.</h2><p>But I started to hear things, all of it unverifiable and improbable. Jake was a musician, a poet, a carpenter. He had lived in Berlin, he had lived in Silver Lake, he had lived in Chinatown. He was halfway through a PhD on Kierkegaard. They called his apartment “the opium den.” He was bisexual, he slept with everyone, he slept with no one. He was an ex - heroin addict, he was sober, he was always a little drunk. He and Simone were not a couple though their magnetic, unconscious way of tracking each other seemed to indicate otherwise. I knew they were very old friends, and that she had gotten him the job. Some nights a cherubic strawberry blonde that Sasha called Nessa-Baby came and sat in front of Jake at the bar as service was winding down. He knew part of his job was to be looked at. He was a quiet bartender. There was a submissiveness to his beauty that was nearly feminine, a stillness that made one want to paint him. When he worked the bar he submitted. Women and men of all ages left business cards and phone numbers with their tips. Guests gave him gifts for no reason - that kind of beauty. If he rolled up his shirtsleeves, you could see the edges of tattoos that spoke to another private body he kept. It was the sight of his arm resting on the beer tap that changed me. The beer was acting up. The kegs were probably too new, not cold enough. Just foam, no beer. Jake let the foam pour while he talked to a guest. The drain was full of foam, it ran over to his feet, a spreading white pool. His sleeve was rolled up, the tendons of his forearm tensed from shaking cocktails. I remembered that static shock when I touched him. I felt the shock in my mouth. His inappropriate forearm and the foam cascading, his manner too casual, too condescending. “That’s a lot of beer to waste,” I said. My voice surprised me, ringing out over my vow of silence. He looked at me. Perhaps it was raining that night, a stifling tropical storm. Perhaps someone struck a match and held it to my cheek. Perhaps someone cleaved my life into before and after. He looked at me. And then he laughed. From that moment on he became unbearable to me.</p><h2 id="You-Will-Encounter-A-Fifth-Taste"><a href="#You-Will-Encounter-A-Fifth-Taste" class="headerlink" title="- You Will Encounter A Fifth Taste."></a>- You Will Encounter A Fifth Taste.</h2><p>Umami: uni, or sea urchin, anchovies, Parmesan, dry-aged beef with a casing of mold. It’s glutamate. Nothing is a mystery anymore. They make MSG to mimic it. It’s the taste of ripeness that’s about to ferment. Initially, it serves as a warning. But after a familiarity develops, after you learn its name, that precipice of rot becomes the only flavor worth pursuing, the only line worth testing.</p><h2 id="Iv"><a href="#Iv" class="headerlink" title="Iv"></a>Iv</h2><p>The sardines are insane tonight.</p><p>It’s true, Chef called him a faggot.</p><p>HR is freaking out. Have you been to Ssäm bar yet? No, the best Chinese is in Flushing. I’m playing a show Wednesday. Scott is on fire. I was obsessed with Chekhov. I’m obsessed with Campari right now. I need to get my cameras out again. I’m fairly well known in the experimental dance world. Table 43 is industry - Per Se? If one more bitch cuts me off to ask for Chardonnay— If one more person asks for steak sauce— What the fuck? Carson is in again - without the wife. That’s twice this week. Sometimes I think, Fuck the pooled house. I’m not jealous. Technically I texted first. But he responded. You don’t get it. I’m on day three - I feel great, high all the time. Will you water 24? Will you drop bread on 49? Move. Fuck off. Fuck you. It’s like the rude Olympics in here today. They’re just French. And after I took the LSAT, I was like wait, I don’t want to be a lawyer. I still paint sometimes. I just need space. And time. And money. It’s so hard in New York. Allergy on 61. It’s not really romantic. I’d fuck the mom. Does she come in drunk? It’s just lemon, maple syrup, and cayenne. It’s just Nicky’s martinis, never drink more than one. I just need representation. It’s like banging against a brick wall. I need soupspoons on 27. Chef wants to see you - now. I’m dropping soup now. What did I do? Fuck - the midcourse.</p><h2 id="“Pick-Up-”-2"><a href="#“Pick-Up-”-2" class="headerlink" title="- “Pick Up.”"></a>- “Pick Up.”</h2><p>The tickets came from a printer on Chef’s right. They flew into the air like an exclamation and fluttered down in a wave. He yelled: “Fire Gruyère. Fire tartare. Hold calamari. Hold two smokers.” From that code the cooks on the line went into action. Chef lined up the tickets, bouncing from foot to foot like a child who had to go to the bathroom. He was a small man from New Jersey but classically trained in France. He screamed anecdotes at the cooks, recalling “real” kitchens where chefs would slam you in the head with a copper pan if you couldn’t chop the parsley fine enough. Chef’s voice was too loud and he couldn’t really control it. The servers and managers were always complaining that you could hear him from the dining room. Everyone, even Scott, his number two, kept their eyes averted if he was on a tirade. The man paced the kitchen redfaced, primed for explosion. The line cooks were a blur of movement while essentially staying in one place. Everything was within arm’s reach in their stations. Sweat funneled off their eyelashes. There were open flames or salamanders at their backs and heat lamps in the pass at their front. They wiped the rim of each plate before passing it to Chef, who inspected it mercilessly, eager to find smudges of stray sauce or olive oil.</p><h2 id="“Pick-Up-”-3"><a href="#“Pick-Up-”-3" class="headerlink" title="“Pick Up!”"></a>“Pick Up!”</h2><p>“Picking up.” I was the food runner, I was next. I covered my hands with bar mops. The plates heated up like irons, I expected them to glow. “I heard you don’t know the oysters yet,” said Will, startling me. Will was Sergeant, the guy who’d been in charge of me on my first day. Even though I had my stripes now, he still seemed to think I was his project. “Jesus,” I said. “Everything is a lesson around here. It’s just dinner.” “You don’t get to say that yet.” “Pick! Up!” “Picking up,” I responded. “Pick up!” “Louder,” said Will, nudging me forward. “Picking up,” I said, harder, hands outstretched, ready. It was all one motion. The roasted half duck had been in the window for going on five minutes while it waited for the risotto, the plate baking. At first, as with all burns, I felt nothing. I reacted in anticipation. When the plate shattered and the duck thudded clumsily onto the mats, I cried out, pulling my hand to my chest, caving. Chef looked at me. He had never really seen me before. “Are you kidding me?” he asked. Quiet. All the line cooks, butchers, prep guys, pastry girls watched me. “I burned myself.” I held out my palm, already streaked with red, as proof.</p><p>“Are you <em>fucking</em> kidding me?” Louder. A rumbling, then quiet. Even the tickets stopped printing. “Where do you come from? What kind of bullshit TGI Fridays waitresses are they bringing in now? You think that’s a <em>burn</em>? Do you want me to call your mommy?”<br>“The plates are too hot,” I said. And then I couldn’t take it back. I stared at his feet, at the mess on the floor. I bent over to pick up the beautifully burnished duck. I thought he might hit me. I flinched, but held it out to him by its leg. “Are you retarded? Get out of my kitchen. Don’t even think about setting foot in here again. This is a church.” He slammed his hands on the stainless steel in front of him. “A fucking church!” His eyes went back to the board and he said, quiet again, “Refire, duck, refire risotto, on the fly, what the fuck are you looking at Travis, keep your eyes on your steak before you turn it to cardboard.” I set the duck on the counter next to the bread. The grating noise of tickets printing, of plates being thrown around, of pans hitting burners, it all throbbed with my hand. In the locker room I went to the sink and ran lukewarm water on it. The mark was already starting to disappear. I cried and continued crying while I changed out of my uniform. I sat on a chair and tried to calm down before I went back downstairs. Will opened the door. “I know,” I yelled. “I fucked up. I know.” “Let me see your hand.” He crouched next to me. I opened my palm and he put a bar mop filled with ice cubes into it. I started crying again. “You’re okay, doll.” He patted my shoulder. “Put your stripes on. You can work the dining room.” I nodded. I put on fresh mascara and went downstairs.</p><p>THE MEZZ WAS seven two-tops on a balcony over the back dining room. The stairs were narrow, steep, treacherous. “A lawsuit waiting to happen,” they told me. I took them one at a time, up and down, and still soups spilled onto rims, sauces slid. Heather was Debutante-Smile, and she got in trouble weekly for chewing gum on the floor. She was from Georgia, with a delicate southern accent. They told me she had the highest tip average, and everyone blamed the accent. I thought it might be the gum. “Sweetness”—she snapped her gum at me—“start the stairs with your left foot when you go down. Lean back.” I nodded. “I heard about Chef. It happens.” I nodded again. “You know, nobody is from here. We were all new. And like I always say, it’s just dinner.”</p><p>FROM A SECTION of the handbook I neglected to read: Workers were to receive one complimentary shift drink after they clocked out. Workers were also to receive one complimentary shift coffee per eight-hour shift. When this translated off the page, quantities increased, entitlement ran rampant. But I didn’t know that yet. They wound us up, they wound us down.</p><p>“TAKE A SEAT, new girl.” Nicky was definitely talking to me. I had just clocked out and changed. I was cracking my wrists and heading toward the exit. It was still a touch early. Cooks were plastic-wrapping the kitchen, servers swiping the final credit cards and waiting in the hutches. The dishwashers piled trash bags at the exit of the kitchen. I saw them peeking out, trembling like sprinters, waiting for the signal that they could take the bags to the curb and go home. “Where?” “At the bar.” He wiped down a spot. Nicky was Clark-Kent-Glasses. He was the first bartender they hired, and they said he’d be there until they shuttered the place. His glasses were often crooked, and at odds with the crookedness of his bow tie. He met his wife at the bar ten years earlier and she still came in and sat in the very same seat on Fridays. I heard he had three kids, but I couldn’t really comprehend it, he seemed half child himself. He had an unpretentiousness and a Long Island accent that had been drawing people to the bar for decades. “You want me to sit like a regular person?” “Like a regular old person. What do you want to drink?” “Um.” I wanted to ask how much a beer cost, I had no idea. “It’s your shift drink. A little thank-you from the Owner at the end of the night.” He shook the amber, watery remains from a cocktail shaker into his glass. “Or a big thank-you. What do you like?” “White wine sounds all right.” I climbed onto a stool. Earlier in the night, midrush, Nicky had asked me if I had any common sense. I thought about it all night. I had no idea what to say to him, especially now that I was stripeless, except, Yes. I think I do have common sense. “Yeah? Nothing particular?” “I’m easy.” “That’s what I like to hear from my backwaiters.” I blushed. “Boxler?” he asked, and poured me a taste. I lifted it to my nose and nodded. I was too nervous to actually smell it. He poured me a glass, and I watched as he left his hand there, the wine surging past the pour line we used for guests. The glass now seemed a goblet. “You did better tonight,” said a voice behind me. Will jumped up onto the bar stool next to me. “Thank you.” I sipped my wine before I could undo the compliment. The Albert Boxler Riesling, not from Germany, but from Alsace, one of the high-end pours at twenty-six dollars a glass. And I was drinking it. Nicky had served it to me. To thank me. I rolled it through my mouth the way Simone had taught me, pursing my lips and cupping my tongue and almost making an inward whistle. I thought it would be sweet. I thought I tasted honey, or something like peaches. But then it was so dry it felt like someone had pierced me. My mouth watered and I sipped again. “It’s not sweet,” I said out loud to Nicky and Will. They laughed. “This is nice,” I said. An hour ago these were incredibly privileged seats, occupied by the kind of people who spent thirty dollars on an ounce of Calvados. Will had changed his tone with me since my burn. He was careful, or perhaps protective. I thought maybe he wanted to be my friend. He wouldn’t make a terrible first friend. He wore a khaki shirt, reminiscent of safaris. He had a long arrowhead nose and bovine brown eyes. He spoke rapidly, nearly slurring. Those first trails I thought it was because he was in a hurry. Now I saw that he didn’t want to show his teeth. They were square and yellowed, and the front left one was cracked.</p><h2 id="He-Pulled-Out-A-Cigarette-“Are-We-All-Clear-”"><a href="#He-Pulled-Out-A-Cigarette-“Are-We-All-Clear-”" class="headerlink" title="He Pulled Out A Cigarette. “Are We All Clear?”"></a>He Pulled Out A Cigarette. “Are We All Clear?”</h2><p>“Yes, sir.” Nicky slid him a bread-and-butter plate. I panicked when Will lit up - I barely had memories of a time when you could smoke inside restaurants. He asked if I wanted one. I shook my head. I glued my eyes to the back bar, pretending to be absorbed in the memorization of the Cognac bottles. The two of them traded incomprehensible insults about two baseball teams from the same place. “You say hi to Jonny tonight?” Nicky polished glasses from a neverending pile on the bar. They were stationed like soldiers that progressed to the front only to be replaced by more in the back. “He was here? I missed him.” “He was next to Sid and Lisa.” “Christ, those two. I stayed as far away as possible. Remember that Venice-is-an-island argument?” “I thought he was going to hit her that night.” “If I was married to that, I’d do worse than hit her.” I kept an impassive face. They must be talking about their friends. “What are you drinking, Billy Bob?” “Can I get a hit of Fernet while I think about it?” “This. Is. It,” said Ariel, slamming the glass racks down on the corner of the bar. The glasses jangled like bells and her hair flew up. “You’ve got your hair down already?” Nicky asked. His voice was harsh but his eyes playful. “Come on, Nick, please, I’m done, you know I’m done. Don’t I look done?” She ran her fingers through her long hair, scratching at the scalp like she was trying to undo a wig. She flipped her hair to one side and leaned over the bar, feet coming off the ground. “Come on Nick, snip, snip.” She made a scissors motion with her fingers. Ariel looked like trouble with her hair down. She had gone from quirky to something from the underworld, her hair well past her breasts, kinky from being knotted up all night. Her bangs were flat on her forehead and slashes of liquid eyeliner that once had swung rebelliously away from her lids were now smudged and battered. During services Ariel worked with the energy of a bird, through a series of chirps, clicking noises, phrases half sung. She became frantic easily and recovered just as easily, whistling. “Okay, you’re cut, Ari. But I do need two bottles of Rittenhouse and one bottle of Fernet.”<br>“ ‘Kay, I’ll bring the rye but homeboy here can get his own Fernet.”<br>She eyed Will’s glass, which had a black liquor in it, reeking of oversteeped tea and bubble gum. “You drink it, you stock it.” “Fuck off, Ari.” Will exhaled smoke toward her. “Fuck you, darling.” She flounced away. Will shot back his drink. “What’s that?” I asked. “Medicine.” He burped. “It’s for the end of a meal. Incredible… curative properties for the digestive tract.” He reached over the bar and started to fill a water glass with beer. Nicky stopped working and watched. “I just fucking cleaned that, Will, if you spill one fucking drop…” The beer shook in Will’s hand, and the head rose an inch out of the glass. A hush. It kept rising but didn’t spill. “I’m a pro,” Will said. “Misery,” said Ariel. She put two bottles of rye on the bar and pulled out the stool on the other side of Will. She was in a black slip, or maybe she thought it was a dress. Her bra was neon yellow like a traffic sign saying Proceed with Caution. “Hm…what is open?” She tucked her legs under her and reached into the speed rack behind the bar. “Can you animals get off my bar? I’m trying to clean.” “Is that Gigondas still good? When did we open it?” “Two nights.” “Pushing it.” “Worth considering.” Nicky put up a glass and a black bottle with an insignia at the top and went back to his cleaning. “Self-service tonight? You poured for the new girl.” “Ariel, I’m not fucking around, you barely stocked. She doesn’t even know her head from her asshole yet and I think she could have done a better job. You’ve put me back twenty minutes.” “It looks like you picked the wrong night to be bartender, old man.” Ariel emptied the wine into her glass, smelled it, and flipped open her cell phone. If Nicky had spoken to me like that I would be flattened. But nothing happened. There wasn’t even residual tension. Nicky yelled, All clear, into the kitchen and the porters sprang from behind the doors. They ran bags down the line behind the bar, an endless caravan of black bags to the curb. They propped the door open and the hot, dark air rushed in, as sticky as fingers running over my face. Misery. I drank my Riesling. Medicine. “It’s been really hot,” I said. Nobody responded. “Summer,” I said. Droning came in from the streets, then a rustling. For a second I thought it was the claustrophobic noise of the cicadas from my childhood. Or the wind bending branches. Or the moans of cows in fields. But it was cars. I wasn’t used to it yet - the elimination of nature, the brimming whine of overheating machinery. I shifted a little toward Will, wanting to seem open in case anyone talked to me. Will and Ariel were on their phones and Nicky was cursing to himself behind the bar. I thought about taking my phone out. It was new. I had left my old one on my dresser back home. I wondered what my father had done with it, with the boxes of books. Though I was also fairly certain he hadn’t opened the door to my room. When I got my new phone, the area code felt like a badge: 917. I dutifully copied everyone’s contact information into it. But I didn’t have missed calls or messages. No one even asked me to cover shifts yet. “I don’t have an air conditioner,” I said. “Really?” Will shut his phone and turned to me. “Seriously?” “They’re expensive.” “Misery,” Ariel interjected. She leaned around Will and looked at me inquisitively. “What do you do?” “Oh, I have big windows and a fan. When it’s really bad, like that stretch last week, I take cold showers to get the sweat—“<br>“No,” she said. Her eyes said, You fucking idiot. “What do you do?</p><p>In the city. Are you trying to be something?”<br>“Yes,” I said. “I’m <em>trying</em> to be a backwaiter.”<br>She laughed. I made Ariel laugh. “Yeah, after that the sky’s the limit.”</p><h2 id="“What-Do-You-Do-”"><a href="#“What-Do-You-Do-”" class="headerlink" title="“What Do You Do?”"></a>“What Do You Do?”</h2><p>“I do everything. I sing. I write music. I have a band. Willy here is trying to make a film. A claymation version of <em>À Bout de Souffle.</em>“<br>“Okay, that was one idea, it’s not the worst idea.” “No, it’s very admirable, a week of sculpting clay to get the right look of boredom—“ “Ariel, I can’t be offended that you don’t understand anything about art. I blame first, your gender, second, the system—“ “Honestly though, Will, tell us the truth. You’re just masturbating, right? In that little dark room with your clay Jean Seberg?” Will sighed. “I will admit, it’s hard not to.” He turned to me. “I actually am working on something else. I’m writing a feature—“ “The comic-book one? The hero’s journey? The exploration and reaffirmation of the patriarchal narrative?” “Ariel, do you ever shut the fuck up?” She smiled and rested a hand on his shoulder. She picked up her glass of wine and was about to sip when she said, “Oops,” and turned to us. “Cheers,” she said gravely. “Cheers.” “No, in the eyes, new girl.” “Look her in the eyes,” Will said, “or she’ll put a hex on your family.” I looked in her blackened eyes and said cheers like it was an incantation. Our three glasses touched and I pulled a mouthful of wine. The joints in my spine softened, like butter going to room temperature.</p><h2 id="Then-Three-Things-Happened-Seemingly-At-Once"><a href="#Then-Three-Things-Happened-Seemingly-At-Once" class="headerlink" title="- Then Three Things Happened, Seemingly At Once."></a>- Then Three Things Happened, Seemingly At Once.</h2><p>First, the music changed. Lou Reed came over the speakers like a mumbling, beloved poet-uncle. “You know I saw him once at the Gramercy Park Hotel - have you seen what they fucking did over there? That, my friends, is a rotten omen if ever there was one. So anyway, I’m sitting there and it’s like, Lou-fucking-Reed, and I’m thinking, Thank you for teaching me how to be human, you know?” I tried to keep listening. I nodded when Ariel looked at me. But the song was as intimate as a faucet dripping in the night. Next, the bar stools filled. The cooks, the closing servers, the dishwashers, all out of their uniforms now, commandeered them. Everyone looked sloppy and criminal without their stripes. To see the scarred hands of the cooks against rumpled polos or old heavymetal T-shirts, you wondered what it would be like to see one of them on a subway, without knowing they had a secret authoritative</p><h2 id="Life-In-Whites"><a href="#Life-In-Whites" class="headerlink" title="Life In Whites."></a>Life In Whites.</h2><p>Simone walked down the line, her hair untied. I tried to catch her eye but she went to the far end of the bar with Heather, and who I now understood to be Heather’s boyfriend, Parker, the man who’d initiated me on the coffee machine. Simone didn’t look like a statue of herself anymore. She wore plain leather sandals and she swung one off her foot once she crossed her legs. And finally, Chef banged out of the kitchen with a baseball cap and a backpack on. All his rage had melted away, leaving a man who looked like a dad on his way to a minivan. Everyone said, Good night, Chef, in a forceful singsong. He waved without looking. He barreled through and exited the building.</p><p>A CURTAIN CAME DOWN as Nicky reappeared behind the bar in a white undershirt and turned the lights up. The restaurant where I worked turned into a social club after hours. The bartenders weren’t performing bartender anymore. They were mixing drinks with playful proportions. The cooks weren’t looking over their shoulders for Chef, or walking numbly into hot pan handles. They were rolling joints, giggling, punching each other. The servers were stretching their arms and shoulders, comparing knots in their necks, stirring drinks with a finger, while complaining in one long, loving torrent about Howard, Zoe, dissecting the guests with a tone of passive contempt. I started to be able to tell when they were talking about regulars, because they would all want to outdo each other, demonstrating that they were the favorite. Too dazzled to contribute, I watched them. It was the duality of everyone that floored me. Simone with her simple softness, her tired eyes. Will and Ariel snipping at each other. The talking got louder as the drinks receded. I kept looking at the open door, thinking a stranger would walk in and want a drink, or that the Owner would decide to pass down Sixteenth Street on his way home from an event and catch us and call the police. I’m new, I’m blameless, I would say with hands up. No one else seemed concerned. It made me wonder who really owned the restaurant. “Black Bear?” Scott yelled down the bar to Ariel. “No, Park Bar. Sasha just texted, he has a corner.” “No más Park Bar,” he said. Jared and Jeff, two of his line cooks, started laughing. “No you did not fuck the new one - Vivian?” “Vivian!” they shouted. They raised their glasses. “Full of shit,” Ariel yelled. She turned to me and said, “Fuck. I thought she was gay.” “Too slow, Ari,” said Will. “Oh we’ll see about that.” She put her hand on top of mine and said into my eyes, “They always start off straight. That’s part of the fun.” I laughed. Petrified. “What time is it?” I asked. A wall of exhaustion hit me with the drinks. It seemed to be a good moment to excuse myself. I didn’t know who was going to clean this all up so the restaurant would be blank and sterile for the morning. When I looked down the line I saw Simone. She was texting and I thought, It’s too late for her to be texting. That was when I first realized she was older. An image of him hit me in the back of my throat, just from habit. Who did Jake turn into when they turned the lights up? The shift drink - the first liminal space between work and my apartment, a space that I could project onto for hours, a space of inevitability where I would catch up with him eventually. “It isn’t two yet,” Ariel said. As if something switched at two. “Do you do this every night?” “Do what?” I nodded toward my glass of Boxler that refilled itself every time my eyes were averted. To the half-empty wine bottles that lined the bar for consumption. To Nicky eating cocktail olives while he and Scott told each other to fuck their mothers. To Lou’s gravelly serenade coasting down on us through a film of smoke. To the row of us, unkempt, glassy and damp, sweating drinks in our hands. “This?” Ariel waved away the smoke in front of my face, waved it away like it was nothing. “We’re just having our shift drink.” WHEN I STARTED they told me, You have no experience. New York experience is all that counts. Well, I had a little now. A structure presented itself to me, like the grid of the city. There was the GM, there were managers. There were senior servers, servers, backwaiters. The backwaiters originally functioned as a holding pen where aspiring servers awaited transcendence, but there was so little internal movement, most of them seemed contented where they were. I had Heather to thank for my position - she had talked a reluctant Parker into serving after six years of backwaiting. That’s the only reason I existed. The backwaiter had three kinds of shifts: food running (the carrying of plates), dining room backwaiter (the busing and resetting of tables), and beverage running (assisting with the drinks), which included a fair amount of barista work. I noticed that even though we rotated the shifts, people showed an affinity for one area and developed a schedule around it. Will was an excellent food runner, with his Yes-Chef-No-Chef military mentality, his eyes-to-ground focus. So while he was a backwaiter, he also had some loyalties in the kitchen, which he exhibited in several annoying ways, such as partaking in kitchen beer, and complaining about “FOH” as if he weren’t one of the front of house. Ariel loved the freedom of being dining room backwaiter. She waltzed around, picking up a few plates, topping off a few waters, polishing a few knives and nudging them into place on the newly set table with first a look of pinched frustration, and then placidity when it came together. And while this wasn’t true of all backwaiters, Ariel was generally trusted to talk to the guests. If the rest of us so much as said “Hello” to a table, a scolding was sure to follow. Sasha was too good at his job to stay still. He got bored easily. If you put him in the kitchen, he could run your plates, drop off ice at the bar, and bus two tables on his way back in - all in the same amount of time it took me to find position 3 at table 31. It worked against him - I saw Ariel, Will, even the servers slack when they were on with him. Which left me. For several reasons I gravitated toward the bar.</p><p>First, because I noticed that there was a spot open to be the beverage runner. Second, because I had an aptitude for beverage running, cultivated over many years making hearts in mediocre lattes. The third reason was that it was a chance to get away from Chef in the kitchen. The fourth, or first, or only reason was that Jake was a bartender. I assisted the servers in delivering their drinks to tables. I assisted the bartenders in keeping their bar stocked. I brought up crates of wine and beer, buckets of ice, ran the glass racks, the bar bus tubs, polished the glasses. If you were slow, the drinks were slow, and if the drinks were slow, the turn times lagged and we made less money. And then, about an hour and a half into each turn, the first espresso ticket would print. And then I was under it for the next thirty minutes. At the end of the night the bartender made a stocking list and I put the whole thing back together again. Some people dreaded beverage running because it was a pure shit show for most of the night - you got hit with the drinks on the initial rush and the coffee on the tail end. Yes, my neck, my hands, my legs hurt. I loved it. There was only one problem with my new position. The manual labor, the coffee - fine, that was the forty-nine percent of it. The fifty-one percent of beverage running was wine knowledge.</p><p>“APPETITE IS NOT a symptom,” Simone said when I complained of being hungry. “It cannot be cured. It’s a state of being, and like most, has its attendant moral consequences.” THE FIRST OYSTER WAS a cold lozenge to push past, to push down, to take behind the taste buds in the back hollow of the throat. Nobody had to tell me this - I was the oyster virgin, my fear told me what to do when the small wet stone came into my mouth. “Wellfleet,” someone said. “No, too small.” “PEI.” “Yeah, some cream.” “But so briny.” Briny. PEI. A code. I took a second oyster in my hand, inspected it. The shell was sharp, sculptural, a container naturally molded to its contents, like skin. The oyster flinched. I suspended it on my tongue this time. Briny means salty. It means made by the ocean, it means breathing seawater. Metallic, musky, kelp. My mouth like a fishing wharf. Jake was on his third, flipping the shells over onto the ice. Swallow, now. “I’m going West Coast, it’s too creamy,” someone said. “But clean.” “Kumamotos. Washington, right?” he said. “He’s right,” said Zoe, smiling like a fool for him. I wrote it down. I heard him say, “Do you like them?” I was sure he was talking to me but I pretended to be confused. Me? Do I like them? I had no idea. I took gulps of water. The taste stayed. In the locker room I brushed my teeth twice, stuck my tongue out to the mirror, wondering when the residue would go away. THAT SUNDAY AFTERNOON I was positive Mrs. Neely was dead, that she had died at table 13. I stayed away but kept her in my vision until another server went and revived her. She asked for more sherry for her soup. A shot glass for her soup, a glassful for herself. She was nearing ninety, born and still living in Harlem. She took the bus down to Union Square every Sunday in stockings, high heels, and a hat. She had a burgundy pillbox with silk flowers, and a cornflower-blue fascinator edged in lace. She had been a Rockette at Radio City Music Hall. “That’s why I still have these legs,” she said, pulling her skirt up to her thighs. “I dined at Le Pavillon. Henri Soulé, that bastard, he ran the door like a dictator. But I went, everyone went. Even the Kennedys went. Child, you don’t remember. But I remember. They really cooked your food back then. Where’s the cream, I say. The butter, the green beans, honey, you didn’t even need to chew.” “I wish I could have been there,” I said. “The haute cuisine, it’s done, it’s dead. Al dente. That’s what they do now.” She paused and looked around the table. “Did my soup come?” “Um. Yes.” I had cleared it myself ten minutes ago. “Now, I haven’t had my soup yet. I need my soup.” “Mrs. Neely,” I whispered stupidly, “you already had the soup.” Suddenly Simone was beside me, sweeping away my inefficiencies, making me irrelevant. I drew back as Mrs. Neely narrowed in on Simone. “Tell the chef I’d like my soup now.” “Absolutely, Mrs. Neely. May I bring you anything else?” “Oh you look tired. I think you would do to drink a little old wine. Some good old wine, like some sherry.” Simone laughed, her cheeks colored. “I think that’s exactly what I need.”</p><p>PARTLY IN THE HANDBOOK, but mostly just understood: You could sleep with anyone, except those above you. You couldn’t sleep with anyone on salary. Anyone that could hire or fire you. You could sleep with anyone on your level. All the hourlies. Anything slightly more romantic than sex had to be disclosed to Howard, but the sex passed freely below the surface. I asked Heather about her and Parker. She wore a small vintage engagement ring - his grandmother’s - but they hadn’t set a date yet. “Parker? Oh, I remember my first trail, seeing him from down the bar, and I said, Oh lord, look at Trouble. We were both betrothed to other people. He was engaged to - I’m not kidding - a Debbie Sugarbaker from Jackson, Mississippi, a lawyer-something, plain as white bread. Don’t you ever tell him I told you. Once we started talking, I thought, Here we go. My real life is coming for me, gunning at me like a train.” “Wow,” I said. My life, my train. “This place is a love shack, darlin’. Try to keep your panties on.”</p><p>THE INTERIOR OF Park Bar was dark and the decorations minimal. But watching over us, high up near the ceiling, was a huge reproduction of a painting that felt familiar. I told them I’d seen it before but that might have been a lie. Two boxers in a ring, midconflict, midinjury. Action everywhere, blows landing, receding. Except the faces. The two boxers’ faces were blurred together, one solid mass. Will had finally asked me to join them for a post-shift-drink drink, or Shift Drink Part Two. I hung close to him while Nicky locked up the restaurant. People said their good-byes, discussed which trains were running, flagged down cabs. I remembered Ariel’s voice daring me—“It isn’t two yet”—and I checked my phone: 2:15 a.m. They headed into the parking garage across the street from us. Oh do you have a car? I asked. Will said, No, we’re going to Park Bar. Ariel hummed into the echo. We walked farther underground. Rubber soles on cement, oil stains, gasoline fumes. The guard waved to Will. We ascended and we were on Fifteenth Street under a huge litup sign that said PARK. And there was, indeed, a bar. No one asked me if I did coke. Ariel asked me if I wanted a treat and I said sure. <em>I had done it</em> seemed to be the same as <em>I do it.</em> I<br>caught the subtext that everyone did a little bit of coke and nobody had a problem. If I had any inclination to think about it the noise in Park Bar ran right over it. It was crowded and Will and Ariel knew everyone. Scott and the cooks held up a table in the corner. I recognized some of the prep guys. We moved toward the table and I set my purse by them just like Ariel. I saw people that had been cut earlier, people who worked the a.m. Ariel pointed to different tables and said, “Blue Water, Gotham, Gramercy, some retards from Babbo, and so on.” I nodded. Will held on to my elbow as we made our way to the bar, where Sasha sat next to a Dominican man with huge diamond stud earrings. “Oh look who finally graced us from her present!” Sasha said, and shocked me by kissing me on both cheeks. The other man introduced himself as “Carlos-at-your-service.” He was a busboy at Blue Water Grill and he sold drugs to every server within a tenblock radius. The line for the bathroom ran in humid pairs, some ear-piercingly loud, some whispering as they waited. It wound around the room. After two sips of my beer, Ariel took my hand and we joined the line. When our turn came, we shut a flimsy door, hooked it, and locked the handle. She dipped a key into a small plastic bag and handed it to me. Someone banged on the door. “Wait your fucking turn motherfucker!” she screamed. She dug the key around and took a bump herself. “What do you think of Vivian?” “The one Scott was talking about?” “Don’t listen to him. He’s lying, they’re all fucking homophobes.” “She’s pretty,” I said. “She has great tits? I don’t know. I don’t feel anything. Can I have some more?” Ariel handed me the bag and I<br>pyramided up the powder. “Are you gay gay or just half gay?”<br>“Jesus, you’re something. Where do you come from? Okay, stick this in your mouth.” She stuck the key in my mouth like a pacifier. It tasted like battery acid and salt. “You good babe? How do I look? Torrid? Like a natural disaster?” She ruffled her hair up like she’d been in an electrical storm. I nodded. She kissed me on the forehead, and where she kissed tightened, first in my skin, then in my skull, then in my brain. A saccharine, sentimental drip ran down my throat, and I was blinded by how stupid I had been not to see that everything was absolutely, one hundred percent going to be okay.</p><p>The boxers panted furiously above my head, I could hear them: let me go, let me go. They put on <em>Abbey Road</em> and I wanted to tell everyone at the bar about how for my sixth birthday I knew I wouldn’t have a party because my father didn’t believe in birthdays but I stole two pastel Hallmark invitations from the grocery store by slipping them into the back of my jeans and I used all my colored pencils to decorate them and addressed one to John Lennon and one to my mother, asking them to please come to my house for tea on my birthday, and the night before my birthday I put them in the empty planter next to the front door and I went inside and I prayed on my knees next to my bed and I begged God to come and deliver the invitations to John Lennon and my mother, I promised him I would never cry again, I would always finish my dinner, and I wouldn’t even ask for another birthday for the rest of my life, and I went to bed holding an unendurable, trembling joy in my arms, thanking God for his hard work tracking the two of them down, thanking him for knowing how badly I needed them, and when I woke in the morning and the cards were in the planter, wet and mushy, I threw them away and I didn’t cry in front of my father, but later in school I started crying at my desk and couldn’t stop and they sent me to the nurse and I told her I knew that God didn’t exist and they called my father to come pick me up, and I heard the nurse arguing with him and then she said to him, exasperated, “Do you know that today is her birthday?” Instead I said, my voice coming out of me with brusque clarity: “On certain days, I forget why I came here.” They nodded empathetically. “Do I need to <em>justify</em> myself all the time? Justify myself for being alive and wanting more?” They introduced me to Terry, who bartered free drinks for free bumps. He was pushing forty, his hair balding from the top down so it was still long on the bottom, and he tucked it obsessively behind his ears. He raged like a bull in a pen back there, flirting, singing, snapping at the bar back. When I was introduced he pointed to his cheek so I kissed him and he gave me a beer. He said, “On this day in 1864, General Grant surveyed General Lee’s army and knew he was sending his men to their deaths. He told his soldiers, There will be no surrender, gentlemen. And we think we have it rough.” I thought, Is that even true? But instead I said, “At least they had something to fight for.” He shrugged. “I may have made some bad life choices. Who can tell?” A dagger of morning prowled outside the open windows. The air revived itself, my bones braced like something new was coming. We reentered the line for the bathroom, passing the bag between our back pockets, our hands lingering longer, a feeling of clouds, ominous, pads of melancholy on our fingertips, impending headaches….Mundane, yes, but thrilling to me, all of it.</p><p>“ALL RIGHT. What is Sancerre?” Simone’s brown eyes, serpentine. “Sauvignon Blanc,” I answered, my hands crossed in front of me on the table.</p><p>“What is <em>Sancerre</em>?”<br>“Sancerre…” I shut my eyes. “Look at France,” she whispered. “Wine starts with the map.” “It’s an appellation in the Loire Valley. They are famous for Sauvignon Blanc.” “More. Put the pieces together. What is it?” “It’s misunderstood.”</p><h2 id="“Why-”-1"><a href="#“Why-”-1" class="headerlink" title="“Why?”"></a>“Why?”</h2><p>“Because people think Sauvignon Blanc is fruity.” “It is not fruity?” “No, it is. It’s fruity, right? But it’s also not? And people think you can grow it anywhere, but you can’t. Popularity is a mixed blessing?”</p><h2 id="“Continue-”"><a href="#“Continue-”" class="headerlink" title="“Continue.”"></a>“Continue.”</h2><p>“The Loire is at the top. It’s colder.” She nodded and I continued. “And Sauvignon Blanc likes that it’s cold.” “Colder climates mean a longer growing season. When the grape takes a longer time to ripen.” “It is more delicate. And has more minerality. It’s like Sancerre is the grape’s true home?” I waited for affirmation or correction. I did not know half of what I’d said. I think she pitied me, but I received a grim smile and, finally, a half glass of Sancerre.</p><p>AFTER SERVICE the dishwashers rolled up the sticky bar mats and the smell of rot rose from the blackened grout in the tiles. The kitchen was a hollow amphitheater of stainless steel, still, but holding the aftereffects of the fires and banging and shouting. The kitchen boys were scrubbing every surface, rubbing out the night. Two servers sat on the lowboy, eating pickled red onions from a metal tin. Leftover ice cream sat on the bread station, turning to soup. “Hey, new girl, I’m in here.” Me? Jake was in the doorway of a walk-in. He had a cup full of lemon wedges in his hand. His apron was streaked with wine, his shirtsleeves were rolled high and I could see his veins. “Are you allowed to be in there?” What I meant is, Do you ever think about me the way I think about you? “Did you like them? The oysters?”<br>When he said the word <em>oysters,</em> their flavor flamed on my tongue, as if it had been lying dormant. “Yes. I think I do.” “Come in here.” His tattoos showed themselves as he pressed the door open wider. I passed under his arm, looking back to make sure Simone wasn’t watching. I had never been in any space alone with him. “Are we going to get locked in?” What I meant is, I’m scared. Inside there were two open beers, the Schneider Weisse Aventinus, a bottle I’d pulled for the bar but never tasted. The beers were propped against a cardboard box labeled Greens but filled with littleneck clams. We were in the seafood closet. Crimson tuna fillets, marbled salmon sides, snowy cod. The air nipped at my skin, smelling like the barest trace of the sea. “What’s that tattoo?” I asked, pointing to his biceps. He pulled his sleeve down. Jake dug through a wooden crate labeled with masking tape, Kumamotos. He pulled out two tiny rocks, discarded the debris that clung to the outside. A strand of seaweed stuck to his pants. “They look so filthy,” I whispered. “They’re a secret. Quite a leap of faith.” His voice was quiet with the motor of the fridge, and I involuntarily shivered and moved toward him. He pulled a blunt knife out of his pocket and wedged the tip into an invisible crack. Two switches of his wrist and it was open. “Where did you learn to do that?” He pinched a lemon over it and said, “Take it quickly.” I flipped the shell back. I was prepared for the brininess. For the softness of it. For the rigidity and strangeness of the ritual. Adrenalized, fiercely private. I panted slightly and opened my eyes. Jake was looking at me and said, “They’re perfect.” He handed me the beer. It was nearly black, persuasive as chocolate, weighty. The finish was cream, it matched the oyster’s creaminess. The sensory conspiracy made the blood rush to my head, made my skin break out in goose bumps. Ignore him. Look away. I looked at him. “Can I have another?”</p><p>IN BED I could feel the pain in my back diffusing into the mattress. I touched my neck, my shoulder, my biceps. I could feel where my body had changed. I clicked on my cell phone: 4:47 a.m. The black air wouldn’t move, it wouldn’t shift in or out the window. The heat was an adhesive - even the fan couldn’t disrupt it. I went to the bathroom and saw my shirtless roommate passed out on the couch. His chest was slick with sweat and he was snoring. He had an air conditioner blasting away in his room. Some people were morons. The bathroom was a narrow room of tiny brown tiles, brown grout and brown, moldy ceiling corners. I turned the shower on to cold and stepped in and out of it, gasping and sighing, until my skin was stiff. I put my towel on top of my sheets and lay down sopping wet. The heat landed again like tiny gnats on my skin. I touched my abdomen, my thighs. I was getting stronger. I touched myself and I felt like stone. I saw Jake in the locker room dropping his pants, his tattered boxers, his pale legs. I thought about the sweat on his arms, of how violently he shook the cocktail shaker, of the sweat adhering his white T-shirt to him the day I first saw him. And when I tried to picture his face it was blank. It had no features except eyes. It didn’t matter. I came abruptly and gratefully. My body shone in the distressed streetlight. I was used to being alone. But I’d never been aware of so many other people, also alone. I knew that all over the south side of Williamsburg people were staring at their ceilings, praying for a breeze to come and cure them, and like that I lost myself. I evaporated.</p><h2 id="Vi-You-Burned-Yourself-You-Burned-Yourself-By-Participating"><a href="#Vi-You-Burned-Yourself-You-Burned-Yourself-By-Participating" class="headerlink" title="Vi You Burned Yourself. You Burned Yourself By Participating."></a>Vi You Burned Yourself. You Burned Yourself By Participating.</h2><p>On the wineglasses that came out in gushes of steam, on the espresso machine’s milk-scum-covered steamer wand, on the leaky hot-water faucet of the bar sink, on the china plates searing themselves in the heat lamps at the pass. On the webbings of hands, on your fingertips, on your wrists, your inner elbows, strangely right above your outer elbow. You were restocking printer tape and had to move behind Chef, but caught your skin on the handle of a copper saucepan. You yelled, it spun and fell to the floor. Chef sent you out of the kitchen and you reset tables for the rest of lunch. The burns healed and your skin was boiled. Knicks in your knuckles from tearing the foil unprofessionally from wine bottles. Scott said, “The skin gets so tough, even a knife won’t scratch it.” He grabbed a plate out of the salamander with his hands to really illustrate the point.</p><p>BY THE TIME we waddled up to the bar it was well past midnight and we were as tattered as the dining room floor. It had been a hard one. The dishwasher broke in the middle of service and two of us were pulled to hand wash the glasses in scalding water. Then the air conditioners, usually mediocre at best, bottomed out. The technicians arrived as we sat down for our shift drinks. They propped open the door and we all looked wistfully at the street. No change in temperature arrived.</p><p>Nicky let the backwaiters have gin and tonics as rewards. My fingers were thoroughly poached, the muscle between my thumb and index finger throbbing from polishing. I didn’t even have the energy to contemplate sitting next to Jake and Simone. I took my stool next to Will wearily. An empty bottle of Hendrick’s stood on the bar like a mascot. Walter sat on the other side of me. We had never overlapped. He was a large, elegant man in his fifties with a chic gap between his front teeth. He looked as tired as I felt, the lines around his eyes amplifying with each exhale. He asked how I was settling in and we made small talk. But when I told him I lived in Williamsburg, he grunted. “I lived there,” he said. “You? With all the dead-eyed slouchers?” “In the late eighties - were you born then? Six years. God it was appalling. And look at it now. The trains used to stop running. Some nights we walked the tracks.” “Ha!” Nicky slapped the bar. “I forgot about that.” “It was a straight shot, the quickest way.” Walter finished his drink and pushed it toward Nicky. “Can I get a scooch for this story?” “We had the whole building,” Walter said as Nicky emptied out a bottle of Montepulciano into his glass. “Three floors. My share was $550, which was not a little bit of money. I was with Walden… Walden and Walter of Williamsburg. We thought that was cute. Walden needed space for his paintings, they - well.” He looked at me. “Even you have probably seen them. The canvas itself took up a wall. He built them indoors and we broke them down to get them back out. And then his collage phase began in earnest. One of the floors we kept as a junk shop. Car fenders, defunct lamps, chicken coop wiring, boxes of photographs.” Walter chuckled softly into his wine. “This was so long ago, before his, what do they call it?” Everyone at the bar was listening with their heads down, except Simone, who watched him patiently. “His materialist phase,” she said. “Ah, Simone remembers! If you ever forget something about your story, Simone will remember.” They looked at each other, not unkindly. “They called it his coup d’état. The beginning of his love affair with Larry Gagosian. Me-te-or-ic. And all the Williamsburg stuff, now I suppose it’s technically his juvenilia, worth millions. He dicked around with garbage and I sang opera in the bathtub.” “I miss your singing,” Simone said. “The third-floor skylight was missing. When it rained it was like the Pantheon, a column of water and light in the middle of the room. The floor rotted in this glorious black circle. It grew moss in the spring. They tried to sell it to us for $30,000. I am not kidding. We thought, Jesus, who would buy a place on Grand Street and Wythe? I assumed the river would swallow it up.” He stopped. I took a tiny sip of my gin and tonic, which was too strong for me though I would never admit it. “There are condos there now,” I said. I didn’t know what else to say. My head was getting difficult to prop up. “All these halffinished, empty buildings. They’ll never fill them. There are no people.” “You are condos, new girl,” Sasha said. Walter stared into the bottom of his glass. “Fucking holes in the ceiling. Frozen pipes all winter, showering at the Y. We tossed crackheads out of the entryway weekly—<em>weekly.</em> One of them tried to stab Walden with a steak knife—our steak knife. And sometimes I<br>wish we would have stayed.”</p><p>I RODE the L train, back and forth. Back and forth. In the beginning, I made eye contact with everyone. I applied mascara, I counted my cash tips on my lap, I wrote myself notes, ate bagels, redistributed the cream cheese with my fingers, moved my shoulders to music, stretched out on the seats, smiled at flashes of my reflection in the train windows. “Your self-awareness is lacking,” Simone said to me one day as I was leaving. “Without an ability to see yourself, you can’t protect yourself. Do you understand? It’s crucial to your survival that you pause the imaginary sound track in your head. Don’t isolate your senses - you’re interacting with an environment.” I learned how to sit still and look at nothing and no one. When someone next to me on the train started talking to themselves, I was embarrassed for them.</p><p>I WAS WORKING the dining room the first day Mrs. Neely didn’t have her wallet. I was replenishing the silver and I heard her exclaim. She threw her purse up on the table with her needle-thin arms and her knife fell to the floor. It sounded like an alarm. The surrounding tables turned. She pulled out slips of paper, crumpled Kleenex, several tubes of lipstick, her MetroCard. Simone picked up the knife and put her hand on her shoulder. Mrs. Neely sat back down but her hands continued to flap in front of her face. “Well I…well I…Well.” “You know, I believe we found it,” Simone said, catching one of Mrs. Neely’s erratic hands. “You are all set. I noticed you didn’t finish your lamb today, was it all right?” “Oh it was underdone. I don’t know what you pay that chef for if he’s not able to cook a lamb. I attended a dinner with Julia Child once, and we had lamb. James Beard, he could cook a lamb, my dear.” “Thank you for telling me. I will pass it along.” Simone picked up the check. I hadn’t seen Zoe come up next to me. Simone approached us. “There’s no wallet,” she said and sighed. “I’ll go ahead and comp it.” “I should check with Howard first,” Zoe said carefully. “Excuse me?” Simone turned to her. I backed up. “The situation is entirely out of control. It deserves a conversation. Chef is completely fed up - double orders of soup, lamb sent back three times? It’s getting worse.” Simone stiffened, I felt it from a few feet away. Zoe kept her hands clasped behind her back, enforcing composure. A silence bubbled between them and I knew Zoe would break it first. “You can’t just comp entire meals every week, Simone. That’s not your call. And it’s gone beyond the restaurant’s responsibility. Do you remember when she fell? That’s on us. Where is the line? Where is her family?” She engrossed me. She flickered.</p><p>“Every week, Zoe. For twenty <em>fucking</em> years. You’re looking at her family. I’m taking care of the meal.” There was now a small orbit of us around the hutch and when Simone turned we scattered. I ran into the kitchen and Ariel had wide eyes. “Shit,” she said. “Queen Bee is getting written up for that. Picking up!”</p><p>WHEN I WOULD finally get to taste the wine at the end of our lessons, I would say idiotic things like, Oh I get it now. Simone would shake her head. “You’re only beginning to learn what you don’t know. First you must relearn your senses. Your senses are never inaccurate - it’s your ideas that can be false.”</p><p>I DIDN’T KNOW what a date was and I wasn’t an anomaly. Most of the girls I knew didn’t get asked out on dates. People got together through alcohol and a process of elimination. If they had anything in common beyond that they would go out and have a conversation. When Will asked me to get a drink in the late afternoon on my day off, I thought that placed us firmly in the friend arena, like getting coffee. We met at a tiny space called Big Bar, four booths and a few stools doused in red light. When he opened the door for me and he put his hand on the small of my back I thought, Oh fucking fuck shit fuck, is this what a date is? “Kansas,” he said. I smiled. It wasn’t awful, being somewhere besides the restaurant and my room. To be talking to another human without doing fifteen other things at once. Not awful at all. “It all makes sense.” “Does it? You were getting the Midwest vibe?” “I wasn’t actually. My radar is all off - everyone seems like they were born and raised in the restaurant. But now it makes sense.” “Because of my charm?” “No, because of your manners.” “Charming manners?” “Utterly,” I said and drank my beer. It is a strange pressure to be across from a man who wants something that you don’t want to give. It’s like standing in a forceful current, which at first you think is not too strong, but the longer you stand, the more tired you become, the harder it is to stay upright. “How long have you been here?” “I came for film school like, god, five years ago? That’s depressing. I promised my mom I would move back as soon as school was over, and I feel like I’m running against the clock. She’s livid.” “Is she? It’s so impressive that you got out, that you’re doing what you want.” “She thinks family is impressive.” I swallowed. “Maybe she’s right.” “Your parents know you’re here?” “What does that mean?” “I don’t know. You give off this runaway vibe, like you’re all huddled up inside yourself.” “I’m flattered. I’m pretty sure my dad knows.” “Pretty sure? What about your mom? Her little baby girl in the big city?” “My mom doesn’t exist.” “Doesn’t exist? What does that mean?” “That means I don’t want to talk about it.” Will’s eyes became concerned and I thought, Don’t do that. That’s not why I told you. It’s not something to fix. “What happened to film school?” I asked. “You come here for one thing, you end up absorbed by another. I have all these ideas, it’s just…Well. It’s hard to retain the original vision, which is usually the most pure, you know?” “Yeah.” I didn’t. “You really came here for nothing?” “I wouldn’t say for nothing.” “What did you do in school?” “I read.” “Any particular subjects? Are you always this difficult?” I sighed. It wasn’t as intense as Howard’s interview. “I majored in Lit. And I came here to start my life.” “How’s it going? Your life?” I paused. He seemed like he really wanted to know. I thought about it. “It’s kind of fucking amazing.” He laughed. “You remind me of the girls back home.” “Oh yeah? I’m vaguely insulted.” “Don’t be. You’re not jaded.” I thought, You don’t know me, but I smiled politely. “I’ll catch up soon. Just let Chef scream at me a few more times and I will go completely numb.” “He’s got a hard job.” “Really? The only thing I see him do is yell. I’ve never even seen him cook!” “It’s different at that level. He’s not a line cook anymore, he’s running the whole fucking business. I know he misses cooking every single day.” “The other day he told me to stab my fucking tickets or he’d stab me. I mean, how is that allowed?” “He didn’t say that to you.” “He did! I cried by the ice machines.” “You’re a little sensitive.” “He’s a monster.” Will put his hands up, surrendering, smiling. I liked him. The truth was that he reminded me of people back home too - nice, openbook people. Thinking of Chef reminded me of the restaurant and that I could talk freely because I wasn’t in it. “You know, Simone is kind of helping me with wine.” “Ugh.” He scrunched up his face. “I would be careful with Simone’s help.” “Why? She’s so smart. She’s so fucking good at her job. You ask her questions all the time.” “Yeah, when I’m desperate. Owing Simone a favor is like being owned by the mafia. Her help is a double-edged sword.” “Are you being serious right now?” “I would just be careful what you tell her. She and Howard have this weird thing where she reports on all the servers. Everyone thinks they’re fucking. Once Ariel told Simone something about Sasha and then Sasha got written up. And she has these creepy relationships with Howard’s girls, and then they disappear in the middle of the night. I don’t know, she’s fine, but she’s been there too long, she gets bored, makes trouble.” “I don’t believe that. I get the feeling that she’s genuinely interested in helping me.” It’s not that I expected Will to get her. She probably barely tolerated him. But the rest of it disoriented me. “What are Howard’s girls? What do you mean they disappear?” “Never mind, doll,” he said. He finished his beer, and I knew I had to decide if we were staying for another round. It felt like a mistake to get drunk before four p.m., but it would be worth it if I could get him to keep talking. “Maybe you softened her up,” he said and his eyes went past me. “Speak of the devil. I forgot this was her neighborhood.” I turned and there she was, in a black shift dress, looking so petite I would have looked right past her. I flipped back into the booth, chafing. This wasn’t Park Bar; this was my day off. I wanted Simone to think I was nude modeling for painters or drinking absinthe with musicians, or at the Guggenheim, where she’d told me to go, or even that I was alone at a bar with a book being sophisticated. How could I have been stupid enough to be drinking with Will? “Do you think she heard us?” I whispered. “We should go.” “What? You were just saying—“ “I’m sick,” I said. “I mean, I don’t feel well. This beer isn’t sitting well. I have to go home.”</p><h2 id="“Are-You-Okay-”"><a href="#“Are-You-Okay-”" class="headerlink" title="“Are You Okay?”"></a>“Are You Okay?”</h2><p>“Will, I’m sorry, we can do this again, but I—“ I could feel her eyes on us, there was no way to miss us in the four hundred square feet. I took a breath and felt a hand on my shoulder. “Aren’t you two a lovely pair.” She held a paperback book with a French title in her hand and smelled like gardenias. I wished Will would die. “We’re not. We were just talking about work stuff,” I said. “Sorry, hi Simone. I like that dress. Lovely to see you too.” “So you’re off today, huh?” Will said, a little coolly, I thought. “Yes, I’m just meeting a friend. And I think Jake will be by later.” I finished my beer. “I—“ “I finally got her outside of work,” Will said, showing me off. “Oh, is she so elusive?” Simone said with a derisive smile. “I’m not.” I stood up. “I’m just, upset, I have an upset stomach, I mean.” I pulled up my purse and put five dollars on the table. “Will, I’m sorry, next time.” I did not look back. Once I hit Second Avenue, I threw my arm up. I understood why taxis were so essential to life in the city, even with those of us who couldn’t afford them. Desperation.</p><p>AS I STARTED up the stairs to find more straws, Jake was coming down. He brushed the back of his hand against my hand. I stared at it, but my hand looked the same. There had been an explosion, but no collapse. I spent the next five hours sleepwalking, wondering whether he had touched me with intention. EVERYTHING WAS over my head. The senior servers, the bartenders especially, had doctorates in talking shit to guests. They could skim any topic. You couldn’t stump them. The briefness of these interactions meant their casual expertise was never exposed as groundless. As I overheard it, to be good at this job you needed to know the city, but also how to leave the city. Which was hard for me to imagine, since I found the idea of traveling to the Upper West Side daunting. Everyone had a cursory knowledge of the East Coast weekend retreats: not just upstate and Connecticut, but unlisted antiques stores in the Hudson Valley, small towns in the Berkshires, lakes in the Northeast Kingdom. Beaches were their own category, divided mainly between the Hamptons and the Cape, and again, the specific towns were identity badges. You knew which shows were at which galleries, and it was a given that you attended the museums regularly. When asked whether you had seen Manet’s execution paintings (and you were going to be asked by someone taking a late lunch after visiting MoMA), you were either on your way or had already seen them in Paris. You had opinions about opera. If you didn’t, you politely implied it was too bourgeois. You knew what was playing at Film Forum, and you corrected anyone who lumped Godard and Truffaut together. You knew trivia from the guests’ lives: where couples got married, where men traveled for business, what kinds of projects they were working on and the deadlines. You knew where they’d gone for undergrad and what they’d dreamed of doing while they were there. You knew names of the towns where they kept their mothers in Florida. You asked about the absent colleague/husband/wife. You knew the players on the Yankees and Mets, you knew the weather, more about predicting the weather than any meteorologist. You were a compendium of disposable information that people burned up while they drank and escaped their lives. And the most peculiar part was how none of it mattered to them. One push through the kitchen doors and they were back to food, sex, drinking, drugs, what bar had opened, what band was playing where, and who had been drunkest the night before. Once I saw someone throw a rag in Scott’s face over a spaghetti carbonara dispute, but I don’t know if anyone held a political belief. They were so well versed in that upper-middle-class culture - no, in the <em>tastes</em> of upper-middle-class culture - they could all pass.</p><p>Even most of the cooks had gotten an Ivy League education at Cornell before they spent a second fortune at CIA. They were fluent in rich people. <em>That</em> was the fifty-one percent of it.</p><ul><li>SCOTT AND HIS COOKS sat on a lowboy postshift, drinking beer. Scott was bitching about Chef: how threatened Chef was by his food, how out of touch Chef was with what was happening in Spain, how Chef had dried up a decade ago. Chef called Scott’s food “subversive” and it was clear that Scott wanted us to see that as a compliment. Jeff and Jared nodded, worshipping. As I eavesdropped I felt an unexpected swing of loyalty toward Chef, toward his food and the restaurant he’d built, even if was “hopelessly out of date.” The back of house had separate kitchen beer, which sat all night in an iced-down bus tub. One of the interns drained and refilled the ice during service - that task was actually in his job description, I asked him. The beer was genius. The boys could be cut, burned, or crying, but within their line of vision was a bucket of beer that was just theirs. “New girl, come here, Santos likes you.” They had the newest prep guy that I hadn’t met yet. His skin was stretched and skinny, like a child in a growth spurt’s. He didn’t look much past fifteen. “Be nice, guys,” I said. I jumped up on the lowboy. Jared put his arm around Santos and said, “I love Santos. He’s our new friend. Show the new girl that dance we taught you. The dance like a pollo.” Santos smiled but looked at the floor and didn’t move. “Ah he’s being shy now. Want a beer?” Santos took one and they gave one to me as well. I swung my heels against the door. I saw Santos slipping under a fence at the border. Making himself as thin as a coin and rolling through a crack in the wall. They had told me it was so expensive they could only pick one to go. And that once that one landed, it was too dangerous to ever go back. “Cuántos años tiene?” I asked. “Dieciocho,” he said defensively. “No es verdad? Eres un niño. De dónde eres?” “Mexico,” said Scott. He finished his beer in three gulps and opened another. “You know I’m not hiring any more filthy Dominicans. Right, Papi?” Papi was the troll-like man who had spit at me the first day. He nodded with hooded eyes and a vacant smile. Santos said timidly, “Hablas español?” “Sólo un poco. Puedo entender mejor que hablar. Hablas inglés?” He looked at the kitchen boys to see their reaction. “Not impressive,” said Scott. “Everyone speaks Spanish here. Bueno, yes?” They opened new beers and Jared said, “Papi, do the pollo dance.” Papi knocked out his elbows and flapped them like a chicken and yodeled. He spun in a circle and the boys clapped. “One more time, Papi, show Santos how the pros do it.” Scott saw that I wasn’t laughing and seemed embarrassed. His eyes said, These are the rules here. “He’s wasted. They steal bottles of whiskey and hide them in the dry goods.” “Oh,” I said. We drank our beers. Until that moment I’d been the girl they tricked into dancing like a pollo. Santos looked at me with grasping, runny eyes, the kind of eyes that take in everything and have no defenses. I knew how badly he needed a friend. I shook my head and asked for another beer. I looked at Santos appraisingly and said to the boys, “He’s brand-new, isn’t he?”</li></ul><h2 id="Autumn"><a href="#Autumn" class="headerlink" title="Autumn"></a>Autumn</h2>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/12/11/2023/rfc8799/"/>
      <url>/2023/12/11/2023/rfc8799/</url>
      
        <content type="html"><![CDATA[<p>Stream:<br>Independent Submission<br>RFC:<br>8799<br>Category:<br>Informational<br>Published:<br>July 2020<br>ISSN:<br>2070-1721<br>Authors:</p><p>B. Carpenter Univ. of Auckland<br>B. Liu Huawei Technologies</p><h2 id="Rfc-8799-Limited-Domains-And-Internet-Protocols-Abstract"><a href="#Rfc-8799-Limited-Domains-And-Internet-Protocols-Abstract" class="headerlink" title="Rfc 8799 Limited Domains And Internet Protocols Abstract"></a>Rfc 8799 Limited Domains And Internet Protocols Abstract</h2><p>There is a noticeable trend towards network behaviors and semantics that are specific to a particular set of requirements applied within a limited region of the Internet. Policies, default parameters, the options supported, the style of network management, and security requirements may vary between such limited regions. This document reviews examples of such limited domains (also known as controlled environments), notes emerging solutions, and includes a related taxonomy. It then briefly discusses the standardization of protocols for limited domains. Finally, it shows the need for a precise definition of “limited domain membership” and for mechanisms to allow nodes to join a domain securely and to find other members, including boundary nodes. This document is the product of the research of the authors. It has been produced through discussions and consultation within the IETF but is not the product of IETF consensus.</p><h2 id="Status-Of-This-Memo"><a href="#Status-Of-This-Memo" class="headerlink" title="Status Of This Memo"></a>Status Of This Memo</h2><p>This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not candidates for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at<br>.</p><p><a href="https://www.rfc-editor.org/info/rfc8799">https://www.rfc-editor.org/info/rfc8799</a></p><h2 id="Copyright-Notice"><a href="#Copyright-Notice" class="headerlink" title="Copyright Notice"></a>Copyright Notice</h2><p>Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.</p><p><a href="https://trustee.ietf.org/license-info">https://trustee.ietf.org/license-info</a> This document is subject to BCP 78 and the IETF Trust’s Legal Provisions Relating to IETF Documents (<br>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.</p><h2 id="Table-Of-Contents"><a href="#Table-Of-Contents" class="headerlink" title="Table Of Contents"></a>Table Of Contents</h2><ol><li> Introduction 2.  Failure Modes in Today’s Internet 3.  Examples of Limited Domain Requirements 4.  Examples of Limited Domain Solutions 5.  The Scope of Protocols in Limited Domains</li><li> Functional Requirements of Limited Domains 7.  Security Considerations 8.  IANA Considerations 9.  Informative References</li></ol><h2 id="Appendix-A-Taxonomy-Of-Limited-Domains"><a href="#Appendix-A-Taxonomy-Of-Limited-Domains" class="headerlink" title="Appendix A.  Taxonomy Of Limited Domains"></a>Appendix A.  Taxonomy Of Limited Domains</h2><p>A.1.  Domain as a Whole A.2.  Individual Nodes A.3.  Domain Boundary A.4.  Topology A.5.  Technology A.6.  Connection to the Internet A.7.  Security, Trust, and Privacy Model A.8.  Operations A.9.  Making Use of This Taxonomy<br>Acknowledgements Contributors Authors’ Addresses</p><h2 id="1-Introduction"><a href="#1-Introduction" class="headerlink" title="1. Introduction"></a>1. Introduction</h2><p>As the Internet continues to grow and diversify, with a realistic prospect of tens of billions of nodes being connected directly and indirectly, there is a noticeable trend towards networkspecific and local requirements, behaviors, and semantics. The word “local” should be understood in a special sense, however. In some cases, it may refer to geographical and physical locality – all the nodes in a single building, on a single campus, or in a given vehicle. In other cases, it may refer to a defined set of users or nodes distributed over a much wider area, but drawn together by a single virtual network over the Internet, or a single physical network running in parallel with the Internet. We expand on these possibilities below. To capture the topic, this document refers to such networks as “limited domains”. Of course, a similar situation may arise for a network that is completely disconnected from the Internet, but that is not our direct concern here. However, it should not be forgotten that interoperability is needed even within a disconnected network.</p><p>[RFC7754]<br>Some people have concerns about splintering of the Internet along political or linguistic boundaries by mechanisms that block the free flow of information. That is not the topic of this document, which does not discuss filtering mechanisms (see<br>) and does not apply to protocols that are designed for use across the whole Internet. It is only concerned with domains that have specific technical requirements. The word “domain” in this document does not refer to naming domains in the DNS, although in some cases, a limited domain might incidentally be congruent with a DNS domain. In particular, with a “split horizon” DNS configuration<br>, the split might be at the edge of a limited domain. A recent proposal for defining definite perimeters within the DNS namespace might also be considered to be a limited domain mechanism.</p><p>[RFC6950]<br>[DNS-<br>PERIMETER]<br>[RFC8085]<br>[RFC8086]<br>[RFC6398]<br>Another term that has been used in some contexts is “controlled environment”. For example, uses this to delimit the operational scope within which a particular tunnel encapsulation might be used. A specific example is GRE-in-UDP encapsulation<br>, which explicitly states that “The controlled environment has less restrictive requirements than the general Internet.” For example, non-congestion-controlled traffic might be acceptable within the controlled environment. The same phrase has been used to delimit the useful scope of quality-ofservice protocols<br>. It is not necessarily the case that protocols will fail to operate outside the controlled environment, but rather that they might not operate optimally. In this document, we assume that “limited domain” and “controlled environment” mean the same thing in practice. The term “managed network” has been used in a similar way, e.g.,<br>. In the context of secure multicast, a “group domain of interpretation” is defined by<br>.</p><p>[RFC6947]<br>[RFC6407]<br>[RFC4397]<br>[RFC4427]<br>[RFC4655]<br>Yet more definitions of types of domains are to be found in the routing area, such as<br>,<br>, and<br>. We conclude that the notion of a limited domain is very widespread in many aspects of Internet technology. The requirements of limited domains will depend on the deployment scenario. Policies, default parameters, and the options supported may vary. Also, the style of network management may vary between a completely unmanaged network, one with fully autonomic management, one with traditional central management, and mixtures of the above. Finally, the requirements and solutions for security and privacy may vary.</p><p>This document analyzes and discusses some of the consequences of this trend and how it may impact the idea of universal interoperability in the Internet. First, we list examples of limited domain scenarios and of technical solutions for limited domains, with the main focus being the Internet layer of the protocol stack. An appendix provides a taxonomy of the features to be found in limited domains. With this background, we discuss the resulting challenge to the idea that all Internet standards must be universal in scope and applicability. To the contrary, we assert that some protocols, although needing to be standardized and interoperable, also need to be specifically limited in their applicability. This implies that the concepts of a limited domain, and of its membership, need to be formalized and supported by secure mechanisms. While this document does not propose a design for such mechanisms, it does outline some functional requirements. This document is the product of the research of the authors. It has been produced through discussions and consultation within the IETF but is not the product of IETF consensus.</p><h2 id="2-Failure-Modes-In-Today’S-Internet"><a href="#2-Failure-Modes-In-Today’S-Internet" class="headerlink" title="2. Failure Modes In Today’S Internet"></a>2. Failure Modes In Today’S Internet</h2><p>[RFC2775] [RFC4924]<br>[RFC3234] [RFC7663] [RFC8517]<br>Today, the Internet does not have a well-defined concept of limited domains. One result of this is that certain protocols and features fail on certain paths. Earlier analyses of this topic have focused either on the loss of transparency of the Internet </p><p> or on the middleboxes responsible for that loss </p><p>. Unfortunately, the problems persist both in application protocols and even in very fundamental mechanisms. For example, the Internet is not transparent to IPv6 extension headers<br>, and Path MTU<br>Discovery has been unreliable for many years </p><p>. IP fragmentation is also unreliable<br>, and problems in TCP MSS negotiation have been reported<br>.</p><p>[RFC7872]<br>[RFC2923] [RFC4821]<br>[FRAG-FRAGILE]<br>[IPV6-<br>USE-MINMTU] On the security side, the widespread insertion of firewalls at domain boundaries that are perceived by humans but unknown to protocols results in arbitrary failure modes as far as the application layer is concerned. There are operational recommendations and practices that effectively guarantee arbitrary failures in realistic scenarios<br>.</p><p>[IPV6-EXT-HEADERS]<br>Domain boundaries that are defined administratively (e.g., by address filtering rules in routers) are prone to leakage caused by human error, especially if the limited domain traffic appears otherwise normal to the boundary routers. In this case, the network operator needs to take active steps to protect the boundary. This form of leakage is much less likely if nodes must be explicitly configured to handle a given limited-domain protocol, for example, by installing a specific protocol handler.</p><p>[FRAG-FRAGILE]<br>[RFC7872]<br>Investigations of the unreliability of IP fragmentation and the filtering of IPv6<br>extension headers strongly suggest that at least for some protocol elements, transparency is a lost cause and middleboxes are here to stay. In the following two sections, we show that some application environments require protocol features that cannot, or should not, cross the whole Internet.</p><h2 id="3-Examples-Of-Limited-Domain-Requirements"><a href="#3-Examples-Of-Limited-Domain-Requirements" class="headerlink" title="3. Examples Of Limited Domain Requirements"></a>3. Examples Of Limited Domain Requirements</h2><p>This section describes various examples where limited domain requirements can easily be identified, either based on an application scenario or on a technical imperative. It is, of course, not a complete list, and it is presented in an arbitrary order, loosely from smaller to bigger.</p><ol><li><p>A home network. It will be mainly unmanaged, constructed by a non-specialist. It must work with devices “out of the box” as shipped by their manufacturers and must create adequate<br>security by default. Remote access may be required. The requirements and applicable principles are summarized in<br>.<br>[RFC7368]</p></li><li><p>A small office network. This is sometimes very similar to a home network, if whoever is in charge has little or no specialist knowledge, but may have differing security and privacy requirements. In other cases, it may be professionally constructed using recommended products and configurations but operate unmanaged. Remote access may be required. </p></li><li><p>A vehicle network. This will be designed by the vehicle manufacturer but may include devices added by the vehicle’s owner or operator. Parts of the network will have demanding performance and reliability requirements with implications for human safety. Remote access may be required to certain functions but absolutely forbidden for others. Communication with other vehicles, roadside infrastructure, and external data sources will be required. See<br>for a survey of use cases.<br>[IPWAVE-NETWORKING]</p></li><li><p>[RFC8578]<br>Supervisory Control And Data Acquisition (SCADA) networks and other hard real-time networks. These will exhibit specific technical requirements, including tough real-time performance targets. See, for example,<br>for numerous use cases. An example is a<br>building services network. This will be designed specifically for a particular building but using standard components. Additional devices may need to be added at any time. Parts of the network may have demanding reliability requirements with implications for human safety. Remote access may be required to certain functions but absolutely forbidden for others. An extreme example is a network used for virtual reality or augmented reality applications where the latency requirements are very stringent. </p></li><li><p>Sensor networks. The two preceding cases will all include sensors, but some networks may be specifically limited to sensors and the collection and processing of sensor data. They may be in remote or technically challenging locations and installed by non-specialists. </p></li><li><p>Internet-of-Things (IoT) networks. While this term is very flexible and covers many innovative types of networks, including ad hoc networks that are formed spontaneously and some applications of 5G technology, it seems reasonable to expect that IoT edge networks will have special requirements and protocols that are useful only within a specific domain, and that these protocols cannot, and for security reasons should not, run over the Internet as a whole. </p></li><li><p>[RFC7228]<br>Constrained Networks. An important subclass of IoT networks consists of constrained networks<br>in which the nodes are limited in power consumption and<br>communications bandwidth and are therefore limited to using very frugal protocols. </p></li><li><p>[RFC4838]<br>Delay-tolerant networks. These may consist of domains that are relatively isolated and<br>constrained in power (e.g., deep space networks) and are connected only intermittently to<br>the outside, with a very long latency on such connections<br>. Clearly, the protocol<br>requirements and possibilities are very specialized in such networks. </p></li><li><p>“Traditional” enterprise and campus networks, which may be spread over many kilometers and over multiple separate sites, with multiple connections to the Internet. Interestingly, the IETF appears never to have analyzed this long-established class of networks in a general way, except in connection with IPv6 deployment (e.g.,<br>).<br>[RFC7381]</p></li><li><p>[RFC8445]<br>Unsuitable standards. A situation that can arise in an enterprise network is that the Internetwide solution for a particular requirement may either fail locally or be much more complicated than is necessary. An example is that the complexity induced by a mechanism<br>such as Interactive Connectivity Establishment (ICE)<br>is not justified within such a<br>network. Furthermore, ICE cannot be used in some cases because candidate addresses are not known before a call is established, so a different local solution is essential<br>.<br>[RFC6947]</p></li><li><p>Managed wide-area networks run by service providers for enterprise services such as Layer 2 (Ethernet, etc.) point-to-point pseudowires, multipoint Layer 2 Ethernet VPNs using Virtual Private LAN Service (VPLS) or Ethernet VPN (EVPN), and Layer 3 IP VPNs. These are generally characterized by service-level agreements for availability, packet loss, and possibly multicast service. These are different from the previous case in that they mostly run over MPLS infrastructures, and the requirements for these services are well defined by the IETF. </p></li><li><p>Data centers and hosting centers, or distributed services acting as such centers. These will have high performance, security, and privacy requirements and will typically include large numbers of independent “tenant” networks overlaid on shared infrastructure. </p></li><li><p>Content Delivery Networks (CDNs), comprising distributed data centers and the paths between them, spanning thousands of kilometers, with numerous connections to the Internet. </p></li><li><p>Massive Web Service Provider Networks. This is a small class of networks with well-known trademarked names, combining aspects of distributed enterprise networks, data centers, and CDNs. They have their own international networks bypassing the generic carriers. Like CDNs, they have numerous connections to the Internet, typically offering a tailored service in each economy.<br>Three other aspects, while not tied to specific network types, also strongly depend on the concept of limited domains:</p></li><li><p>Many of the above types of networks may be extended throughout the Internet by a variety of virtual private network (VPN) techniques. Therefore, we argue that limited domains may overlap each other in an arbitrary fashion by use of virtualization techniques. As noted above in the discussion of controlled environments, specific tunneling and encapsulation techniques may be tailored for use within a given domain. </p></li><li><p>Intent-Based Networking. In this concept, a network domain is configured and managed in accordance with an abstract policy known as “Intent” to ensure that the network performs as<br>[IBN-CONCEPTS]<br>required<br>. Whatever technologies are used to support this will be applied within the domain boundary, even if the services supported in the domain are globally accessible. </p></li><li><p>[ENHANCED-VPN]<br>[USER-PLANE-PROTOCOL]<br>Network Slicing. A network slice is a form of virtual network that consists of a managed set<br>of resources carved off from a larger network<br>. This is expected to be<br>significant in 5G deployments<br>. Whatever technologies are used to<br>support slicing will require a clear definition of the boundary of a given slice within a larger domain.<br>While it is clearly desirable to use common solutions, and therefore common standards, wherever possible, it is increasingly difficult to do so while satisfying the widely varying requirements outlined above. However, there is a tendency when new protocols and protocol extensions are proposed to always ask the question “How will this work across the open Internet?” This document suggests that this is not always the best question. There are protocols and extensions that are not intended to work across the open Internet. On the contrary, their requirements and semantics are specifically limited (in the sense defined above). A common argument is that if a protocol is intended for limited use, the chances are very high that it will in fact be used (or misused) in other scenarios including the so-called open Internet. This is undoubtedly true and means that limited use is not an excuse for bad design or poor security. In fact, a limited use requirement potentially adds complexity to both the protocol and its security design, as discussed later.</p></li></ol><p>[RFC2205]<br>Nevertheless, because of the diversity of limited domains with specific requirements that is now emerging, specific standards (and ad hoc standards) will probably emerge for different types of domains. There will be attempts to capture each market sector, but the market will demand standardized solutions within each sector. In addition, operational choices will be made that can in fact only work within a limited domain. The history of RSVP<br> illustrates that a standard defined as if it could work over the open Internet might not in fact do so. In general, we can no longer assume that a protocol designed according to classical Internet guidelines will in fact work reliably across the network as a whole. However, the “open Internet” must remain as the universal method of interconnection. Reconciling these two aspects is a major challenge.</p><h2 id="4-Examples-Of-Limited-Domain-Solutions"><a href="#4-Examples-Of-Limited-Domain-Solutions" class="headerlink" title="4. Examples Of Limited Domain Solutions"></a>4. Examples Of Limited Domain Solutions</h2><p>[RFC6325]<br>[SPB]</p><p>This section lists various examples of specific limited domain solutions that have been proposed or defined. It intentionally does not include Layer 2 technology solutions, which by definition apply to limited domains. It is worth noting, however, that with recent developments such as Transparent Interconnection of Lots of Links (TRILL)<br> or Shortest Path Bridging<br>, Layer 2 domains may become very large.</p><ol><li><p>[RFC2474]<br>Differentiated Services. This mechanism<br>allows a network to assign locally<br>significant values to the 6-bit Differentiated Services Code Point field in any IP packet. Although there are some recommended code point values for specific per-hop queue management behaviors, these are specifically intended to be domain-specific code points with traffic being classified, conditioned, and mapped or re-marked at domain boundaries<br>(unless there is an inter-domain agreement that makes mapping or re-marking unnecessary). </p></li><li><p>[RFC2205]<br>Integrated Services. Although it is not intrinsic in the design of RSVP<br>, it is clear<br>from many years’ experience that Integrated Services can only be deployed successfully<br>within a limited domain that is configured with adequate equipment and resources. </p></li><li><p>[RFC8568]<br>Network function virtualization. As described in<br>, this general concept is an open<br>research topic in which virtual network functions are orchestrated as part of a distributed system. Inevitably, such orchestration applies to an administrative domain of some kind, even though cross-domain orchestration is also a research area. </p></li><li><p>[RFC7665]<br>[RFC8300]<br>Service Function Chaining (SFC). This technique<br>assumes that services within a<br>network are constructed as sequences of individual service functions within a specific SFC- enabled domain such as a 5G domain. As that RFC states: “Specific features may need to be enforced at the boundaries of an SFC-enabled domain, for example to avoid leaking SFC information”. A Network Service Header (NSH)<br>is used to encapsulate packets<br>flowing through the service function chain: “The intended scope of the NSH is for use within a single provider’s operational domain.” </p></li><li><p>Firewall and Service Tickets (FAST). Such tickets would accompany a packet to claim the<br>right to traverse a network or request a specific network service<br>. They would only be<br>meaningful within a particular domain.<br>[FAST]</p></li><li><p>[RFC8151]<br>Data Center Network Virtualization Overlays. A common requirement in data centers that host many tenants (clients) is to provide each one with a secure private network, all running over the same physical infrastructure.<br>describes various use cases for this, and<br>specifications are under development. These include use cases in which the tenant network is physically split over several data centers, but which must appear to the user as a single secure domain. </p></li><li><p>[RFC8402]<br>Segment Routing. This is a technique that “steers a packet through an ordered list of instructions, called segments”<br>. The semantics of these instructions are explicitly<br>local to a segment routing domain or even to a single node. Technically, these segments or instructions are represented as an MPLS label or an IPv6 address, which clearly adds a semantic interpretation to them within the domain. </p></li><li><p>[REF-MODEL]<br>[ACP]<br>Autonomic Networking. As explained in<br>, an autonomic network is also a<br>security domain within which an autonomic control plane<br>is used by autonomic<br>service agents. These agents manage technical objectives, which may be locally defined, subject to domain-wide policy. Thus, the domain boundary is important for both security and protocol purposes. </p></li><li><p>[RFC7368]<br>Homenet. As shown in<br>, a home networking domain has specific protocol needs<br>that differ from those in an enterprise network or the Internet as a whole. These include the Home Network Control Protocol (HNCP)<br>and a naming and discovery solution<br>.<br>[RFC7788]<br>[HOMENET-NAMING]</p></li><li><p>Creative uses of IPv6 features. As IPv6 enters more general use, engineers notice that it has much more flexibility than IPv4. Innovative suggestions have been made for:<br>◦<br>[RFC6294]<br>The flow label, e.g.,<br>.<br>◦<br>[RFC8754]<br>[IPV6-ALT-MARK]<br>Extension headers, e.g., for segment routing<br>or Operations, Administration, and<br>Maintenance (OAM) marking<br>.<br>◦<br>[EMBEDDED-SEMANTICS]<br>[RFC8402]<br>Meaningful address bits, e.g.,<br>. Also, segment routing uses IPv6<br>addresses as segment identifiers with specific local meanings<br>.<br>◦<br>[SRV6-NETWORK]<br>If segment routing is used for network programming<br>, IPv6 extension<br>headers can support rather complex local functionality.<br>[RFC7045] [RFC7872]<br>[IPV6-EXT-HEADERS]<br>The case of the extension header is particularly interesting, since its existence has been a major “selling point” for IPv6, but new extension headers are notorious for being virtually impossible to deploy across the whole Internet </p></li></ol><p>. It is worth noting that extension header filtering is considered an important security issue<br>.</p><p>There is considerable appetite among vendors or operators to have flexibility in defining extension headers for use in limited or specialized domains, e.g.,<br>,<br>, and<br>. Locally significant hop-by-hop options are also envisaged, that would be understood by routers inside a domain but not elsewhere, e.g.,<br>.</p><p>[IPV6-SRH] [BIGIP]<br>[APP-AWARE]<br>[IN-SITU-OAM]</p><ol start="11"><li>[RFC8655]<br>[DETNET-DATA-PLANE]<br>Deterministic Networking (DetNet). The Deterministic Networking Architecture and encapsulation<br>aim to support flows with extremely low data loss<br>rates and bounded latency but only within a part of the network that is “DetNet aware”. Thus, as for Differentiated Services above, the concept of a domain is fundamental. </li><li>[RFC7556]<br>Provisioning Domains (PvDs). An architecture for Multiple Provisioning Domains has been defined<br>to allow hosts attached to multiple networks to learn explicit details about<br>the services provided by each of those networks. </li><li>[RFC4291]<br>[RFC4193]<br>Address Scopes. For completeness, we mention that, particularly in IPv6, some addresses have explicitly limited scope. In particular, link-local addresses are limited to a single physical link<br>, and Unique Local Addresses<br>are limited to a somewhat<br>loosely defined local site scope. Previously, site-local addresses were defined, but they were obsoleted precisely because of “the fuzzy nature of the site concept”<br>. Multicast<br>addresses also have explicit scoping<br>.<br>[RFC3879]<br>[RFC4291]</li><li>As an application-layer example, consider streaming services such as IPTV infrastructures that rely on standard protocols, but for which access is not globally available.<br>All of these suggestions are only viable within a specified domain. Nevertheless, all of them are clearly intended for multivendor implementation on thousands or millions of network domains, so interoperable standardization would be beneficial. This argument might seem irrelevant to private or proprietary implementations, but these have a strong tendency to become de facto standards if they succeed, so the arguments of this document still apply.</li></ol><h2 id="5-The-Scope-Of-Protocols-In-Limited-Domains"><a href="#5-The-Scope-Of-Protocols-In-Limited-Domains" class="headerlink" title="5. The Scope Of Protocols In Limited Domains"></a>5. The Scope Of Protocols In Limited Domains</h2><p>One consequence of the deployment of limited domains in the Internet is that some protocols will be designed, extended, or configured so that they only work correctly between end systems in such domains. This is to some extent encouraged by some existing standards and by the assignment of code points for local or experimental use. In any case, it cannot be prevented. Also, by endorsing efforts such as Service Function Chaining, Segment Routing, and Deterministic Networking, the IETF is in effect encouraging such deployments. Furthermore, it seems inevitable, if the Internet of Things becomes reality, that millions of edge networks containing completely novel types of nodes will be connected to the Internet; each one of these edge networks will be a limited domain.</p><p>It is therefore appropriate to discuss whether protocols or protocol extensions should sometimes be standardized to interoperate only within a limited-domain boundary. Such protocols would not be required to interoperate across the Internet as a whole. Various scenarios could then arise if there are multiple domains using the limited-domain protocol in question:</p><p>A.<br>If a domain is split into two parts connected over the Internet directly at the IP layer (i.e., with no tunnel encapsulating the packets), a limited-domain protocol could be operated between those two parts regardless of its special nature, as long as it respects standard IP formats and is not arbitrarily blocked by firewalls. A simple example is any protocol using a port number assigned to a specific non-IETF protocol.<br>Such a protocol could reasonably be described as an “inter-domain” protocol because the Internet is transparent to it, even if it is meaningless except in the two limited domains. This is, of course, nothing new in the Internet architecture.</p><p>B.<br>If a limited-domain protocol does not respect standard IP formats (for example, if it includes a non-standard IPv6 extension header), it could not be operated between two domains connected over the Internet directly at the IP layer.<br>Such a protocol could reasonably be described as an “intra-domain” protocol, and the Internet is opaque to it.</p><p>C.<br>If a limited-domain protocol is clearly specified to be invalid outside its domain of origin, neither scenario A nor B applies. The only solution would be a single virtual domain. For example, an encapsulating tunnel between two domains could be used to create the virtual domain. Also, nodes at the domain boundary must drop all packets using the limited-domain protocol.<br>D.<br>If a limited-domain protocol has domain-specific variants, such that implementations in different domains could not interoperate if those domains were unified by some mechanism as in scenario C, the protocol is not interoperable in the normal sense. If two domains using it were merged, the protocol might fail unpredictably. A simple example is any protocol using a port number assigned for experimental use. Related issues are discussed in<br>, including the complex example of Transport MPLS.<br>[RFC5704]<br>[RFC2474]<br>To provide a widespread example, consider Differentiated Services<br>. A packet containing any value whatsoever in the 6 bits of the Differentiated Services Code Point (DSCP) is well formed and falls into scenario A. However, because the semantics of DSCP values are locally significant, the packet also falls into scenario D. In fact, Differentiated Services are only interoperable across domain boundaries if there is a corresponding agreement between the operators; otherwise, a specific gateway function is required for meaningful interoperability. Much more detailed discussion is found in and<br>.</p><p>[RFC2474]<br>[RFC8100]<br>[IPV6-SRH]<br>[RFC8200]<br>[RFC6709]<br>[RFC8200]<br>To provide a provocative example, consider the proposal in that the restrictions in should be relaxed to allow IPv6 extension headers to be inserted on the fly in IPv6<br>packets. If this is done in such a way that the affected packets can never leave the specific limited domain in which they were modified, scenario C applies. If the semantic content of the inserted headers is locally defined, scenario D also applies. In neither case is the Internet outside the limited domain disturbed. However, inside the domain, nodes must understand the variant protocol. Unless it is standardized as a formal version, with all the complexity that implies<br>, the nodes must all be non-standard to the extent of understanding the variant protocol. For the example of IPv6 header insertion, that means non-compliance with within the domain, even if the inserted headers are themselves fully compliant. Apart from the issue of formal compliance, such deviations from documented standard behavior might lead to significant debugging issues. The possible practical impact of the header insertion example is explored in<br>.</p><p>[IN-FLIGHT-IPV6]<br>[FAST]<br>The FAST proposal mentioned in Section 4, Paragraph 2, Item 5 is also an interesting case study.</p><p>The semantics of FAST tickets have limited scope. However, they are designed in a way that, in principle, allows them to traverse the open Internet, as standardized IPv6 hop-by-hop options or even as a proposed form of IPv4 extension header<br>. Whether such options can be used reliably across the open Internet remains unclear<br>.</p><p>[IPV4-EXT-HEADERS]<br>[IPV6-EXT-<br>HEADERS] We conclude that it is reasonable to explicitly define limited-domain protocols, either as standards or as proprietary mechanisms, as long as they describe which of the above scenarios apply and they clarify how the domain is defined. As long as all relevant standards are respected outside the domain boundary, a well-specified limited-domain protocol need not damage the rest of the Internet. However, as described in the next section, mechanisms are needed to support domain membership operations. Note that this conclusion is not a recommendation to abandon the normal goal that a standardized protocol should be global in scope and able to interoperate across the open Internet. It is simply a recognition that this will not always be the case.</p><h2 id="6-Functional-Requirements-Of-Limited-Domains"><a href="#6-Functional-Requirements-Of-Limited-Domains" class="headerlink" title="6. Functional Requirements Of Limited Domains"></a>6. Functional Requirements Of Limited Domains</h2><p>Noting that limited-domain protocols have been defined in the past, and that others will undoubtedly be defined in the future, it is useful to consider how a protocol can be made aware of the domain within which it operates and how the domain boundary nodes can be identified. As the taxonomy in Appendix A shows, there are numerous aspects to a domain. However, we can identify some generally required features and functions that would apply partially or completely to many cases. Today, where limited domains exist, they are essentially created by careful configuration of boundary routers and firewalls. If a domain is characterized by one or more address prefixes, address assignment to hosts must also be carefully managed. This is an error-prone method, and a combination of configuration errors and default routing can lead to unwanted traffic escaping the domain. Our basic assumption is therefore that it should be possible for domains to be created and managed automatically, with minimal human configuration. We now discuss requirements for automating domain creation and management.</p><p>First, if we drew a topology map, any given domain – virtual or physical – will have a welldefined boundary between “inside” and “outside”. However, that boundary in itself has no technical meaning. What matters in reality is whether a node is a member of the domain and whether it is at the boundary between the domain and the rest of the Internet. Thus, the boundary in itself does not need to be identified, but boundary nodes face both inwards and outwards. Inside the domain, a sending node needs to know whether it is sending to an inside or outside destination, and a receiving node needs to know whether a packet originated inside or outside. Also, a boundary node needs to know which of its interfaces are inward facing or outward facing. It is irrelevant whether the interfaces involved are physical or virtual.</p><p>[RFC8557]<br>To underline that domain boundaries need to be identifiable, consider the statement from the Deterministic Networking Problem Statement that “there is still a lack of clarity regarding the limits of a domain where a deterministic path can be set up”. This remark can certainly be generalized. With this perspective, we can list some general functional requirements. An underlying assumption here is that domain membership operations should be cryptographically secured; a domain without such security cannot be reliably protected from attack.</p><ol><li>Domain Identity. A domain must have a unique and verifiable identifier; effectively, this should be a public key for the domain. Without this, there is no way to secure domain operations and domain membership. The holder of the corresponding private key becomes the trust anchor for the domain. </li><li>Nesting. It must be possible for domains to be nested (see, for example, the network-slicing example mentioned above). </li><li>Overlapping. It must be possible for nodes and links to be in more than one domain (see, for example, the case of PvDs mentioned above). </li><li>Node Eligibility. It must be possible for a node to determine which domain(s) it can potentially join and on which interface(s). </li><li>Secure Enrollment. A node must be able to enroll in a given domain via secure node identification and to acquire relevant security credentials (authorization) for operations within the domain. If a node has multiple physical or virtual interfaces, individual enrollment for each interface may be required. </li><li>Withdrawal. A node must be able to cancel enrollment in a given domain. </li><li>Dynamic Membership. Optionally, a node should be able to temporarily leave or rejoin a domain (i.e., enrollment is persistent but membership is intermittent). </li><li>Role, implying authorization to perform a certain set of actions. A node must have a verifiable role. In the simplest case, the role choices are “interior node” and “boundary node”. In a boundary node, individual interfaces may have different roles, e.g., “inward facing” and “outward facing”. </li><li>Peer Verification. A node must be able to verify whether another node is a member of the domain. </li><li>Role Verification. A node should be able to learn the verified role of another node. In particular, it should be possible for a node to find boundary nodes (interfacing to the<br>Internet). </li><li>Domain Data. In a domain with management requirements, it must be possible for a node to acquire domain policy and/or domain configuration data. This would include, for example, filtering policy to ensure that inappropriate packets do not leave the domain.<br>These requirements could form the basis for further analysis and solution design. Another aspect is whether individual packets within a limited domain need to carry any sort of indicator that they belong to that domain or whether this information will be implicit in the IP addresses of the packet. A related question is whether individual packets need cryptographic authentication. This topic is for further study.</li></ol><h2 id="7-Security-Considerations"><a href="#7-Security-Considerations" class="headerlink" title="7. Security Considerations"></a>7. Security Considerations</h2><p>As noted above, a protocol intended for limited use may well be inadvertently used on the open Internet, so limited use is not an excuse for poor security. In fact, a limited use requirement potentially adds complexity to the security design.</p><p>[RFC8402]<br>Often, the boundary of a limited domain will also act as a security boundary. In particular, it will serve as a trust boundary and as a boundary of authority for defining capabilities. For example, segment routing explicitly uses the concept of a “trusted domain” in this way. Within the boundary, limited-domain protocols or protocol features will be useful, but they will in many cases be meaningless or harmful if they enter or leave the domain. The boundary also serves to provide confidentiality and privacy for operational parameters that the operator does not wish to reveal. Note that this is distinct from privacy protection for individual users within the domain. The security model for a limited-scope protocol must allow for the boundary and in particular for a trust model that changes at the boundary. Typically, credentials will need to be signed by a domain-specific authority.</p><h2 id="8-Iana-Considerations"><a href="#8-Iana-Considerations" class="headerlink" title="8. Iana Considerations"></a>8. Iana Considerations</h2><p>This document has no IANA actions.</p><h2 id="9-Informative-References"><a href="#9-Informative-References" class="headerlink" title="9. Informative References"></a>9. Informative References</h2><p>[ACP]<br>,<br>,<br>,<br>, 2<br>July 2020,<br>. </p><p>Eckert, T., Behringer, M., and S. Bjarnason “An Autonomic Control Plane (ACP)” Work in Progress Internet-Draft, draft-ietf-anima-autonomic-control-plane-27<br><a href="https://tools.ietf.org/html/draft-ietf-anima-autonomic-controlplane-27">https://tools.ietf.org/html/draft-ietf-anima-autonomic-controlplane-27</a><br>[APP-AWARE]<br>,<br>,<br>,<br>, 2 July 2020,<br>. </p><p>Li, Z., Peng, S., Li, C., Xie, C., Voyer, D., Li, X., Liu, P., Liu, C., and K. Ebisawa “Application-aware IPv6 Networking (APN6) Encapsulation” Work in Progress Internet-Draft, draft-li-6man-app-aware-ipv6-network-02<br>&lt;https://<br>tools.ietf.org/html/draft-li-6man-app-aware-ipv6-network-02&gt;</p><p>[BIGIP]<br>Li, R. “HUAWEI - Big IP Initiative”<br>&lt;<a href="https://www.iaria.org/announcements/">https://www.iaria.org/announcements/</a><br>HuaweiBigIP.pdf&gt;<br>,<br>, 2018,<br>.<br>[DETNET-DATA-PLANE]<br>Varga, B., Farkas, J., Berger, L., Malis, A., and S. Bryant “DetNet Data<br>Plane Framework” Work in Progress Internet-Draft, draft-ietf-detnet-dataplane-framework-06<br><a href="https://tools.ietf.org/html/draft-ietf-detnetdata-plane-framework-06">https://tools.ietf.org/html/draft-ietf-detnetdata-plane-framework-06</a><br>,<br>,<br>,<br>, 6 May 2020,<br>.<br>[DNS-PERIMETER]<br>Crocker, D. and T. Adams “DNS Perimeter Overlay” Work in Progress<br>Internet-Draft, draft-dcrocker-dns-perimeter-01<br>&lt;https://<br>tools.ietf.org/html/draft-dcrocker-dns-perimeter-01&gt;<br>,<br>,<br>,<br>, 11 June 2019,<br>.<br>[EMBEDDED-SEMANTICS]<br>Jiang, S., Qiong, Q., Farrer, I., Bo, Y., and T. Yang “Analysis of<br>Semantic Embedded IPv6 Address Schemas” Work in Progress Internet-Draft, draft-jiang-semantic-prefix-06<br><a href="https://tools.ietf.org/html/draftjiang-semantic-prefix-06">https://tools.ietf.org/html/draftjiang-semantic-prefix-06</a><br>,<br>,<br>,<br>, 15 July 2013,<br>.<br>[ENHANCED-VPN]<br>Dong, J., Bryant, S., Li, Z., Miyasaka, T., and Y. Lee “A Framework for<br>Enhanced Virtual Private Networks (VPN+) Service” Work in Progress Internet- Draft, draft-ietf-teas-enhanced-vpn-06<br>&lt;<a href="https://tools.ietf.org/html/">https://tools.ietf.org/html/</a><br>draft-ietf-teas-enhanced-vpn-06&gt;<br>,<br>,<br>,<br>, 13 July 2020,<br>.<br>[FAST]<br>Herbert, T. “Firewall and Service Tickets” Work in Progress Internet-Draft, draft-herbert-fast-04<br><a href="https://tools.ietf.org/html/draft-herbertfast-04">https://tools.ietf.org/html/draft-herbertfast-04</a><br>,<br>,<br>,<br>, 10 April 2019,<br>.<br>[FRAG-FRAGILE]<br>Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O., and F. Gont “IP<br>Fragmentation Considered Fragile” Work in Progress Internet-Draft, draft-ietfintarea-frag-fragile-17<br><a href="https://tools.ietf.org/html/draft-ietfintarea-frag-fragile-17">https://tools.ietf.org/html/draft-ietfintarea-frag-fragile-17</a><br>,<br>,<br>,<br>, 30 September 2019,<br>.<br>[HOMENET-NAMING]<br>Lemon, T., Migault, D., and S. Cheshire “Homenet Naming and Service<br>Discovery Architecture” Work in Progress Internet-Draft, draft-ietf-homenetsimple-naming-03<br><a href="https://tools.ietf.org/html/draft-ietfhomenet-simple-naming-03">https://tools.ietf.org/html/draft-ietfhomenet-simple-naming-03</a><br>,<br>,<br>,<br>, 23 October 2018,<br>.<br>[IBN-CONCEPTS]<br>Clemm, A., Ciavaglia, L., Granville, L., and J. Tantsura “Intent-Based<br>Networking - Concepts and Definitions” Work in Progress Internet-Draft, draftirtf-nmrg-ibn-concepts-definitions-01<br>&lt;<a href="https://tools.ietf.org/html/">https://tools.ietf.org/html/</a><br>draft-irtf-nmrg-ibn-concepts-definitions-01&gt;<br>,<br>,<br>,<br>, 9 March 2020,<br>.<br>[IN-FLIGHT-IPV6]<br>Smith, M., Kottapalli, N., Bonica, R., Gont, F., and T. Herbert “In-Flight IPv6<br>Extension Header Insertion Considered Harmful” Work in Progress Internet- Draft, draft-smith-6man-in-flight-eh-insertion-harmful-02<br>&lt;https://<br>tools.ietf.org/html/draft-smith-6man-in-flight-eh-insertion-harmful-02&gt;<br>,<br>,<br>,<br>, 30 May 2020,<br>.<br>[IN-SITU-OAM]<br>,<br>,<br>,<br>, 13 July 2020,<br>.<br>Bhandari, S., Brockners, F., Pignataro, C., Gredler, H., Leddy, J., Youell, S.,<br>Mizrahi, T., Kfir, A., Gafni, B., Lapukhov, P., Spiegel, M., Krishnan, S., and R. Asati “In-situ OAM IPv6 Options” Work in Progress Internet-Draft, draft-ietf-ippmioam-ipv6-options-02<br><a href="https://tools.ietf.org/html/draft-ietf-ippmioam-ipv6-options-02">https://tools.ietf.org/html/draft-ietf-ippmioam-ipv6-options-02</a><br>[IPV4-EXT-HEADERS]<br>,<br>,<br>,<br>, 2 May 2019,<br>.<br>Herbert, T. “IPv4 Extension Headers and Flow Label” Work in Progress<br>Internet-Draft, draft-herbert-ipv4-eh-01<br>&lt;<a href="https://tools.ietf.org/html/">https://tools.ietf.org/html/</a><br>draft-herbert-ipv4-eh-01&gt;<br>[IPV6-ALT-MARK]<br>,<br>,<br>,<br>, 22 June 2020,<br>.<br>Fioccola, G., Zhou, T., Cociglio, M., Qin, F., and R. Pang “IPv6 Application of<br>the Alternate Marking Method” Work in Progress Internet-Draft, draftietf-6man-ipv6-alt-mark-01<br><a href="https://tools.ietf.org/html/draftietf-6man-ipv6-alt-mark-01">https://tools.ietf.org/html/draftietf-6man-ipv6-alt-mark-01</a><br>[IPV6-EXT-HEADERS]<br>Gont, F. and W. LIU “Recommendations on the Filtering of IPv6 Packets<br>Containing IPv6 Extension Headers” Work in Progress Internet-Draft, draft-ietfopsec-ipv6-eh-filtering-06<br><a href="https://tools.ietf.org/html/draft-ietfopsec-ipv6-eh-filtering-06">https://tools.ietf.org/html/draft-ietfopsec-ipv6-eh-filtering-06</a><br>,<br>,<br>,<br>, 2 July 2018,<br>.<br>[IPV6-SRH]<br>Voyer, D., Filsfils, C., Dukes, D., Matsushima, S., Leddy, J., Li, Z., and J. Guichard “Deployments With Insertion of IPv6 Segment Routing Headers” Work in Progress Internet-Draft, draft-voyer-6man-extension-header-insertion-09<br><a href="https://tools.ietf.org/html/draft-voyer-6man-extension-headerinsertion-09">https://tools.ietf.org/html/draft-voyer-6man-extension-headerinsertion-09</a><br>,<br>,<br>,<br>, 19<br>May 2020,<br>.<br>[IPV6-USE-MINMTU]<br>Andrews, M. “TCP Fails To Respect IPV6_USE_MIN_MTU” Work in<br>Progress Internet-Draft, draft-andrews-tcp-and-ipv6-use-minmtu-04<br><a href="https://tools.ietf.org/html/draft-andrews-tcp-and-ipv6-use-minmtu-04">https://tools.ietf.org/html/draft-andrews-tcp-and-ipv6-use-minmtu-04</a><br>,<br>,<br>,<br>, 18 October<br>2015,<br>.<br>[IPWAVE-NETWORKING]<br>Jeong, J. “IPv6 Wireless Access in Vehicular Environments (IPWAVE):<br>Problem Statement and Use Cases” Work in Progress Internet-Draft, draft-ietfipwave-vehicular-networking-16<br><a href="https://tools.ietf.org/html/draftietf-ipwave-vehicular-networking-16">https://tools.ietf.org/html/draftietf-ipwave-vehicular-networking-16</a><br>,<br>,<br>,<br>, 7 July 2020,<br>.<br>[REF-MODEL]<br>Behringer, M., Carpenter, B., Eckert, T., Ciavaglia, L., and J. Nobre “A Reference Model for Autonomic Networking” Work in Progress Internet-Draft, draft-ietfanima-reference-model-10<br><a href="https://tools.ietf.org/html/draftietf-anima-reference-model-10">https://tools.ietf.org/html/draftietf-anima-reference-model-10</a><br>,<br>,<br>,<br>, 22 November 2018,<br>.<br>[RFC2205]<br>Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S. Jamin “Resource ReSerVation Protocol (RSVP) – Version 1 Functional Specification” RFC 2205 DOI 10.17487/RFC2205<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc2205&gt;<br>,<br>,<br>,<br>, September 1997,<br>.<br>[RFC2474]<br>Nichols, K., Blake, S., Baker, F., and D. Black “Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers” RFC 2474 DOI 10.17487/ RFC2474<br><a href="https://www.rfc-editor.org/info/rfc2474">https://www.rfc-editor.org/info/rfc2474</a><br>,<br>,<br>,<br>, December 1998,<br>.<br>[RFC2775]<br>Carpenter, B. “Internet Transparency” RFC 2775 DOI 10.17487/RFC2775<br><a href="https://www.rfc-editor.org/info/rfc2775">https://www.rfc-editor.org/info/rfc2775</a><br>,<br>,<br>,<br>,<br>February 2000,<br>.<br>[RFC2923]<br>Lahey, K. “TCP Problems with Path MTU Discovery” RFC 2923 DOI 10.17487/<br>RFC2923<br><a href="https://www.rfc-editor.org/info/rfc2923">https://www.rfc-editor.org/info/rfc2923</a><br>,<br>,<br>,<br>, September 2000,<br>.<br>[RFC3234]<br>Carpenter, B. and S. Brim “Middleboxes: Taxonomy and Issues” RFC 3234 DOI 10.17487/RFC3234<br><a href="https://www.rfc-editor.org/info/rfc3234">https://www.rfc-editor.org/info/rfc3234</a><br>,<br>,<br>,<br>, February 2002,<br>.<br>[RFC3879]<br>Huitema, C. and B. Carpenter “Deprecating Site Local Addresses” RFC 3879 DOI 10.17487/RFC3879<br><a href="https://www.rfc-editor.org/info/rfc3879">https://www.rfc-editor.org/info/rfc3879</a><br>,<br>,<br>,<br>, September 2004,<br>.<br>[RFC4193]<br>Hinden, R. and B. Haberman “Unique Local IPv6 Unicast Addresses” RFC 4193 DOI 10.17487/RFC4193<br><a href="https://www.rfc-editor.org/info/rfc4193">https://www.rfc-editor.org/info/rfc4193</a><br>,<br>,<br>,<br>, October 2005,<br>.<br>[RFC4291]<br>Hinden, R. and S. Deering “IP Version 6 Addressing Architecture” RFC 4291 DOI<br>10.17487/RFC4291<br><a href="https://www.rfc-editor.org/info/rfc4291">https://www.rfc-editor.org/info/rfc4291</a><br>,<br>,<br>,<br>, February 2006,<br>.<br>[RFC4397]<br>,<br>Bryskin, I. and A. Farrel “A Lexicography for the Interpretation of Generalized Multiprotocol Label Switching (GMPLS) Terminology within the Context of the ITU-T’s Automatically Switched Optical Network (ASON) Architecture” RFC 4397 DOI 10.17487/RFC4397<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc4397&gt;<br>,<br>,<br>, February 2006,<br>.<br>[RFC4427]<br>,<br>Mannie, E., Ed. and D. Papadimitriou, Ed. “Recovery (Protection and Restoration) Terminology for Generalized Multi-Protocol Label Switching (GMPLS)” RFC 4427 DOI 10.17487/RFC4427<br><a href="https://www.rfceditor.org/info/rfc4427">https://www.rfceditor.org/info/rfc4427</a><br>,<br>,<br>, March 2006,<br>.<br>[RFC4655]<br>Farrel, A., Vasseur, J.-P., and J. Ash “A Path Computation Element (PCE)-Based Architecture” RFC 4655 DOI 10.17487/RFC4655<br><a href="https://www.rfceditor.org/info/rfc4655">https://www.rfceditor.org/info/rfc4655</a><br>,<br>,<br>,<br>, August 2006,<br>.<br>[RFC4821]<br>Mathis, M. and J. Heffner “Packetization Layer Path MTU Discovery” RFC 4821 DOI 10.17487/RFC4821<br><a href="https://www.rfc-editor.org/info/rfc4821">https://www.rfc-editor.org/info/rfc4821</a><br>,<br>,<br>,<br>, March 2007,<br>.<br>[RFC4838]<br>Cerf, V., Burleigh, S., Hooke, A., Torgerson, L., Durst, R., Scott, K., Fall, K., and H. Weiss “Delay-Tolerant Networking Architecture” RFC 4838 DOI 10.17487/ RFC4838<br><a href="https://www.rfc-editor.org/info/rfc4838">https://www.rfc-editor.org/info/rfc4838</a><br>,<br>,<br>,<br>, April 2007,<br>.<br>[RFC4924]<br>Aboba, B., Ed. and E. Davies “Reflections on Internet Transparency” RFC 4924 DOI 10.17487/RFC4924<br><a href="https://www.rfc-editor.org/info/rfc4924">https://www.rfc-editor.org/info/rfc4924</a><br>,<br>,<br>,<br>, July 2007,<br>.<br>[RFC5704]<br>Bryant, S., Ed., Morrow, M., Ed., and IAB “Uncoordinated Protocol Development Considered Harmful” RFC 5704 DOI 10.17487/RFC5704 <a href="https://www.rfc-editor.org/info/rfc5704">https://www.rfc-editor.org/info/rfc5704</a><br>,<br>,<br>,<br>, November 2009,<br>.<br>[RFC6294]<br>Hu, Q. and B. Carpenter “Survey of Proposed Use Cases for the IPv6 Flow Label” RFC 6294 DOI 10.17487/RFC6294<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc6294&gt;<br>,<br>,<br>,<br>, June 2011,<br>.<br>[RFC6325]<br>,<br>,<br>,<br>, July<br>2011,<br>.<br>Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A. Ghanwani “Routing Bridges (RBridges): Base Protocol Specification” RFC 6325 DOI 10.17487/RFC6325<br><a href="https://www.rfc-editor.org/info/rfc6325">https://www.rfc-editor.org/info/rfc6325</a><br>[RFC6398]<br>,<br>,<br>,<br>,<br>, October 2011,<br>.<br>Le Faucheur, F., Ed. “IP Router Alert Considerations and Usage” BCP 168 RFC<br>6398 DOI 10.17487/RFC6398<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc6398&gt;<br>[RFC6407]<br>,<br>,<br>,<br>, October 2011,<br>.<br>Weis, B., Rowles, S., and T. Hardjono “The Group Domain of Interpretation” RFC 6407 DOI 10.17487/RFC6407<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc6407&gt;<br>[RFC6709]<br>Carpenter, B., Aboba, B., Ed., and S. Cheshire “Design Considerations for Protocol Extensions” RFC 6709 DOI 10.17487/RFC6709<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc6709&gt;">www.rfc-editor.org/info/rfc6709&gt;</a><br>,<br>,<br>,<br>, September 2012,<br>.<br>[RFC6947]<br>Boucadair, M., Kaplan, H., Gilman, R., and S. Veikkolainen “The Session Description Protocol (SDP) Alternate Connectivity (ALTC) Attribute” RFC 6947 DOI 10.17487/RFC6947<br><a href="https://www.rfc-editor.org/info/rfc6947">https://www.rfc-editor.org/info/rfc6947</a><br>,<br>,<br>,<br>, May 2013,<br>.<br>[RFC6950]<br>Peterson, J., Kolkman, O., Tschofenig, H., and B. Aboba “Architectural Considerations on Application Features in the DNS” RFC 6950 DOI 10.17487/ RFC6950<br><a href="https://www.rfc-editor.org/info/rfc6950">https://www.rfc-editor.org/info/rfc6950</a><br>,<br>,<br>,<br>, October 2013,<br>.<br>[RFC7045]<br>Carpenter, B. and S. Jiang “Transmission and Processing of IPv6 Extension Headers” RFC 7045 DOI 10.17487/RFC7045<br><a href="https://www.rfceditor.org/info/rfc7045">https://www.rfceditor.org/info/rfc7045</a><br>,<br>,<br>,<br>, December 2013,<br>.<br>[RFC7228]<br>Bormann, C., Ersue, M., and A. Keranen “Terminology for Constrained-Node Networks” RFC 7228 DOI 10.17487/RFC7228<br><a href="https://www.rfceditor.org/info/rfc7228">https://www.rfceditor.org/info/rfc7228</a><br>,<br>,<br>,<br>, May 2014,<br>.<br>[RFC7368]<br>,<br>,<br>,<br>, October<br>2014,<br>.<br>Chown, T., Ed., Arkko, J., Brandt, A., Troan, O., and J. Weil “IPv6 Home Networking Architecture Principles” RFC 7368 DOI 10.17487/RFC7368<br><a href="https://www.rfc-editor.org/info/rfc7368">https://www.rfc-editor.org/info/rfc7368</a><br>[RFC7381]<br>Chittimaneni, K., Chown, T., Howard, L., Kuarsingh, V., Pouffary, Y., and E. Vyncke “Enterprise IPv6 Deployment Guidelines” RFC 7381 DOI 10.17487/ RFC7381<br><a href="https://www.rfc-editor.org/info/rfc7381">https://www.rfc-editor.org/info/rfc7381</a><br>,<br>,<br>,<br>, October 2014,<br>.<br>[RFC7556]<br>Anipko, D., Ed. “Multiple Provisioning Domain Architecture” RFC 7556 DOI 10.17487/RFC7556<br><a href="https://www.rfc-editor.org/info/rfc7556">https://www.rfc-editor.org/info/rfc7556</a><br>,<br>,<br>,<br>, June 2015,<br>.<br>[RFC7663]<br>Trammell, B., Ed. and M. Kuehlewind, Ed. “Report from the IAB Workshop on Stack Evolution in a Middlebox Internet (SEMI)” RFC 7663 DOI 10.17487/ RFC7663<br><a href="https://www.rfc-editor.org/info/rfc7663">https://www.rfc-editor.org/info/rfc7663</a><br>,<br>,<br>,<br>, October 2015,<br>.<br>[RFC7665]<br>Halpern, J., Ed. and C. Pignataro, Ed. “Service Function Chaining (SFC) Architecture” RFC 7665 DOI 10.17487/RFC7665<br><a href="https://www.rfceditor.org/info/rfc7665">https://www.rfceditor.org/info/rfc7665</a><br>,<br>,<br>,<br>, October 2015,<br>.<br>[RFC7754]<br>,<br>,<br>,<br>, March 2016,<br>.<br>Barnes, R., Cooper, A., Kolkman, O., Thaler, D., and E. Nordmark “Technical Considerations for Internet Service Blocking and Filtering” RFC 7754 DOI 10.17487/RFC7754<br><a href="https://www.rfc-editor.org/info/rfc7754">https://www.rfc-editor.org/info/rfc7754</a><br>[RFC7788]<br>,<br>,<br>,<br>, April 2016,<br>.<br>Stenberg, M., Barth, S., and P. Pfister “Home Networking Control Protocol” RFC<br>7788 DOI 10.17487/RFC7788<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc7788&gt;<br>[RFC7872]<br>,<br>,<br>,<br>, June 2016,<br>.<br>Gont, F., Linkova, J., Chown, T., and W. Liu “Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World” RFC 7872 DOI 10.17487/RFC7872<br><a href="https://www.rfc-editor.org/info/rfc7872">https://www.rfc-editor.org/info/rfc7872</a><br>[RFC8085]<br>Eggert, L., Fairhurst, G., and G. Shepherd “UDP Usage Guidelines” BCP 145 RFC 8085 DOI 10.17487/RFC8085<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8085&gt;<br>,<br>,<br>,<br>,<br>, March 2017,<br>.<br>[RFC8086]<br>Yong, L., Ed., Crabbe, E., Xu, X., and T. Herbert “GRE-in-UDP Encapsulation” RFC 8086 DOI 10.17487/RFC8086<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8086&gt;<br>,<br>,<br>,<br>, March 2017,<br>.<br>[RFC8100]<br>Geib, R., Ed. and D. Black “Diffserv-Interconnection Classes and Practice” RFC 8100 DOI 10.17487/RFC8100<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8100&gt;<br>,<br>,<br>,<br>, March 2017,<br>.<br>[RFC8151]<br>,<br>,<br>,<br>,<br>May 2017,<br>.<br>Yong, L., Dunbar, L., Toy, M., Isaac, A., and V. Manral “Use Cases for Data Center Network Virtualization Overlay Networks” RFC 8151 DOI 10.17487/RFC8151<br><a href="https://www.rfc-editor.org/info/rfc8151">https://www.rfc-editor.org/info/rfc8151</a><br>[RFC8200]<br>Deering, S. and R. Hinden “Internet Protocol, Version 6 (IPv6) Specification” STD 86 RFC 8200 DOI 10.17487/RFC8200<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8200&gt;<br>,<br>,<br>,<br>,<br>, July 2017,<br>.<br>[RFC8300]<br>Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed. “Network Service Header (NSH)” RFC 8300 DOI 10.17487/RFC8300<br><a href="https://www.rfceditor.org/info/rfc8300">https://www.rfceditor.org/info/rfc8300</a><br>,<br>,<br>,<br>, January 2018,<br>.<br>[RFC8402]<br>,<br>,<br>,<br>, July<br>2018,<br>.<br>Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir “Segment Routing Architecture” RFC 8402 DOI 10.17487/RFC8402<br><a href="https://www.rfc-editor.org/info/rfc8402">https://www.rfc-editor.org/info/rfc8402</a><br>[RFC8445]<br>,<br>Keranen, A., Holmberg, C., and J. Rosenberg “Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal” RFC 8445 DOI 10.17487/RFC8445<br><a href="https://www.rfceditor.org/info/rfc8445">https://www.rfceditor.org/info/rfc8445</a><br>,<br>,<br>, July 2018,<br>.<br>[RFC8517]<br>,<br>Dolson, D., Ed., Snellman, J., Boucadair, M., Ed., and C. Jacquenet “An Inventory of Transport-Centric Functions Provided by Middleboxes: An Operator Perspective” RFC 8517 DOI 10.17487/RFC8517<br><a href="https://www.rfceditor.org/info/rfc8517">https://www.rfceditor.org/info/rfc8517</a><br>,<br>,<br>, February 2019,<br>.<br>[RFC8557]<br>Finn, N. and P. Thubert “Deterministic Networking Problem Statement” RFC 8557 DOI 10.17487/RFC8557<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8557&gt;<br>,<br>,<br>,<br>, May 2019,<br>.<br>[RFC8568]<br>Bernardos, CJ., Rahman, A., Zuniga, JC., Contreras, LM., Aranda, P., and P. Lynch<br>“Network Virtualization Research Challenges” RFC 8568 DOI 10.17487/RFC8568<br><a href="https://www.rfc-editor.org/info/rfc8568">https://www.rfc-editor.org/info/rfc8568</a><br>,<br>,<br>,<br>,<br>April 2019,<br>.<br>[RFC8578]<br>Grossman, E., Ed. “Deterministic Networking Use Cases” RFC 8578 DOI 10.17487/RFC8578<br><a href="https://www.rfc-editor.org/info/rfc8578">https://www.rfc-editor.org/info/rfc8578</a><br>,<br>,<br>,<br>, May 2019,<br>.<br>[RFC8655]<br>Finn, N., Thubert, P., Varga, B., and J. Farkas “Deterministic Networking Architecture” RFC 8655 DOI 10.17487/RFC8655<br><a href="https://www.rfceditor.org/info/rfc8655">https://www.rfceditor.org/info/rfc8655</a><br>,<br>,<br>,<br>, October 2019,<br>.<br>[RFC8754]<br>,<br>,<br>,<br>, March<br>2020,<br>.<br>Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer<br>“IPv6 Segment Routing Header (SRH)” RFC 8754 DOI 10.17487/RFC8754<br><a href="https://www.rfc-editor.org/info/rfc8754">https://www.rfc-editor.org/info/rfc8754</a><br>[SPB]<br>“IEEE Standard for Local and metropolitan area networks - Bridges and Bridged Networks” DOI 10.1109/IEEESTD.2018.8403927 IEEE 802.1Q-2018 <a href="https://ieeexplore.ieee.org/document/8403927">https://ieeexplore.ieee.org/document/8403927</a><br>,<br>,<br>, July 2018,<br>.<br>[SRV6-NETWORK]<br>Filsfils, C., Camarillo, P., Leddy, J., Voyer, D., Matsushima, S., and Z. Li “SRv6<br>Network Programming” Work in Progress Internet-Draft, draft-ietf-spring-srv6- network-programming-16<br><a href="https://tools.ietf.org/html/draft-ietfspring-srv6-network-programming-16">https://tools.ietf.org/html/draft-ietfspring-srv6-network-programming-16</a><br>,<br>,<br>,<br>, 27 June 2020,<br>.<br>[USER-PLANE-PROTOCOL]<br>Homma, S., Miyasaka, T., Matsushima, S., and D. Voyer “User Plane<br>Protocol and Architectural Analysis on 3GPP 5G System” Work in Progress Internet-Draft, draft-ietf-dmm-5g-uplane-analysis-03<br>&lt;https://<br>tools.ietf.org/html/draft-ietf-dmm-5g-uplane-analysis-03&gt;<br>,<br>,<br>,<br>, 3 November 2019,<br>. </p><h2 id="Appendix-A-Taxonomy-Of-Limited-Domains-1"><a href="#Appendix-A-Taxonomy-Of-Limited-Domains-1" class="headerlink" title="Appendix A. Taxonomy Of Limited Domains"></a>Appendix A. Taxonomy Of Limited Domains</h2><p>This appendix develops a taxonomy for describing limited domains. Several major aspects are considered in this taxonomy:</p><ul><li>The domain as a whole </li><li>The individual nodes </li><li>The domain boundary </li><li>The domain’s topology </li><li>The domain’s technology </li><li>How the domain connects to the Internet </li><li>The security, trust, and privacy model </li><li>Operations<br>The following sub-sections analyze each of these aspects.</li></ul><h2 id="A-1-Domain-As-A-Whole"><a href="#A-1-Domain-As-A-Whole" class="headerlink" title="A.1. Domain As A Whole"></a>A.1. Domain As A Whole</h2><ul><li>Why does the domain exist? (e.g., human choice, administrative policy, orchestration requirements, technical requirements such as operational partitioning for scaling reasons) </li><li>If there are special requirements, are they at Layer 2, Layer 3, or an upper layer? </li><li>Where does the domain lie on the spectrum between completely managed by humans and completely autonomic? </li><li>If managed, what style of management applies? (Manual configuration, automated configuration, orchestration?) </li><li>Is there a policy model? (Intent, configuration policies?) </li><li>Does the domain provide controlled or paid service or open access? </li></ul><h2 id="A-2-Individual-Nodes"><a href="#A-2-Individual-Nodes" class="headerlink" title="A.2. Individual Nodes"></a>A.2. Individual Nodes</h2><ul><li>Is a domain member a complete node or only one interface of a node? </li><li>Are nodes permanent members of a given domain, or are join and leave operations possible?</li><li>Are nodes physical or virtual devices? </li><li>Are virtual nodes general purpose or limited to specific functions, applications, or users? </li><li>Are nodes constrained (by battery, etc.)? </li><li>Are devices installed “out of the box” or pre-configured? </li></ul><h2 id="A-3-Domain-Boundary"><a href="#A-3-Domain-Boundary" class="headerlink" title="A.3. Domain Boundary"></a>A.3. Domain Boundary</h2><ul><li>How is the domain boundary identified or defined? </li><li>Is the domain boundary fixed or dynamic? </li><li>Are boundary nodes special, or can any node be at the boundary? </li></ul><h2 id="A-4-Topology"><a href="#A-4-Topology" class="headerlink" title="A.4. Topology"></a>A.4. Topology</h2><ul><li>Is the domain a subset of a Layer 2 or 3 connectivity domain? </li><li>Does the domain overlap other domains? (In other words, is a node allowed to be a member of multiple domains?) </li><li>Does the domain match physical topology, or does it have a virtual (overlay) topology? </li><li>Is the domain in a single building, vehicle, or campus? Or is it distributed? </li><li>If distributed, are the interconnections private or over the Internet? </li><li>In IP addressing terms, is the domain Link local, Site local, or Global? </li><li>Does the scope of IP unicast or multicast addresses map to the domain boundary? </li></ul><h2 id="A-5-Technology"><a href="#A-5-Technology" class="headerlink" title="A.5. Technology"></a>A.5. Technology</h2><ul><li>What routing protocol(s) or different forwarding mechanisms (MPLS or other non-IP<br>mechanism) are used? </li><li>In an overlay domain, what overlay technique is used (L2VPN, L3VPN, etc.)? </li><li>Are there specific QoS requirements? </li><li>Link latency - Normal or long latency links? </li><li>Mobility - Are nodes mobile? Is the whole network mobile? </li><li>Which specific technologies, such as those in Section 4, are applicable? </li></ul><h2 id="A-6-Connection-To-The-Internet"><a href="#A-6-Connection-To-The-Internet" class="headerlink" title="A.6. Connection To The Internet"></a>A.6. Connection To The Internet</h2><ul><li>Is the Internet connection permanent or intermittent? (Never connected is out of scope.) </li><li>What traffic is blocked, in and out? </li><li>What traffic is allowed, in and out? </li><li>What traffic is transformed, in and out? </li><li>Is secure and privileged remote access needed? </li><li>Does the domain allow unprivileged remote sessions? </li></ul><h2 id="A-7-Security-Trust-And-Privacy-Model"><a href="#A-7-Security-Trust-And-Privacy-Model" class="headerlink" title="A.7. Security, Trust, And Privacy Model"></a>A.7. Security, Trust, And Privacy Model</h2><ul><li>Must domain members be authorized? </li><li>Are all nodes in the domain at the same trust level? </li><li>Is traffic authenticated? </li><li>Is traffic encrypted? </li><li>What is hidden from the outside? </li></ul><h2 id="A-8-Operations"><a href="#A-8-Operations" class="headerlink" title="A.8. Operations"></a>A.8. Operations</h2><ul><li>Safety level - Does the domain have a critical (human) safety role? </li><li>Reliability requirement - Normal or 99.999%? </li><li>Environment - Hazardous conditions? </li><li>Installation - Are specialists needed? </li><li>Service visits - Easy, difficult, or impossible? </li><li>Software/firmware updates - Possible or impossible? </li></ul><h2 id="A-9-Making-Use-Of-This-Taxonomy"><a href="#A-9-Making-Use-Of-This-Taxonomy" class="headerlink" title="A.9. Making Use Of This Taxonomy"></a>A.9. Making Use Of This Taxonomy</h2><p>This taxonomy could be used to design or analyze a specific type of limited domain. For the present document, it is intended only to form a background to the scope of protocols used in limited domains and the mechanisms required to securely define domain membership and properties.</p><h2 id="Acknowledgements"><a href="#Acknowledgements" class="headerlink" title="Acknowledgements"></a>Acknowledgements</h2><p>Amelia Andersdotter Edward Birrane David Black Ron Bonica Mohamed Boucadair Tim Chown Darren Dukes Donald Eastlake Adrian Farrel Tom Herbert Ben Kaduk John Klensin Mirja Kuehlewind Warren Kumari Andy Malis Michael Richardson Mark Smith Rick Taylor Niels ten Oever Useful comments were received from<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>, and others.</p><h2 id="Contributors"><a href="#Contributors" class="headerlink" title="Contributors"></a>Contributors</h2><p>Sheng Jiang Huawei Technologies Q14, Huawei Campus No. 156 Beiqing Road Hai-Dian District, Beijing 100095 China <a href="mailto:&#106;&#105;&#97;&#x6e;&#x67;&#115;&#x68;&#x65;&#110;&#x67;&#x40;&#x68;&#117;&#97;&#119;&#x65;&#105;&#x2e;&#99;&#x6f;&#x6d;">&#106;&#105;&#97;&#x6e;&#x67;&#115;&#x68;&#x65;&#110;&#x67;&#x40;&#x68;&#117;&#97;&#119;&#x65;&#105;&#x2e;&#99;&#x6f;&#x6d;</a> Email:</p><h2 id="Authors’-Addresses"><a href="#Authors’-Addresses" class="headerlink" title="Authors’ Addresses"></a>Authors’ Addresses</h2><p>Brian Carpenter The University of Auckland School of Computer Science University of Auckland PB 92019</p><p>Auckland 1142<br>New Zealand <a href="mailto:&#x62;&#x72;&#105;&#x61;&#110;&#x2e;&#x65;&#46;&#99;&#97;&#x72;&#112;&#101;&#110;&#x74;&#x65;&#114;&#x40;&#x67;&#x6d;&#x61;&#105;&#108;&#x2e;&#99;&#x6f;&#109;">&#x62;&#x72;&#105;&#x61;&#110;&#x2e;&#x65;&#46;&#99;&#97;&#x72;&#112;&#101;&#110;&#x74;&#x65;&#114;&#x40;&#x67;&#x6d;&#x61;&#105;&#108;&#x2e;&#99;&#x6f;&#109;</a> Email: Bing Liu Huawei Technologies Q14, Huawei Campus No. 156 Beiqing Road Hai-Dian District, Beijing<br>100095 China <a href="mailto:&#x6c;&#x65;&#x6f;&#46;&#108;&#x69;&#x75;&#98;&#105;&#110;&#x67;&#x40;&#104;&#x75;&#97;&#x77;&#101;&#x69;&#46;&#99;&#x6f;&#x6d;">&#x6c;&#x65;&#x6f;&#46;&#108;&#x69;&#x75;&#98;&#105;&#110;&#x67;&#x40;&#104;&#x75;&#97;&#x77;&#101;&#x69;&#46;&#99;&#x6f;&#x6d;</a> Email:</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/12/11/2023/rfc8765_2/"/>
      <url>/2023/12/11/2023/rfc8765_2/</url>
      
        <content type="html"><![CDATA[<p>Stream:<br>Internet Engineering Task Force (IETF)<br>RFC:<br>8765<br>Category:<br>Standards Track Published:<br>June 2020<br>ISSN:<br>2070-1721<br>Authors:</p><p>T. Pusateri Una�liated S. Cheshire Apple Inc.</p><h2 id="Rfc-8765-Dns-Push-Notifications-Abstract"><a href="#Rfc-8765-Dns-Push-Notifications-Abstract" class="headerlink" title="Rfc 8765 Dns Push Notifications Abstract"></a>Rfc 8765 Dns Push Notifications Abstract</h2><p>The Domain Name System (DNS) was designed to return matching records efficiently for queries for data that are relatively static. When those records change frequently, DNS is still efficient at returning the updated results when polled, as long as the polling rate is not too high. But, there exists no mechanism for a client to be asynchronously notified when these changes occur. This document defines a mechanism for a client to be notified of such changes to DNS records, called DNS Push Notifications.</p><h2 id="Status-Of-This-Memo"><a href="#Status-Of-This-Memo" class="headerlink" title="Status Of This Memo"></a>Status Of This Memo</h2><p>This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at<br>.</p><p><a href="https://www.rfc-editor.org/info/rfc8765">https://www.rfc-editor.org/info/rfc8765</a></p><h2 id="Copyright-Notice"><a href="#Copyright-Notice" class="headerlink" title="Copyright Notice"></a>Copyright Notice</h2><p>Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.</p><p><a href="https://trustee.ietf.org/license-info">https://trustee.ietf.org/license-info</a> This document is subject to BCP 78 and the IETF Trust’s Legal Provisions Relating to IETF Documents (<br>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.</p><h2 id="Table-Of-Contents"><a href="#Table-Of-Contents" class="headerlink" title="Table Of Contents"></a>Table Of Contents</h2><ol><li> Introduction</li><li><ol><li> Requirements Language</li></ol></li><li><ol start="2"><li> Fatal Errors</li></ol></li><li> Motivation 3.  Overview 4.  State Considerations 5.  Transport</li><li> Protocol Operation</li><li><ol><li> Discovery</li></ol></li><li><ol start="2"><li> DNS Push Notification SUBSCRIBE</li></ol></li><li>2.1.  SUBSCRIBE Request</li><li>2.2.  SUBSCRIBE Response</li><li><ol start="3"><li> DNS Push Notification Updates</li></ol></li><li>3.1.  PUSH Message</li><li><ol start="4"><li> DNS Push Notification UNSUBSCRIBE</li></ol></li><li>4.1.  UNSUBSCRIBE Message</li><li><ol start="5"><li> DNS Push Notification RECONFIRM</li></ol></li><li>5.1.  RECONFIRM Message</li><li><ol start="6"><li> DNS Stateful Operations TLV Context Summary 6.7.  Client-Initiated Termination 6.8.  Client Fallback to Polling</li></ol></li><li> Security Considerations</li><li><ol><li> Security Services</li></ol></li><li><ol start="2"><li> TLS Name Authentication 7.3.  TLS Early Data 7.4.  TLS Session Resumption</li></ol></li><li> IANA Considerations 9.  References</li><li><ol><li> Normative References</li></ol></li><li><ol start="2"><li> Informative References<br>Acknowledgments Authors’ Addresses</li></ol></li></ol><h2 id="1-Introduction"><a href="#1-Introduction" class="headerlink" title="1. Introduction"></a>1. Introduction</h2><p>[RFC2136]<br>[RFC8766]<br>[RFC6763]<br>Domain Name System (DNS) records may be updated using DNS Update<br>. Other mechanisms such as a Discovery Proxy can also generate changes to a DNS zone. This document specifies a protocol for DNS clients to subscribe to receive asynchronous notifications of changes to RRsets of interest. It is immediately relevant in the case of DNS-based Service Discovery but is not limited to that use case; it provides a general DNS mechanism for DNS record change notifications. Familiarity with the DNS protocol and DNS packet formats is assumed </p><p>.</p><p>[RFC1034] [RFC1035] [RFC6895]</p><h2 id="1-1-Requirements-Language"><a href="#1-1-Requirements-Language" class="headerlink" title="1.1. Requirements Language"></a>1.1. Requirements Language</h2><p>MUST<br>      MUST NOT<br>               REQUIRED<br>                        SHALL<br>                               SHALL NOT<br>                                         SHOULD<br>                                                 SHOULD</p><p>NOT<br>     RECOMMENDED<br>                  NOT RECOMMENDED<br>                                   MAY<br>                                           OPTIONAL<br>                           [RFC2119] [RFC8174]</p><p>The key words “<br>                    “, “<br>                                “, “<br>                                            “, “<br>                                                     “, “<br>                                                                  “, “<br>                                                                            “, “<br>   “, “<br>                     “, “<br>                                           “, “<br>                                                 “, and “<br>                                                                  “ in this document are to<br>be interpreted as described in BCP 14 </p><pre><code>                                                    when, and only when, they appear in</code></pre><p>all capitals, as shown here.</p><h2 id="1-2-Fatal-Errors"><a href="#1-2-Fatal-Errors" class="headerlink" title="1.2. Fatal Errors"></a>1.2. Fatal Errors</h2><p>Certain invalid situations are described in this specification, such as a server sending a Push Notification subscription request to a client, or a client sending a Push Notification response to a server. These should never occur with a correctly implemented client and server, and if they do occur, then they indicate a serious implementation error. In these extreme cases, there is no reasonable expectation of a graceful recovery, and the recipient detecting the error should respond by unilaterally aborting the session without regard for data loss. Such cases are addressed by having an engineer investigate the cause of the failure and fixing the problem in the software. Where this specification says “forcibly abort”, it means sending a TCP RST to terminate the TCP connection and the TLS session running over that TCP connection. In the BSD Sockets API, this is achieved by setting the SO_LINGER option to zero before closing the socket.</p><h2 id="2-Motivation"><a href="#2-Motivation" class="headerlink" title="2. Motivation"></a>2. Motivation</h2><p>[OBS]<br>[XEP0060]<br>[RFC4287]<br>As the domain name system continues to adapt to new uses and changes in deployment, polling has the potential to burden DNS servers at many levels throughout the network. Other network protocols have successfully deployed a publish/subscribe model following the Observer design pattern<br>. Extensible Messaging and Presence Protocol (XMPP) Publish-Subscribe and Atom are examples. While DNS servers are generally highly tuned and capable of a high rate of query/response traffic, adding a publish/subscribe model for tracking changes to DNS records can deliver more timely notifications of changes with reduced CPU usage and lower network traffic.</p><p>[RFC1034]<br>The guiding design principle of DNS Push Notifications is that clients that choose to use DNS Push Notifications, instead of repeated polling with DNS queries, will receive the same results as they could via sufficiently rapid polling, except more efficiently. This means that the rules for which records match a given DNS Push Notification subscription are the same as the already established rules used to determine which records match a given DNS query<br>. For example, name comparisons are done in a case-insensitive manner, and a record of type CNAME in a zone matches any DNS TYPE in a query or subscription.</p><p>[RFC6762]<br>[RFC6763]<br>[RFC8766]<br>Multicast DNS<br> implementations always listen on a well-known link-local IP multicast group address, and changes are sent to that multicast group address for all group members to receive. Therefore, Multicast DNS already has asynchronous change notification capability. When DNS-based Service Discovery is used across a wide area network using Unicast DNS (possibly facilitated via a Discovery Proxy<br>), it would be beneficial to have an equivalent capability for Unicast DNS in order to allow clients to learn about DNS record changes in a timely manner without polling.</p><p>[RFC8764]<br>[RFC6281]<br>The DNS Long-Lived Queries (LLQ) mechanism is an existing deployed solution to provide asynchronous change notifications; it was used by Apple’s Back to My Mac service introduced in Mac OS X 10.5 Leopard in 2007. Back to My Mac was designed in an era when the data center operations staff asserted that it was impossible for a server to handle large numbers of TCP connections, even if those connections carried very little traffic and spent most of their time idle. Consequently, LLQ was defined as a UDP-based protocol, effectively replicating much of TCP’s connection state management logic in user space and creating its own imitation of existing TCP features like flow control, reliability, and the three-way handshake.</p><p>[RFC8490]<br>This document builds on experience gained with the LLQ protocol, with an improved design. Instead of using UDP, this specification uses DNS Stateful Operations (DSO)<br> running over TLS over TCP, and therefore doesn’t need to reinvent existing TCP functionality. Using TCP also gives long-lived low-traffic connections better longevity through NAT gateways without depending on the gateway to support NAT Port Mapping Protocol (NAT-PMP)<br> or Port Control Protocol (PCP)<br>, or resorting to excessive keepalive traffic.</p><p>[RFC6886]<br>[RFC6887]</p><h2 id="3-Overview"><a href="#3-Overview" class="headerlink" title="3. Overview"></a>3. Overview</h2><p>A DNS Push Notification client subscribes for Push Notifications for a particular RRset by connecting to the appropriate Push Notification server for that RRset and sending DSO message (s) indicating the RRset(s) of interest. When the client loses interest in receiving further updates to these records, it unsubscribes. The DNS Push Notification server for a DNS zone is any server capable of generating the correct change notifications for a name. It may be a primary, secondary, or stealth name server<br>.</p><p>[RFC8499]<br>MAY<br>MAY<br>OPTIONAL<br>The _dns‑push‑tls._tcp.<zone> SRV record for a zone reference the same target host and port as that zone’s _dns‑update‑tls._tcp.<zone> SRV record. When the same target host and port is offered for both DNS Updates and DNS Push Notifications, a client use a single DSO<br>session to that server for both DNS Updates and DNS Push Notification subscriptions. DNS Updates and DNS Push Notifications may be handled on different ports on the same target host, in which case they are not considered to be the “same server” for the purposes of this specification, and communications with these two ports are handled independently. Supporting DNS Updates and DNS Push Notifications on the same server is<br>. A DNS Push Notification server is not required to support DNS Update.</p><p>MAY<br>MUST<br>MUST<br>Standard DNS Queries be sent over a DNS Push Notification (i.e., DSO) session. For any zone for which the server is authoritative, it respond authoritatively for queries for names falling within that zone (e.g., the _dns‑push‑tls._tcp.<zone> SRV record) both for normal DNS<br>queries and for DNS Push Notification subscriptions. For names for which the server is acting as a recursive resolver (e.g., when the server is the local recursive resolver) for any query for which it supports DNS Push Notification subscriptions, it also support standard queries.</p><p>MUST NOT<br>DNS Push Notifications impose less load on the responding server than rapid polling would, but Push Notifications do still have a cost. Therefore, DNS Push Notification clients recklessly create an excessive number of Push Notification subscriptions. Specifically:</p><p>(a)<br>A subscription should only be active when there is a valid reason to need live data (for example, an on-screen display is currently showing the results to the user), and the subscription<br> be canceled as soon as the need for that data ends (for example,<br>when the user dismisses that display). In the case of a device like a smartphone that, after some period of inactivity, goes to sleep or otherwise darkens its screen, it should cancel its subscriptions when darkening the screen (since the user cannot see any changes on the display anyway) and reinstate its subscriptions when reawakening from display sleep.<br>SHOULD NOT<br>(b)<br>A DNS Push Notification client<br> routinely keep a DNS Push Notification<br>subscription active 24 hours a day, 7 days a week, just to keep a list in memory up to date so that if the user does choose to bring up an on-screen display of that data, it can be displayed really fast. DNS Push Notifications are designed to be fast enough that there is no need to pre-load a “warm” list in memory just in case it might be needed later.<br>[RFC8490]<br>Generally, as described in the DNS Stateful Operations specification<br>, a client must not keep a DSO session to a server open indefinitely if it has no subscriptions (or other operations) active on that session. A client should begin closing a DSO session immediately after it becomes idle, and then, if needed in the future, open a new session when required. Alternatively, a client may speculatively keep an idle DSO session open for some time, subject to the constraint that it must not keep a session open that has been idle for more than the session’s idle timeout (15 seconds by default)<br>.</p><p>[RFC8490]<br>Note that a DSO session that has an active DNS Push Notification subscription is not considered idle, even if there is no traffic flowing for an extended period of time. In this case, the DSO inactivity timeout does not apply, because the session is not inactive, but the keepalive interval does still apply, to ensure the generation of sufficient messages to maintain state in middleboxes (such at NAT gateways or firewalls) and for the client and server to periodically verify that they still have connectivity to each other. This is described in<br>.</p><p>Section 6.2 of the DSO specification<br>[RFC8490]</p><h2 id="4-State-Considerations"><a href="#4-State-Considerations" class="headerlink" title="4. State Considerations"></a>4. State Considerations</h2><p>Each DNS Push Notification server is capable of handling some finite number of Push Notification subscriptions. This number will vary from server to server and is based on physical machine characteristics, network capacity, and operating system resource allocation. After a client establishes a session to a DNS server, each subscription is individually accepted or rejected. Servers may employ various techniques to limit subscriptions to a manageable level. Correspondingly, the client is free to establish simultaneous sessions to alternate DNS servers that support DNS Push Notifications for the zone and distribute subscriptions at the client’s discretion. In this way, both clients and servers can react to resource constraints.</p><h2 id="5-Transport"><a href="#5-Transport" class="headerlink" title="5. Transport"></a>5. Transport</h2><p>[RFC2136] MAY<br>[RFC0768]<br>[RFC0793]<br>Other DNS operations like DNS Update </p><p> use either DNS over User Datagram Protocol (UDP)<br> or DNS over Transmission Control Protocol (TCP)<br> as the transport protocol, provided they follow the historical precedent that DNS queries must first be sent using DNS over UDP and only switch to DNS over TCP if needed<br>. This requirement to prefer UDP has subsequently been relaxed<br>.</p><p>[RFC1123]<br>[RFC7766]<br>In keeping with the more recent precedent, DNS Push Notification is defined only for TCP. DNS Push Notification clients use DNS Stateful Operations running over TLS over TCP<br>.</p><p>MUST<br>[RFC8490]<br>[RFC7858] Connection setup over TCP ensures return reachability and alleviates concerns of state overload at the server, a potential problem with connectionless protocols, which can be more vulnerable to being exploited by attackers using spoofed source addresses. All subscribers are guaranteed to be reachable by the server by virtue of the TCP three-way handshake. Flooding attacks are possible with any protocol, and a benefit of TCP is that there are already established industry best practices to guard against SYN flooding and similar attacks </p><p>.</p><p>[SYN] [RFC4953]<br>Use of TCP also allows DNS Push Notifications to take advantage of current and future developments in TCP such as Multipath TCP (MPTCP)<br>, TCP Fast Open (TFO)<br>, the TCP RACK fast loss detection algorithm<br>, and so on.</p><p>[RFC8684]<br>[RFC7413]<br>[TCPRACK]<br>[RFC8446]</p><h2 id="Required"><a href="#Required" class="headerlink" title="Required"></a>Required</h2><p>Transport Layer Security (TLS)<br> is well understood and is used by many applicationlayer protocols running over TCP. TLS is designed to prevent eavesdropping, tampering, and message forgery. TLS is for every connection between a client subscriber and server in this protocol specification. Additional security measures such as client authentication during TLS negotiation may also be employed to increase the trust relationship between client and server.</p><h2 id="6-Protocol-Operation"><a href="#6-Protocol-Operation" class="headerlink" title="6. Protocol Operation"></a>6. Protocol Operation</h2><p>The DNS Push Notification protocol is a session-oriented protocol and makes use of DNS Stateful Operations (DSO)<br>.</p><p>[RFC8490]<br>For details of the DSO message format, refer to the DNS Stateful Operations specification<br>. Those details are not repeated here.</p><p>[RFC8490]<br>MUST<br>DNS Push Notification clients and servers support DSO. A single server can support DNS<br>Queries, DNS Updates, and DNS Push Notifications (using DSO) on the same TCP port. A DNS Push Notification exchange begins with the client discovering the appropriate server, using the procedure described in Section 6.1, and then making a TLS/TCP connection to it.</p><p>MAY<br>After making the TLS/TCP connection to the server, a typical DNS Push Notification client will then immediately issue a DSO Keepalive operation to establish the DSO session and request a session timeout and/or keepalive interval longer than the 15-second default values, but this is not required. A DNS Push Notification client issue other requests on the session first, and only issue a DSO Keepalive operation later if it determines that to be necessary. Sending either a DSO Keepalive operation or a Push Notification subscription request over the TLS/TCP connection to the server signals the client’s support of DSO and serves to establish a DSO session.</p><p>MUST<br>In accordance with the current set of active subscriptions, the server sends relevant asynchronous Push Notifications to the client. Note that a client be prepared to receive<br>(and silently ignore) Push Notifications for subscriptions it has previously removed, since there is no way to prevent the situation where a Push Notification is in flight from server to client while the client’s UNSUBSCRIBE message canceling that subscription is simultaneously in flight from client to server.</p><h2 id="6-1-Discovery"><a href="#6-1-Discovery" class="headerlink" title="6.1. Discovery"></a>6.1. Discovery</h2><p>The first step in establishing a DNS Push Notification subscription is to discover an appropriate DNS server that supports DNS Push Notifications for the desired zone. The client begins by opening a DSO session to its normal configured DNS recursive resolver and requesting a Push Notification subscription. This connection is made to TCP port 853, the default port for DNS over TLS<br>. If the request for a Push Notification subscription is successful,<br>[RFC7858]<br>and the recursive resolver doesn’t already have an active subscription for that name, type, and class, then the recursive resolver will make a corresponding Push Notification subscription on the client’s behalf. Results received are relayed to the client. This is closely analogous to how a client sends a normal DNS query to its configured DNS recursive resolver, which, if it doesn’t already have appropriate answer(s) in its cache, issues an upstream query to satisfy the request.</p><p>[RFC8499]<br>In many contexts, the recursive resolver will be able to handle Push Notifications for all names that the client may need to follow. Use of VPN tunnels and Private DNS<br> can create some additional complexity in the client software here; the techniques to handle VPN tunnels and Private DNS for DNS Push Notifications are the same as those already used to handle this for normal DNS queries. If the recursive resolver does not support DNS over TLS, or supports DNS over TLS but is not listening on TCP port 853, or supports DNS over TLS on TCP port 853 but does not support DSO on that port, then the DSO session establishment will fail<br>.</p><p>[RFC8490]<br>If the recursive resolver does support DSO on TCP port 853 but does not support Push Notification subscriptions, then when the client attempts to create a subscription, the server will return the DSO error code DSOTYPENI (11). In some cases, the recursive resolver may support DSO and Push Notification subscriptions but may not be able to subscribe for Push Notifications for a particular name. In this case, the recursive resolver should return SERVFAIL to the client. This includes being unable to establish a connection to the zone’s DNS Push Notification server or establishing a connection but receiving a non-success response code. In some cases, where the client has a pre-established trust relationship with the owner of the zone (that is not handled via the usual mechanisms for VPN software), the client may handle these failures by contacting the zone’s DNS Push Notification server directly.</p><p>MUST<br>In any of the cases described above where the client fails to establish a DNS Push Notification subscription via its configured recursive resolver, the client should proceed to discover the appropriate server for direct communication. The client also determine on which TCP port the server is listening for connections, which need not be, and often is not, TCP port 53<br>(traditionally used for conventional DNS) or TCP port 853 (traditionally used for DNS over TLS).</p><p>The discovery algorithm described here is an iterative algorithm, which starts with the full name of the record to which the client wishes to subscribe. Successive SOA queries are then issued, trimming one label each time, until the closest enclosing authoritative server is discovered. There is also an optimization to enable the client to take a “short cut” directly to the SOA record of the closest enclosing authoritative server in many cases.</p><ol><li>[RFC1035]<br>[RFC8010] [RFC8011] The client begins the discovery by sending a DNS query to its local resolver, with record type SOA<br>for the record name to which it wishes to subscribe. As an example, suppose<br>the client wishes to subscribe to PTR records with the name _ipp._tcp.headoffice.example.com (to discover Internet Printing Protocol (IPP) printers </li></ol><p> being advertised in the head office of Example Company). The client<br>begins by sending an SOA query for _ipp._tcp.headoffice.example.com to the local<br>recursive resolver. The goal is to determine the server that is authoritative for the name _ipp._tcp.headoffice.example.com. The closest enclosing DNS zone containing the name _ipp._tcp.headoffice.example.com could be example.com, or headoffice.example.com, or _tcp.headoffice.example.com, or even _ipp._tcp.headoffice.example.com. The client does not know in advance where the closest enclosing zone cut occurs, which is why it uses the iterative procedure described here to discover this information. </p><ol start="2"><li>If the requested SOA record exists, it will be returned in the Answer Section with a NOERROR response code, and the client has succeeded in discovering the information it needs.<br>(This language is not placing any new requirements on DNS recursive resolvers. This text merely describes the existing operation of the DNS protocol </li></ol><p>.)<br>[RFC1034] [RFC1035]</p><ol start="3"><li><p>If the requested SOA record does not exist, the client will get back a NOERROR/NODATA response or an NXDOMAIN/Name Error response. In either case, the local resolver would<br>normally include the SOA record for the closest enclosing zone of the requested name in the Authority Section. If the SOA record is received in the Authority Section, then the client has succeeded in discovering the information it needs.<br>(This language is not placing any new requirements on DNS recursive resolvers. This text merely describes the existing operation of the DNS protocol regarding negative responses<br>.)<br>[RFC2308]</p></li><li><p>If the client receives a response containing no SOA record, then it proceeds with the iterative approach. The client strips the leading label from the current query name, and if the resulting name has at least two labels in it, then the client sends an SOA query for that new name and processing continues at step 2 above, repeating the iterative search until either an SOA is received or the query name consists of a single label, i.e., a Top-Level Domain (TLD). In the case of a single-label name (TLD), this is a network configuration error, which should not happen, and the client gives up. The client may retry the operation at a later time of the client’s choosing, such as after a change in network attachment. </p></li><li><p>[RFC2782]<br>Once the SOA is known (by virtue of being seen either in the Answer Section or in the Authority Section), the client sends a DNS query with type SRV<br>for the record<br>name _dns‑push‑tls._tcp.<zone>, where <zone> is the owner name of the discovered SOA record. </p></li><li><p>MUST<br>MAY<br>SHOULD<br>If the zone in question is set up to offer DNS Push Notifications, then this SRV record exist. (If this SRV record does not exist, then the zone is not correctly configured for DNS Push Notifications as specified in this document.) The SRV target contains the name of the server providing DNS Push Notifications for the zone. The port number on which to contact the server is in the SRV record port field. The address(es) of the target host<br>be included<br>in the Additional Section, however, the address records<br>be authenticated before use<br>as described in Section 7.2 and in the specification for using DNS-Based Authentication of Named Entities (DANE) TLSA Records with SRV Records<br>, if applicable.<br>[RFC7673]</p></li><li><p>[RFC2782]<br>More than one SRV record may be returned. In this case, the priority and weight values in<br>the returned SRV records are used to determine the order in which to contact the servers for subscription requests. As described in the SRV specification<br>, the server with the<br>lowest priority is first contacted. If more than one server has the same priority, the<br>weight indicates the weighted probability that the client should contact that server. Higher weights have higher probabilities of being selected. If a server is not willing to accept a subscription request, or is not reachable within a reasonable time, as determined by the client, then a subsequent server is to be contacted. </p></li></ol><p>SHOULD<br>SHOULD<br>MUST<br>Each time a client makes a new DNS Push Notification subscription, it repeat the discovery process in order to determine the preferred DNS server for that subscription at that time. If a client already has a DSO session with that DNS server, the client reuse that existing DSO session for the new subscription; otherwise, a new DSO session is established. The client respect the DNS TTL values on records it receives while performing the discovery process and store them in its local cache with this lifetime (as it will generally do anyway for all DNS queries it performs). This means that, as long as the DNS TTL values on the authoritative records are set to reasonable values, repeated application of the discovery process can be completed practically instantaneously by the client, using only locally stored cached data.</p><h2 id="6-2-Dns-Push-Notification-Subscribe"><a href="#6-2-Dns-Push-Notification-Subscribe" class="headerlink" title="6.2. Dns Push Notification Subscribe"></a>6.2. Dns Push Notification Subscribe</h2><p>[RFC8490]<br>After connecting, and requesting a longer idle timeout and/or keepalive interval if necessary, a DNS Push Notification client then indicates its desire to receive DNS Push Notifications for a given domain name by sending a SUBSCRIBE request to the server. A SUBSCRIBE request is encoded in a DSO message<br>. This specification defines a DSO Primary TLV for DNS Push Notification SUBSCRIBE Requests (DSO Type Code 0x0040). DSO messages with the SUBSCRIBE TLV as the Primary TLV are permitted in TLS early data, provided that the precautions described in Section 7.3 are followed.</p><p>MUST NOT<br>MUST<br>The entity that initiates a SUBSCRIBE request is by definition the client. A server send a SUBSCRIBE request over an existing session from a client. If a server does send a SUBSCRIBE request over a DSO session initiated by a client, this is a fatal error and the client forcibly abort the connection immediately.</p><p>MUST NOT<br>MUST<br>Each SUBSCRIBE request generates exactly one SUBSCRIBE response from the server. The entity that initiates a SUBSCRIBE response is by definition the server. A client send a SUBSCRIBE response. If a client does send a SUBSCRIBE response, this is a fatal error and the server forcibly abort the connection immediately.</p><h2 id="6-2-1-Subscribe-Request"><a href="#6-2-1-Subscribe-Request" class="headerlink" title="6.2.1. Subscribe Request"></a>6.2.1. Subscribe Request</h2><p>[RFC8490]<br>A SUBSCRIBE request begins with the standard DSO 12-byte header<br>, followed by the SUBSCRIBE Primary TLV. A SUBSCRIBE request is illustrated in Figure 1.</p><p>MUST<br>MUST<br>The MESSAGE ID field be set to a unique value that the client is not using for any other active operation on this DSO session. For the purposes here, a MESSAGE ID is in use on this session if either the client has used it in a request for which it has not yet received a response, or if the client has used it for a subscription that it has not yet canceled using UNSUBSCRIBE. In the SUBSCRIBE response, the server echo back the MESSAGE ID value unchanged.</p><p>MUST<br>DSO specification [RFC8490]<br>The other header fields be set as described in the<br>. The DNS<br>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><h2 id="The-Dso-Type-Is-Subscribe-0X0040"><a href="#The-Dso-Type-Is-Subscribe-0X0040" class="headerlink" title="The Dso-Type Is Subscribe (0X0040)."></a>The Dso-Type Is Subscribe (0X0040).</h2><p>The DSO-LENGTH is the length of the DSO-DATA that follows, which specifies the name, type, and class of the record(s) being sought.</p><pre><code>                               1  1  1  1  1  1 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+  \ |                  MESSAGE ID                   |   \ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |QR| OPCODE(6) |         Z          |   RCODE   |    |</code></pre><p>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    | |             QDCOUNT (MUST BE ZERO)            |    | +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER |             ANCOUNT (MUST BE ZERO)            |    | +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    | |             NSCOUNT (MUST BE ZERO)            |    | +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    | |             ARCOUNT (MUST BE ZERO)            |   / +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  / |         DSO-TYPE = SUBSCRIBE (0x0040)         | +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+ |   DSO-LENGTH (number of octets in DSO-DATA)   | +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \ \                     NAME                      \   \ +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    | |                     TYPE                      |     &gt; DSO-DATA +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    | |                     CLASS                     |   / +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p>MUST<br>The DSO-DATA for a SUBSCRIBE request contain exactly one NAME, TYPE, and CLASS. Since SUBSCRIBE requests are sent over TCP, multiple SUBSCRIBE DSO request messages can be concatenated in a single TCP stream and packed efficiently into TCP segments. If accepted, the subscription will stay in effect until the client cancels the subscription using UNSUBSCRIBE or until the DSO session between the client and the server is closed.</p><p>MUST<br>MUST NOT<br>[RFC0020]<br>MUST<br>SUBSCRIBE requests on a given session be unique. A client send a SUBSCRIBE<br>message that duplicates the name, type and class of an existing active subscription on that DSO session. For the purpose of this matching, the established DNS case insensitivity for US-ASCII letters applies (e.g., “example.com” and “Example.com” are the same). If a server receives such a duplicate SUBSCRIBE message, this is a fatal error and the server forcibly abort the connection immediately. DNS wildcarding is not supported. That is, an asterisk character (“<em>“) in a SUBSCRIBE message matches only a literal asterisk character (“</em>“) in a name and nothing else. Similarly, a CNAME in a SUBSCRIBE message matches only a CNAME record with that name in the zone and no other records with that name.</p><p>A client may SUBSCRIBE to records that are unknown to the server at the time of the request (providing that the name falls within one of the zone(s) the server is responsible for), and this is not an error. The server return NXDOMAIN in this case. The server accept these requests and send Push Notifications if and when matching records are found in the future. If neither TYPE nor CLASS are ANY (255), then this is a specific subscription to changes for the given name, type, and class. If one or both of TYPE or CLASS are ANY (255), then this subscription matches all types and/or all classes as appropriate. NOTE: A little-known quirk of DNS is that in DNS QUERY requests, QTYPE and QCLASS 255 mean<br>“ANY”, not “ALL”. They indicate that the server should respond with ANY matching records of its choosing, not necessarily ALL matching records. This can lead to some surprising and unexpected results, where a query returns some valid answers, but not all of them, and makes QTYPE = 255 (ANY) queries less useful than people sometimes imagine. When used in conjunction with SUBSCRIBE, TYPE 255 and CLASS 255 should be interpreted to mean “ALL”, not “ANY”. After accepting a subscription where one or both of TYPE or CLASS are 255, the server send Push Notification Updates for ALL record changes that match the subscription, not just some of them.</p><h2 id="6-2-2-Subscribe-Response"><a href="#6-2-2-Subscribe-Response" class="headerlink" title="6.2.2. Subscribe Response"></a>6.2.2. Subscribe Response</h2><p>[RFC8490]<br>MAY<br>A SUBSCRIBE response begins with the standard DSO 12-byte header<br>. The QR bit in the header is set indicating it is a response. The header be followed by one or more optional Additional TLVs such as a Retry Delay Additional TLV. A SUBSCRIBE response is illustrated in Figure 2.</p><p>MUST<br>The MESSAGE ID field echo the value given in the MESSAGE ID field of the SUBSCRIBE<br>request. This is how the client knows which request is being responded to.</p><p>MUST<br>DSO specification [RFC8490]<br>The other header fields be set as described in the<br>. The DNS<br>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>MUST NOT<br>MUST<br>A SUBSCRIBE response message include a SUBSCRIBE TLV. If a client receives a SUBSCRIBE response message containing a SUBSCRIBE TLV, then the response message is processed but the SUBSCRIBE TLV<br> be silently ignored.</p><pre><code>                               1  1  1  1  1  1 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</code></pre><p>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  <br>   |                  MESSAGE ID                   |   <br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |QR| OPCODE(6) |         Z          |   RCODE   |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             QDCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER<br>   |             ANCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             NSCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             ARCOUNT (MUST BE ZERO)            |   /<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p>In the SUBSCRIBE response, the RCODE indicates whether or not the subscription was accepted. Supported RCODEs are as follows:</p><table><thead><tr><th>Mnemonic</th><th>Value</th><th>Description</th></tr></thead><tbody><tr><td>NOERROR</td><td>0</td><td>SUBSCRIBE successful.</td></tr><tr><td>FORMERR</td><td>1</td><td>Server failed to process request due to a malformed request.</td></tr><tr><td>SERVFAIL</td><td>2</td><td>Server failed to process request due to a problem with the server.</td></tr><tr><td>NOTIMP</td><td>4</td><td>Server does not implement DSO.</td></tr><tr><td>REFUSED</td><td>5</td><td>Server refuses to process request for policy or security reasons.</td></tr><tr><td>NOTAUTH</td><td>9</td><td>Server is not authoritative for the requested name.</td></tr><tr><td>DSOTYPENI</td><td>11</td><td>SUBSCRIBE operation not supported.</td></tr></tbody></table><p>SHOULD<br>MUST<br>This document specifies only these RCODE values for SUBSCRIBE Responses. Servers sending SUBSCRIBE Responses use one of these values. Note that NXDOMAIN is not a valid RCODE in response to a SUBSCRIBE Request. However, future circumstances may create situations where other RCODE values are appropriate in SUBSCRIBE Responses, so clients be prepared to accept and handle SUBSCRIBE Responses with any other nonzero RCODE error values. If the server sends a nonzero RCODE in the SUBSCRIBE response, that means:</p><p>a.<br>b.<br>the client is (at least partially) misconfigured, or the server resources are exhausted, or<br>c. </p><p>there is some other unknown failure on the server. </p><h2 id="May"><a href="#May" class="headerlink" title="May"></a>May</h2><p>In any case, the client shouldn’t retry the subscription to this server right away. If multiple SRV records were returned as described in Section 6.1, Paragraph 9, Item 7, a subsequent server be tried immediately.</p><p>If the client has other successful subscriptions to this server, these subscriptions remain even though additional subscriptions may be refused. Neither the client nor the server is required to close the connection, although either end may choose to do so.</p><p>SHOULD<br>[RFC8490] If the server sends a nonzero RCODE, then it append a Retry Delay Additional TLV<br> to the response specifying a delay before the client attempts this operation again.</p><p>Recommended values for the delay for different RCODE values are given below. These recommended values apply both to the default values a server should place in the Retry Delay Additional TLV and the default values a client should assume if the server provides no Retry Delay Additional TLV.</p><p>For RCODE = 1 (FORMERR), the delay may be any value selected by the implementer. A value of five minutes is to reduce the risk of high load from defective clients. </p><p>For RCODE = 2 (SERVFAIL), the delay should be chosen according to the level of server overload and the anticipated duration of that overload. By default, a value of one minute is<br>. If a more serious server failure occurs, the delay may be longer in accordance with the specific problem encountered. </p><p>[RFC8490]</p><p>For RCODE = 4 (NOTIMP), which occurs on a server that doesn’t implement DNS Stateful Operations<br>, it is unlikely that the server will begin supporting DSO in the next few minutes, so the retry delay be one hour. Note that in such a case, a server that doesn’t implement DSO is unlikely to place a Retry Delay Additional TLV in its response, so this recommended value in particular applies to what a client should assume by default. For RCODE = 5 (REFUSED), which occurs on a server that implements DNS Push Notifications but is currently configured to disallow DNS Push Notifications, the retry delay may be any value selected by the implementer and/or configured by the operator. </p><p>If the server being queried is listed in a _dns‑push‑tls._tcp.<zone> SRV record for the zone, then this is a misconfiguration, since this server is being advertised as supporting DNS Push Notifications for this zone, but the server itself is not currently configured to perform that task. Since it is possible that the misconfiguration may be repaired at any time, the retry delay should not be set too high. By default, a value of 5 minutes is<br>. </p><p>For RCODE = 9 (NOTAUTH), which occurs on a server that implements DNS Push Notifications but is not configured to be authoritative for the requested name, the retry delay may be any value selected by the implementer and/or configured by the operator. </p><p>RECOMMENDED</p><p>If the server being queried is listed in a _dns‑push‑tls._tcp.<zone> SRV record for the zone, then this is a misconfiguration, since this server is being advertised as supporting DNS Push Notifications for this zone, but the server itself is not currently configured to perform that task. Since it is possible that the misconfiguration may be repaired at any time, the retry delay should not be set too high. By default, a value of 5 minutes is<br>. </p><p>SHOULD<br>For RCODE = 11 (DSOTYPENI), which occurs on a server that implements DSO but doesn’t implement DNS Push Notifications, it is unlikely that the server will begin supporting DNS Push Notifications in the next few minutes, so the retry delay be one hour. </p><p>For other RCODE values, the retry delay should be set by the server as appropriate for that error condition. By default, a value of 5 minutes is<br>. </p><p>For RCODE = 9 (NOTAUTH), the time delay applies to requests for other names falling within the same zone. Requests for names falling within other zones are not subject to the delay. For all other RCODEs, the time delay applies to all subsequent requests to this server.</p><p>MAY<br>MAY<br>DSO specification [RFC8490]<br>MUST<br>After sending an error response, the server allow the session to remain open, or follow it with a DSO Retry Delay operation (using the Retry Delay Primary TLV) instructing the client to close the session as described in the<br>. Clients correctly handle both cases. Note that the DSO Retry Delay operation (using the Retry Delay Primary TLV) is different to the Retry Delay Additional TLV mentioned above.</p><h2 id="6-3-Dns-Push-Notification-Updates"><a href="#6-3-Dns-Push-Notification-Updates" class="headerlink" title="6.3. Dns Push Notification Updates"></a>6.3. Dns Push Notification Updates</h2><p>Once a subscription has been successfully established, the server generates PUSH messages to send to the client as appropriate. In the case that the answer set was already non-empty at the moment the subscription was established, an initial PUSH message will be sent immediately following the SUBSCRIBE Response. Subsequent changes to the answer set are then communicated to the client in subsequent PUSH messages.</p><p>MUST NOT<br>MUST<br>A client send a PUSH message. If a client does send a PUSH message, or a PUSH<br>message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver forcibly abort the connection immediately.</p><h2 id="6-3-1-Push-Message"><a href="#6-3-1-Push-Message" class="headerlink" title="6.3.1. Push Message"></a>6.3.1. Push Message</h2><p>[RFC8490]<br>A PUSH unidirectional message begins with the standard DSO 12-byte header<br>, followed by the PUSH Primary TLV. A PUSH message is illustrated in Figure 3.</p><p>MUST<br>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field be zero. There is no client response to a PUSH message.</p><p>MUST<br>[RFC8490]<br>The other header fields be set as described in the DSO specification<br>. The DNS<br>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent). The DSO-TYPE is PUSH (0x0041). The DSO-LENGTH is the length of the DSO-DATA that follows, which specifies the changes being communicated.</p><p>MUST<br>MUST<br>The DSO-DATA contains one or more change notifications. A PUSH Message contain at least one change notification. If a PUSH Message is received that contains no change notifications, this is a fatal error and the client forcibly abort the connection immediately.</p><p>The change notification records are formatted similarly to how DNS Resource Records are conventionally expressed in DNS messages, as illustrated in Figure 3, and are interpreted as described below.</p><p>The TTL field holds an unsigned 32-bit integer<br>. If the TTL is in the range 0 to<br>[RFC2181]<br>MUST NOT<br>MUST<br>2,147,483,647 seconds (0 to 231 - 1, or 0x7FFFFFFF), then a new DNS Resource Record with the given name, type, class, and RDATA is added. Type and class be 255 (ANY). If either type or class are 255 (ANY), this is a fatal error and the client forcibly abort the connection immediately. A TTL of 0 means that this record should be retained for as long as the subscription is active and should be discarded immediately the moment the subscription is canceled.</p><p>MUST NOT<br>MUST<br>If the TTL has the value 0xFFFFFFFF, then the DNS Resource Record with the given name, type, class, and RDATA is removed. Type and class be 255 (ANY). If either type or class are<br>255 (ANY), this is a fatal error and the client forcibly abort the connection immediately.</p><p>MUST<br>MUST<br>MUST<br>If the TTL has the value 0xFFFFFFFE, then this is a ‘collective’ remove notification. For collective remove notifications, RDLEN<br> be zero, and consequently, the RDATA<br> be empty. If a change notification is received where TTL = 0xFFFFFFFE and RDLEN is not zero, this is a fatal error and the client forcibly abort the connection immediately.</p><p>There are three types of collective remove notification. For collective remove notifications:</p><ul><li><p>If CLASS is not 255 (ANY) and TYPE is not 255 (ANY), then for the given name, this removes all records of the specified type in the specified class. </p></li><li><p>If CLASS is not 255 (ANY) and TYPE is 255 (ANY), then for the given name, this removes all records of all types in the specified class. </p></li><li><p>MUST<br>MUST<br>If CLASS is 255 (ANY), then for the given name, this removes all records of all types in all classes. In this case, TYPE<br>be set to zero on transmission and<br>be silently ignored<br>on reception.<br>Summary of change notification types:</p></li><li><p>Remove all RRsets from a name in all classes: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS = 255 (ANY).</p></li><li><p>Remove all RRsets from a name in given class: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS gives class, TYPE = 255 (ANY).</p></li><li><p>Remove specified RRset from a name in given class: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS and TYPE specify the RRset being removed.</p></li><li><p>Remove an individual RR from a name: TTL = 0xFFFFFFFF, CLASS, TYPE, RDLEN, and RDATA specify the RR being removed.</p></li><li><p>Add individual RR to a name: TTL &gt;= 0 and TTL &lt;= 0x7FFFFFFF, CLASS, TYPE, RDLEN, RDATA, and TTL specify the RR being added.<br>[RFC3123]<br>Note that it is valid for the RDATA of an added or removed DNS Resource Record to be empty<br>(zero length). For example, an Address Prefix List Resource Record may have empty RDATA. Therefore, a change notification with RDLEN = 0 does not automatically indicate a remove notification. If RDLEN = 0 and TTL is in the range 0 to 0x7FFFFFFF, this change notification signals the addition of a record with the given name, type, class, and empty RDATA. If RDLEN = 0 and TTL = 0xFFFFFFFF, this change notification signals the removal specifically of that single record with the given name, type, class, and empty RDATA.</p></li></ul><p>If the TTL is any value other than 0xFFFFFFFF, 0xFFFFFFFE, or a value in the range 0 to 0x7FFFFFFF, then the receiver silently ignore this particular change notification record.</p><p>The connection is not terminated and other valid change notification records within this PUSH<br>message are processed as usual. In the case where a single change affects more than one active subscription, only one PUSH message is sent. For example, a PUSH message adding a given record may match both a SUBSCRIBE request with the same TYPE and a different SUBSCRIBE request with TYPE = 255 (ANY). It is not the case that two PUSH messages are sent because the new record matches two active subscriptions.</p><p>SHOULD</p><p>SHOULD<br>The server encode change notifications in the most efficient manner possible. For example, when three AAAA records are removed from a given name, and no other AAAA records exist for that name, the server send a “Remove specified RRset from a name in given class” PUSH message, not three separate “Remove an individual RR from a name” PUSH messages. Similarly, when both an SRV and a TXT record are removed from a given name, and no other records of any kind exist for that name in that class, the server send a “Remove all RRsets from a name in given class” PUSH message, not two separate “Remove specified RRset from a name in given class” PUSH messages.</p><h2 id="Should-Should"><a href="#Should-Should" class="headerlink" title="Should Should"></a>Should Should</h2><p>For efficiency, when generating a PUSH message, rather than sending each change notification as a separate DSO message, a server include as many change notifications as it has immediately available to send to that client, even if those change notifications apply to different subscriptions from that client. Conceptually, a PUSH message is a session-level mechanism, not a subscription-level mechanism. Once it has exhausted the list of change notifications immediately available to send to that client, a server then send the PUSH message immediately rather than waiting speculatively to see if additional change notifications become available.</p><p>SHOULD<br>[RFC1035]<br>Section 18.14 of the Multicast DNS specification [RFC6762]<br>For efficiency, when generating a PUSH message a server use standard DNS name compression, with offsets relative to the beginning of the DNS message<br>. When multiple change notifications in a single PUSH message have the same owner name, this name compression can yield significant savings. Name compression should be performed as specified in<br>; namely, owner names should always be compressed, and names appearing within RDATA should be compressed for only the RR types listed below:</p><h2 id="Ns-Cname-Ptr-Dname-Soa-Mx-Afsdb-Rt-Kx-Rp-Px-Srv-Nsec-Must-Not-Must"><a href="#Ns-Cname-Ptr-Dname-Soa-Mx-Afsdb-Rt-Kx-Rp-Px-Srv-Nsec-Must-Not-Must" class="headerlink" title="Ns, Cname, Ptr, Dname, Soa, Mx, Afsdb, Rt, Kx, Rp, Px, Srv, Nsec Must Not Must"></a>Ns, Cname, Ptr, Dname, Soa, Mx, Afsdb, Rt, Kx, Rp, Px, Srv, Nsec Must Not Must</h2><p>Servers may generate PUSH messages up to a maximum DNS message length of 16,382 bytes, counting from the start of the DSO 12-byte header. Including the two-byte length prefix that is used to frame DNS over a byte stream like TLS, this makes a total of 16,384 bytes. Servers generate PUSH messages larger than this. Where the immediately available change notifications are sufficient to exceed a DNS message length of 16,382 bytes, the change notifications be communicated in separate PUSH messages of up to 16,382 bytes each. DNS<br>name compression becomes less effective for messages larger than 16,384 bytes, so little efficiency benefit is gained by sending messages larger than this.</p><p>MUST<br>If a client receives a PUSH message with a DNS message length larger than 16,382 bytes, this is a fatal error and the client forcibly abort the connection immediately.</p><pre><code>                               1  1  1  1  1  1 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</code></pre><p>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  <br>   |           MESSAGE ID (MUST BE ZERO)           |   <br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |QR| OPCODE(6) |         Z          |   RCODE   |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             QDCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER<br>   |             ANCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             NSCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             ARCOUNT (MUST BE ZERO)            |   /<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /<br>   |            DSO-TYPE = PUSH (0x0041)           |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+<br>   |   DSO-LENGTH (number of octets in DSO-DATA)   |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  <br>   \                     NAME                      \   <br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |                     TYPE                      |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |                     CLASS                     |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |                      TTL                      |    |<br>   |     (32-bit unsigned big-endian integer)      |     &gt; DSO-DATA<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |  RDLEN (16-bit unsigned big-endian integer)   |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   \           RDATA (sized as necessary)          \    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   :     NAME, TYPE, CLASS, TTL, RDLEN, RDATA      :    |<br>   :             Repeated As Necessary             :   /<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p>MUST<br>MUST<br>When processing the records received in a PUSH Message, the receiving client validate that the records being added or removed correspond with at least one currently active subscription on that session. Specifically, the record name match the name given in the SUBSCRIBE<br>request, subject to the usual established DNS case-insensitivity for US-ASCII letters. For individual additions and removals, if the TYPE in the SUBSCRIBE request was not ANY (255), then the TYPE of the record must either be CNAME or match the TYPE given in the SUBSCRIBE request, and if the CLASS in the SUBSCRIBE request was not ANY (255), then the CLASS of the record must match the CLASS given in the SUBSCRIBE request. For collective removals, at least one of the records being removed must match an active subscription. If a matching active subscription on that session is not found, then that particular addition/removal record is silently ignored. The processing of other additions and removal records in this message is not affected. The DSO session is not closed. This is to allow for the unavoidable race condition where a client sends an outbound UNSUBSCRIBE while inbound PUSH messages for that subscription from the server are still in flight.</p><p>SHOULD<br>The TTL of an added record is stored by the client. While the subscription is active the TTL is not decremented, because a change to the TTL would produce a new update. For as long as a relevant subscription remains active, the client assume that when a record goes away, the server will notify it of that fact. Consequently, a client does not have to poll to verify that the record is still there. Once a subscription is canceled (individually, or as a result of the DSO session being closed), record aging for records covered by the subscription resumes and records are removed from the local cache when their TTL reaches zero.</p><h2 id="6-4-Dns-Push-Notification-Unsubscribe"><a href="#6-4-Dns-Push-Notification-Unsubscribe" class="headerlink" title="6.4. Dns Push Notification Unsubscribe"></a>6.4. Dns Push Notification Unsubscribe</h2><p>To cancel an individual subscription without closing the entire DSO session, the client sends an UNSUBSCRIBE message over the established DSO session to the server.</p><p>MUST NOT<br>MUST<br>The entity that initiates an UNSUBSCRIBE message is by definition the client. A server send an UNSUBSCRIBE message over an existing session from a client. If a server does send an UNSUBSCRIBE message over a DSO session initiated by a client, or an UNSUBSCRIBE message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver forcibly abort the connection immediately.</p><h2 id="6-4-1-Unsubscribe-Message"><a href="#6-4-1-Unsubscribe-Message" class="headerlink" title="6.4.1. Unsubscribe Message"></a>6.4.1. Unsubscribe Message</h2><p>[RFC8490] An UNSUBSCRIBE unidirectional message begins with the standard DSO 12-byte header<br>, followed by the UNSUBSCRIBE Primary TLV. An UNSUBSCRIBE message is illustrated in Figure 4.</p><p>MUST<br>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field be zero. There is no server response to an UNSUBSCRIBE message.</p><p>MUST<br>DSO specification [RFC8490]<br>The other header fields be set as described in the<br>. The DNS<br>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent). The DSO-TYPE is UNSUBSCRIBE (0x0042). The DSO-LENGTH field contains the value 2, the length of the 2-octet MESSAGE ID contained in the DSO-DATA. The DSO-DATA contains the value previously given in the MESSAGE ID field of an active SUBSCRIBE request. This is how the server knows which SUBSCRIBE request is being canceled.</p><p>After receipt of the UNSUBSCRIBE message, the SUBSCRIBE request is no longer active. It is allowable for the client to issue an UNSUBSCRIBE message for a previous SUBSCRIBE request for which the client has not yet received a SUBSCRIBE response. This is to allow for the case where a client starts and stops a subscription in less than the round-trip time to the server. The client is NOT required to wait for the SUBSCRIBE response before issuing the UNSUBSCRIBE message.</p><p>MUST<br>Consequently, it is possible for a server to receive an UNSUBSCRIBE message that does not match any currently active subscription. This can occur when a client sends a SUBSCRIBE request, which subsequently fails and returns an error code, but the client sent an UNSUBSCRIBE message before it became aware that the SUBSCRIBE request had failed. Because of this, servers silently ignore UNSUBSCRIBE messages that do not match any currently active subscription.</p><pre><code>                               1  1  1  1  1  1 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</code></pre><p>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  <br>   |           MESSAGE ID (MUST BE ZERO)           |   <br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |QR| OPCODE(6) |         Z          |   RCODE   |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             QDCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER<br>   |             ANCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             NSCOUNT (MUST BE ZERO)            |    |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |<br>   |             ARCOUNT (MUST BE ZERO)            |   /<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /<br>   |         DSO-TYPE = UNSUBSCRIBE (0x0042)       |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+<br>   |                DSO-LENGTH (2)                 |<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  <br>   |              SUBSCRIBE MESSAGE ID             |   &gt; DSO-DATA<br>   +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><h2 id="6-5-Dns-Push-Notification-Reconfirm"><a href="#6-5-Dns-Push-Notification-Reconfirm" class="headerlink" title="6.5. Dns Push Notification Reconfirm"></a>6.5. Dns Push Notification Reconfirm</h2><p>[RFC8766]<br>Sometimes, particularly when used with a Discovery Proxy<br>, a DNS Zone may contain stale data. When a client encounters data that it believes may be stale (e.g., an SRV record referencing a target host+port that is not responding to connection requests), the client can send a RECONFIRM message to ask the server to re-verify that the data is still valid. For a Discovery<br>[SD-API]<br>Proxy, this causes it to issue new Multicast DNS queries to ascertain whether the target device is still present. How the Discovery Proxy causes these new Multicast DNS queries to be issued depends on the details of the underlying Multicast DNS implementation being used. For example, a Discovery Proxy built on Apple’s dns_sd.h API<br> responds to a DNS Push Notification RECONFIRM message by calling the underlying API’s DNSServiceReconfirmRecord() routine.</p><p>SHOULD<br>For other types of DNS server, the RECONFIRM operation is currently undefined and result in a NOERROR response, but it need not cause any other action to occur.</p><p>MAY<br>Frequent use of RECONFIRM operations may be a sign of network unreliability, or some kind of misconfiguration, so RECONFIRM operations be logged or otherwise communicated to a human administrator to assist in detecting and remedying such network problems. If, after receiving a valid RECONFIRM message, the server determines that the disputed records are in fact no longer valid, then subsequent DNS PUSH Messages will be generated to inform interested clients. Thus, one client discovering that a previously advertised device (like a network printer) is no longer present has the side effect of informing all other interested clients that the device in question is now gone.</p><p>MUST NOT<br>MUST<br>The entity that initiates a RECONFIRM message is by definition the client. A server send a RECONFIRM message over an existing session from a client. If a server does send a RECONFIRM message over a DSO session initiated by a client, or a RECONFIRM message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver forcibly abort the connection immediately.</p><h2 id="6-5-1-Reconfirm-Message"><a href="#6-5-1-Reconfirm-Message" class="headerlink" title="6.5.1. Reconfirm Message"></a>6.5.1. Reconfirm Message</h2><p>[RFC8490]<br>A RECONFIRM unidirectional message begins with the standard DSO 12-byte header<br>, followed by the RECONFIRM Primary TLV. A RECONFIRM message is illustrated in Figure 5.</p><p>MUST<br>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field be zero. There is no server response to a RECONFIRM message.</p><p>MUST<br>DSO specification [RFC8490]<br>The other header fields be set as described in the<br>. The DNS<br>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent). The DSO-TYPE is RECONFIRM (0x0043). The DSO-LENGTH is the length of the data that follows, which specifies the name, type, class, and content of the record being disputed.</p><p>MUST<br>A DNS Push Notifications RECONFIRM message contains exactly one RECONFIRM Primary TLV. The DSO-DATA in a RECONFIRM Primary TLV<br> contain exactly one record. The DSO-DATA in a RECONFIRM Primary TLV has no count field to specify more than one record. Since RECONFIRM messages are sent over TCP, multiple RECONFIRM messages can be concatenated in a single TCP stream and packed efficiently into TCP segments. Note that this means that DNS name compression cannot be used between different RECONFIRM messages. However, when a client is sending multiple RECONFIRM messages this indicates a situation with serious network problems, and this is not expected to occur frequently enough that optimizing efficiency in this case is important.</p><p>MUST NOT<br>MUST NOT<br>TYPE<br> be the value ANY (255) and CLASS<br> be the value ANY (255).</p><p>DNS wildcarding is not supported. That is, an asterisk character (“<em>“) in a RECONFIRM message matches only a literal asterisk character (“</em>“) in a name and nothing else. Similarly, a CNAME in a RECONFIRM message matches only a CNAME record with that name in the zone and no other records with that name. Note that there is no RDLEN field, since the length of the RDATA can be inferred from DSO- LENGTH, so an additional RDLEN field would be redundant. Following the same rules as for PUSH messages, DNS name compression SHOULD be used within the RDATA of the RECONFIRM message, with offsets relative to the beginning of the DNS message<br>.</p><p>[RFC1035]</p><pre><code>                               1  1  1  1  1  1 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+  \ |           MESSAGE ID (MUST BE ZERO)           |   \ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |QR| OPCODE(6) |         Z          |   RCODE   |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |             QDCOUNT (MUST BE ZERO)            |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+     &gt; HEADER |             ANCOUNT (MUST BE ZERO)            |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |             NSCOUNT (MUST BE ZERO)            |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |             ARCOUNT (MUST BE ZERO)            |   / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+  / |         DSO-TYPE = RECONFIRM (0x0043)         | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ |   DSO-LENGTH (number of octets in DSO-DATA)   | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+  \ \                     NAME                      \   \ +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | |                     TYPE                      |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+     &gt; DSO-DATA |                     CLASS                     |    | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+    | \                     RDATA                     \   / +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+  /</code></pre><h2 id="6-6-Dns-Stateful-Operations-Tlv-Context-Summary"><a href="#6-6-Dns-Stateful-Operations-Tlv-Context-Summary" class="headerlink" title="6.6. Dns Stateful Operations Tlv Context Summary"></a>6.6. Dns Stateful Operations Tlv Context Summary</h2><p>Section 8.2 of the DNS Stateful Operations specification [RFC8490]<br>This document defines four new DSO TLVs. As recommended in<br>, the valid contexts of these new TLV types are summarized below. The client TLV contexts are: C-P: C-U: C-A: CRP: CRA:<br>Client request message, Primary TLV Client Unidirectional message, primary TLV Client request or unidirectional message, Additional TLV<br>Response back to client, Primary TLV<br>Response back to client, Additional TLV </p><table><thead><tr><th>TLV Type</th><th>C-P</th></tr></thead><tbody><tr><td>SUBSCRIBE</td><td>X</td></tr><tr><td>PUSH</td><td></td></tr><tr><td>UNSUBSCRIBE</td><td>X</td></tr><tr><td>RECONFIRM</td><td>X</td></tr></tbody></table><p>The server TLV contexts are:<br>S-P: S-U: S-A: SRP: SRA:<br>Server request message, Primary TLV Server Unidirectional message, primary TLV Server request or unidirectional message, Additional TLV<br>Response back to server, Primary TLV<br>Response back to server, Additional TLV </p><table><thead><tr><th>TLV Type</th><th>S-P</th></tr></thead><tbody><tr><td>SUBSCRIBE</td><td></td></tr><tr><td>PUSH</td><td>X</td></tr><tr><td>UNSUBSCRIBE</td><td></td></tr></tbody></table><p>RECONFIRM</p><h2 id="6-7-Client-Initiated-Termination"><a href="#6-7-Client-Initiated-Termination" class="headerlink" title="6.7. Client-Initiated Termination"></a>6.7. Client-Initiated Termination</h2><p>An individual subscription is terminated by sending an UNSUBSCRIBE TLV for that specific subscription, or all subscriptions can be canceled at once by the client closing the DSO session.</p><p>When a client terminates an individual subscription (via UNSUBSCRIBE) or all subscriptions on that DSO session (by ending the session), it is signaling to the server that it is no longer interested in receiving those particular updates. It is informing the server that the server may release any state information it has been keeping with regards to these particular subscriptions.</p><p>MAY<br>After terminating its last subscription on a session via UNSUBSCRIBE, a client close the session immediately or it may keep it open if it anticipates performing further operations on that session in the future. If a client wishes to keep an idle session open, it respect the maximum idle time required by the server<br>.</p><p>MUST<br>[RFC8490]<br>MAY<br>If a client plans to terminate one or more subscriptions on a session and doesn’t intend to keep that session open, then as an efficiency optimization, it instead choose to simply close the session, which implicitly terminates all subscriptions on that session. This may occur because the client computer is being shut down, is going to sleep, the application requiring the subscriptions has terminated, or simply because the last active subscription on that session has been canceled.</p><p>Section<br>6.1 of the TLS 1.3 specification [RFC8446]<br>MUST<br>When closing a session, a client should perform an orderly close of the TLS session. Typical APIs will provide a session close method that will send a TLS close_notify alert as described in<br>. This instructs the recipient that the sender will not send any more data over the session. After sending the TLS close_notify alert, the client gracefully close the underlying connection using a TCP FIN so that the TLS close_notify is reliably delivered. The mechanisms for gracefully closing a TCP connection with a TCP FIN vary depending on the networking API. For example, in the BSD Sockets API, sending a TCP FIN is achieved by calling “shutdown(s,SHUT_WR)” and keeping the socket open until all remaining data has been read from it. If the session is forcibly closed at the TCP level by sending a RST from either end of the connection, data may be lost.</p><h2 id="6-8-Client-Fallback-To-Polling"><a href="#6-8-Client-Fallback-To-Polling" class="headerlink" title="6.8. Client Fallback To Polling"></a>6.8. Client Fallback To Polling</h2><p>There are cases where a client may exhaust all avenues for establishing a DNS Push Notification subscription without success. This can happen if the client’s configured recursive resolver does not support DNS over TLS, or supports DNS over TLS but is not listening on TCP port 853, or supports DNS over TLS on TCP port 853 but does not support DSO on that port, or for some other reason is unable to provide a DNS Push Notification subscription. In this case, the client will attempt to communicate directly with an appropriate server, and it may be that the zone apex discovery fails, or there is no _dns‑push‑tls._tcp.<zone> SRV record, or the server indicated in the SRV record is misconfigured, overloaded, or is unresponsive for some other reason. Regardless of the reason for the failure, after being unable to establish the desired DNS Push Notification subscription, it is likely that the client will still wish to know the answer it seeks, even if that answer cannot be obtained with the timely change notifications provided by DNS Push Notifications. In such cases, it is likely that the client will obtain the answer it seeks via a conventional DNS query instead, repeated at some interval to detect when the answer RRset changes.</p><p>In the case where a client responds to its failure to establish a DNS Push Notification subscription by falling back to polling with conventional DNS queries instead, the polling rate should be controlled to avoid placing excessive burden on the server. The interval between successive DNS queries for the same name, type, and class be at least the minimum of 900 seconds (15<br>minutes) or two seconds more than the TTL of the answer RRset. The reason that for TTLs up to 898 seconds the query should not be reissued until two seconds after the answer RRset has expired, is to ensure that the answer RRset has also expired from the cache on the client’s configured recursive resolver. Otherwise (particularly if the clocks on the client and the recursive resolver do not run at precisely the same rate), there’s a risk of a race condition where the client queries its configured recursive resolver just as the answer RRset has one second remaining in the recursive resolver’s cache. The client would receive a reply telling it that the answer RRset has one second remaining; the client would then requery the recursive resolver again one second later. If by this time the answer RRset has actually expired from the recursive resolver’s cache, the recursive resolver would then issue a new query to fetch fresh data from the authoritative server. Waiting until the answer RRset has definitely expired from the cache on the client’s configured recursive resolver avoids this race condition and any unnecessary additional queries it causes. Each time a client is about to reissue its query to discover changes to the answer RRset, it should first make a new attempt to establish a DNS Push Notification subscription using previously cached DNS answers as appropriate. After a temporary misconfiguration has been remedied, this allows a client that is polling to return to using DNS Push Notifications for asynchronous notification of changes.</p><h2 id="7-Security-Considerations"><a href="#7-Security-Considerations" class="headerlink" title="7. Security Considerations"></a>7. Security Considerations</h2><p>REQUIRED<br>[RFC8310]<br>The Strict Privacy profile for DNS over TLS is for DNS Push Notifications<br>.</p><p>Cleartext connections for DNS Push Notifications are not permissible. Since this is a new protocol, transition mechanisms from the Opportunistic Privacy profile are unnecessary.</p><p>Section 9 of the document Usage Profiles for DNS over (D)TLS [RFC8310]<br>Also, see for additional recommendations for various versions of TLS usage. As a consequence of requiring TLS, client certificate authentication and verification may also be enforced by the server for stronger client-server security or end-to-end security. However, recommendations for security in particular deployment scenarios are outside the scope of this document.</p><p>RECOMMENDED<br>DNSSEC is for the authentication of DNS Push Notification servers. TLS alone does not provide complete security. TLS certificate verification can provide reasonable assurance that the client is really talking to the server associated with the desired host name, but since the desired host name is learned via a DNS SRV query, if the SRV query is subverted, then the client may have a secure connection to a rogue server. DNSSEC can provide added confidence that the SRV query has not been subverted.</p><h2 id="7-1-Security-Services"><a href="#7-1-Security-Services" class="headerlink" title="7.1. Security Services"></a>7.1. Security Services</h2><p>It is the goal of using TLS to provide the following security services:</p><p>Confidentiality:<br>All application-layer communication is encrypted with the goal that no party<br>should be able to decrypt it except the intended receiver.<br>Data integrity protection:<br>Any changes made to the communication in transit are detectable by<br>the receiver.<br>Authentication:<br>An endpoint of the TLS communication is authenticated as the intended entity<br>to communicate with.<br>Anti-replay protection:<br>TLS provides for the detection of and prevention against messages sent<br>previously over a TLS connection (such as DNS Push Notifications). If prior messages are re-sent at a later time as a form of a man-in-the-middle attack, then the receiver will detect this and reject the replayed messages.<br>[BCP195]<br>Deployment recommendations on the appropriate key lengths and cipher suites are beyond the scope of this document. Please refer to the current TLS Recommendations for the best current practices. Keep in mind that best practices only exist for a snapshot in time, and recommendations will continue to change. Updated versions or errata may exist for these recommendations.</p><h2 id="7-2-Tls-Name-Authentication"><a href="#7-2-Tls-Name-Authentication" class="headerlink" title="7.2. Tls Name Authentication"></a>7.2. Tls Name Authentication</h2><p>SHOULD<br>[RFC7673]<br>[RFC6066]<br>[RFC8310]<br>As described in Section 6.1, the client discovers the DNS Push Notification server using an SRV lookup for the record name _dns‑push‑tls._tcp.<zone>. The server connection endpoint then be authenticated using DANE TLSA records for the associated SRV record. This associates the target’s name and port number with a trusted TLS certificate<br>. This procedure uses the TLS Server Name Indication (SNI) extension to inform the server of the name the client has authenticated through the use of TLSA records. Therefore, if the SRV record passes DNSSEC validation and a TLSA record matching the target name is usable, an SNI extension must be used for the target name to ensure the client is connecting to the server it has authenticated. If the target name does not have a usable TLSA record, then the use of the SNI extension is optional. See Usage Profiles for DNS over TLS and DNS over DTLS<br> for more information on authenticating domain names.</p><h2 id="7-3-Tls-Early-Data"><a href="#7-3-Tls-Early-Data" class="headerlink" title="7.3. Tls Early Data"></a>7.3. Tls Early Data</h2><p>DSO messages with the SUBSCRIBE TLV as the Primary TLV are permitted in TLS early data.</p><p>Using TLS early data can save one network round trip and can result in the client obtaining results faster. However, there are some factors to consider before using TLS early data. TLS early data is not forward secret. In cases where forward secrecy of DNS Push Notification subscriptions is required, the client should not use TLS early data.</p><p>MAY<br>With TLS early data, there are no guarantees of non-replay between connections. If packets are duplicated and delayed in the network, the later arrivals could be mistaken for new subscription requests. Generally, this is not a major concern since the amount of state generated on the server for these spurious subscriptions is small and short lived since the TCP connection will not complete the three-way handshake. Servers choose to implement rate-limiting measures that are activated when the server detects an excessive number of spurious subscription requests. For further guidance on use of TLS early data, please see discussion of zero round-trip data in Sections 2.3 and 8, and Appendix E.5, of<br>.</p><p>the TLS 1.3 specification [RFC8446]</p><h2 id="7-4-Tls-Session-Resumption"><a href="#7-4-Tls-Session-Resumption" class="headerlink" title="7.4. Tls Session Resumption"></a>7.4. Tls Session Resumption</h2><p>[RFC8446]<br>TLS session resumption is permissible on DNS Push Notification servers. However, closing the TLS connection terminates the DSO session. When the TLS session is resumed, the DNS Push Notification server will not have any subscription state and will proceed as with any other new DSO session. Use of TLS session resumption may allow a TLS connection to be set up more quickly, but the client will still have to recreate any desired subscriptions.</p><h2 id="8-Iana-Considerations"><a href="#8-Iana-Considerations" class="headerlink" title="8. Iana Considerations"></a>8. Iana Considerations</h2><p>This document defines a new service name, only applicable for the TCP protocol, which has been recorded in the IANA “Service Name and Transport Protocol Port Number Registry” </p><p>.</p><p>[RFC6335]<br>[SRVTYPE]</p><table><thead><tr><th>Name</th><th>Port</th><th>Value</th><th>Section</th></tr></thead><tbody><tr><td>DNS Push Noti</td><td>fi</td><td>cation Service Type</td><td>None</td></tr><tr><td>_dns</td><td></td><td></td><td></td></tr><tr><td>‑</td><td></td><td></td><td></td></tr><tr><td>push</td><td></td><td></td><td></td></tr><tr><td>‑</td><td></td><td></td><td></td></tr><tr><td>tls._tcp</td><td></td><td></td><td></td></tr><tr><td></td><td>6.1</td><td></td><td></td></tr></tbody></table><p>This document defines four new DNS Stateful Operation TLV types, which have been recorded in the IANA “DSO Type Codes” registry </p><p>.</p><p>[RFC8490] [DSOTYPE]</p><table><thead><tr><th></th><th>Name</th><th>Value</th><th>Early Data</th><th>Status</th><th>Section</th></tr></thead><tbody><tr><td>SUBSCRIBE</td><td>0x0040</td><td>OK</td><td>Standards Track</td><td>6.2</td><td></td></tr><tr><td>PUSH</td><td>0x0041</td><td>NO</td><td>Standards Track</td><td>6.3</td><td></td></tr><tr><td>UNSUBSCRIBE</td><td>0x0042</td><td>NO</td><td>Standards Track</td><td>6.4</td><td></td></tr><tr><td>RECONFIRM</td><td>0x0043</td><td>NO</td><td>Standards Track</td><td>6.5</td><td></td></tr></tbody></table><p>This document defines no new DNS OPCODEs or RCODEs.</p><h2 id="9-References-9-1-Normative-References"><a href="#9-References-9-1-Normative-References" class="headerlink" title="9. References 9.1. Normative References"></a>9. References 9.1. Normative References</h2><table><thead><tr><th>[DSOTYPE]</th><th>IANA “Domain Name System (DNS) Parameters” &lt;</th></tr></thead><tbody><tr><td>assignments/dns-parameters/</td><td>&gt;</td></tr><tr><td>,</td><td>,</td></tr><tr><td>.</td><td></td></tr><tr><td>[RFC0020]</td><td></td></tr></tbody></table><p>Cerf, V. “ASCII format for network interchange” STD 80 RFC 20 DOI 10.17487/ RFC0020<br><a href="https://www.rfc-editor.org/info/rfc20">https://www.rfc-editor.org/info/rfc20</a><br>,<br>,<br>,<br>,<br>, October 1969,<br>. </p><p>[RFC0768]</p><p>Postel, J. “User Datagram Protocol” STD 6 RFC 768 DOI 10.17487/RFC0768<br><a href="https://www.rfc-editor.org/info/rfc768">https://www.rfc-editor.org/info/rfc768</a><br>,<br>,<br>,<br>,<br>,<br>August 1980,<br>.<br>[RFC0793]<br>Postel, J. “Transmission Control Protocol” STD 7 RFC 793 DOI 10.17487/ RFC0793<br><a href="https://www.rfc-editor.org/info/rfc793">https://www.rfc-editor.org/info/rfc793</a><br>,<br>,<br>,<br>,<br>, September 1981,<br>.<br>[RFC1034]<br>Mockapetris, P. “Domain names - concepts and facilities” STD 13 RFC 1034 DOI 10.17487/RFC1034<br><a href="https://www.rfc-editor.org/info/rfc1034">https://www.rfc-editor.org/info/rfc1034</a><br>,<br>,<br>,<br>,<br>, November 1987,<br>.<br>[RFC1035]<br>Mockapetris, P. “Domain names - implementation and specification” STD 13 RFC 1035 DOI 10.17487/RFC1035<br>&lt;<a href="https://www.rfc-editor.org/">https://www.rfc-editor.org/</a><br>info/rfc1035&gt;<br>,<br>,<br>,<br>,<br>, November 1987,<br>.<br>[RFC1123]<br>Braden, R., Ed. “Requirements for Internet Hosts - Application and Support” STD 3 RFC 1123 DOI 10.17487/RFC1123<br><a href="https://www.rfceditor.org/info/rfc1123">https://www.rfceditor.org/info/rfc1123</a><br>,<br>,<br>,<br>,<br>, October 1989,<br>.<br>[RFC2119]<br>Bradner, S. “Key words for use in RFCs to Indicate Requirement Levels” BCP 14 RFC 2119 DOI 10.17487/RFC2119<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc2119&gt;<br>,<br>,<br>,<br>,<br>, March 1997,<br>.<br>[RFC2136]<br>Vixie, P., Ed., Thomson, S., Rekhter, Y., and J. Bound “Dynamic Updates in the Domain Name System (DNS UPDATE)” RFC 2136 DOI 10.17487/RFC2136<br><a href="https://www.rfc-editor.org/info/rfc2136">https://www.rfc-editor.org/info/rfc2136</a><br>,<br>,<br>,<br>, April<br>1997,<br>.<br>[RFC2181]<br>Elz, R. and R. Bush “Clarifications to the DNS Specification” RFC 2181 DOI 10.17487/RFC2181<br><a href="https://www.rfc-editor.org/info/rfc2181">https://www.rfc-editor.org/info/rfc2181</a><br>,<br>,<br>,<br>, July 1997,<br>.<br>[RFC2782]<br>Gulbrandsen, A., Vixie, P., and L. Esibov “A DNS RR for specifying the location of<br>services (DNS SRV)” RFC 2782 DOI 10.17487/RFC2782<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc2782&gt;">www.rfc-editor.org/info/rfc2782&gt;</a><br>,<br>,<br>,<br>, February 2000,<br>.<br>[RFC6066]<br>Eastlake 3rd, D. “Transport Layer Security (TLS) Extensions: Extension Definitions” RFC 6066 DOI 10.17487/RFC6066<br><a href="https://www.rfceditor.org/info/rfc6066">https://www.rfceditor.org/info/rfc6066</a><br>,<br>,<br>,<br>, January 2011,<br>.<br>[RFC6335]<br>,<br>Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire “Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry” BCP 165 RFC 6335 DOI 10.17487/RFC6335<br><a href="https://www.rfc-editor.org/info/rfc6335">https://www.rfc-editor.org/info/rfc6335</a><br>,<br>,<br>,<br>, August 2011,<br>.<br>[RFC6895]<br>Eastlake 3rd, D. “Domain Name System (DNS) IANA Considerations” BCP 42 RFC 6895 DOI 10.17487/RFC6895<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc6895&gt;<br>,<br>,<br>,<br>,<br>, April 2013,<br>.<br>[RFC7673]<br>Finch, T., Miller, M., and P. Saint-Andre “Using DNS-Based Authentication of Named Entities (DANE) TLSA Records with SRV Records” RFC 7673 DOI 10.17487/RFC7673<br><a href="https://www.rfc-editor.org/info/rfc7673">https://www.rfc-editor.org/info/rfc7673</a><br>,<br>,<br>,<br>, October 2015,<br>.<br>[RFC7766]<br>,<br>,<br>,<br>,<br>March 2016,<br>.<br>Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and D. Wessels “DNS Transport over TCP - Implementation Requirements” RFC 7766 DOI 10.17487/RFC7766<br><a href="https://www.rfc-editor.org/info/rfc7766">https://www.rfc-editor.org/info/rfc7766</a><br>[RFC7858]<br>Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., and P. Hoffman “Specification for DNS over Transport Layer Security (TLS)” RFC 7858 DOI 10.17487/RFC7858<br><a href="https://www.rfc-editor.org/info/rfc7858">https://www.rfc-editor.org/info/rfc7858</a><br>,<br>,<br>,<br>, May 2016,<br>.<br>[RFC8174]<br>Leiba, B. “Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words” BCP 14 RFC 8174 DOI 10.17487/RFC8174<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8174&gt;<br>,<br>,<br>,<br>,<br>, May 2017,<br>.<br>[RFC8310]<br>Dickinson, S., Gillmor, D., and T. Reddy “Usage Profiles for DNS over TLS and DNS over DTLS” RFC 8310 DOI 10.17487/RFC8310<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc8310&gt;">www.rfc-editor.org/info/rfc8310&gt;</a><br>,<br>,<br>,<br>, March 2018,<br>.<br>[RFC8446]<br>Rescorla, E. “The Transport Layer Security (TLS) Protocol Version 1.3” RFC 8446 DOI 10.17487/RFC8446<br><a href="https://www.rfc-editor.org/info/rfc8446">https://www.rfc-editor.org/info/rfc8446</a><br>,<br>,<br>,<br>, August 2018,<br>.<br>[RFC8490]<br>Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S., Lemon, T., and T. Pusateri “DNS Stateful Operations” RFC 8490 DOI 10.17487/RFC8490 <a href="https://www.rfc-editor.org/info/rfc8490">https://www.rfc-editor.org/info/rfc8490</a><br>,<br>,<br>,<br>, March 2019,<br>.<br>[SRVTYPE]<br>IANA “Service Name and Transport Protocol Port Number Registry” &lt;https:// <a href="http://www.iana.org/assignments/service-names-port-numbers/&gt;">www.iana.org/assignments/service-names-port-numbers/&gt;</a><br>,<br>,<br>. </p><h2 id="9-2-Informative-References"><a href="#9-2-Informative-References" class="headerlink" title="9.2. Informative References"></a>9.2. Informative References</h2><p>[BCP195]<br>Sheffer, Y., Holz, R., and P. Saint-Andre “Recommendations for Secure Use of<br>Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)”<br>BCP 195 RFC 7525<br><a href="https://www.rfc-editor.org/info/bcp195">https://www.rfc-editor.org/info/bcp195</a><br>,<br>,<br>,<br>, May 2015,<br>.<br>[OBS]<br>Wikipedia “Observer pattern”<br>&lt;<a href="https://en.wikipedia.org/w/">https://en.wikipedia.org/w/</a><br>index.php?title=Observer_pattern&amp;oldid=939702131&gt;<br>,<br>, February 2020,<br>.<br>[RFC2308]<br>Andrews, M. “Negative Caching of DNS Queries (DNS NCACHE)” RFC 2308 DOI 10.17487/RFC2308<br><a href="https://www.rfc-editor.org/info/rfc2308">https://www.rfc-editor.org/info/rfc2308</a><br>,<br>,<br>,<br>, March 1998,<br>.<br>[RFC3123]<br>Koch, P. “A DNS RR Type for Lists of Address Prefixes (APL RR)” RFC 3123 DOI 10.17487/RFC3123<br><a href="https://www.rfc-editor.org/info/rfc3123">https://www.rfc-editor.org/info/rfc3123</a><br>,<br>,<br>,<br>, June 2001,<br>.<br>[RFC4287]<br>Nottingham, M., Ed. and R. Sayre, Ed. “The Atom Syndication Format” RFC 4287 DOI 10.17487/RFC4287<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc4287&gt;<br>,<br>,<br>,<br>, December 2005,<br>.<br>[RFC4953]<br>Touch, J. “Defending TCP Against Spoofing Attacks” RFC 4953 DOI 10.17487/ RFC4953<br><a href="https://www.rfc-editor.org/info/rfc4953">https://www.rfc-editor.org/info/rfc4953</a><br>,<br>,<br>,<br>, July 2007,<br>.<br>[RFC6281]<br>Cheshire, S., Zhu, Z., Wakikawa, R., and L. Zhang “Understanding Apple’s Back to My Mac (BTMM) Service” RFC 6281 DOI 10.17487/RFC6281<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc6281&gt;">www.rfc-editor.org/info/rfc6281&gt;</a><br>,<br>,<br>,<br>, June 2011,<br>.<br>[RFC6762]<br>,<br>,<br>,<br>,<br>February 2013,<br>.<br>Cheshire, S. and M. Krochmal “Multicast DNS” RFC 6762 DOI 10.17487/RFC6762<br><a href="https://www.rfc-editor.org/info/rfc6762">https://www.rfc-editor.org/info/rfc6762</a><br>[RFC6763]<br>Cheshire, S. and M. Krochmal “DNS-Based Service Discovery” RFC 6763 DOI 10.17487/RFC6763<br><a href="https://www.rfc-editor.org/info/rfc6763">https://www.rfc-editor.org/info/rfc6763</a><br>,<br>,<br>,<br>, February 2013,<br>.<br>[RFC6886]<br>Cheshire, S. and M. Krochmal “NAT Port Mapping Protocol (NAT-PMP)” RFC 6886 DOI 10.17487/RFC6886<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc6886&gt;<br>,<br>,<br>,<br>, April 2013,<br>.<br>[RFC6887]<br>Wing, D., Ed., Cheshire, S., Boucadair, M., Penno, R., and P. Selkirk “Port Control Protocol (PCP)” RFC 6887 DOI 10.17487/RFC6887<br><a href="https://www.rfceditor.org/info/rfc6887">https://www.rfceditor.org/info/rfc6887</a><br>,<br>,<br>,<br>, April 2013,<br>.<br>[RFC7413]<br>Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain “TCP Fast Open” RFC 7413 DOI 10.17487/RFC7413<br><a href="https://www.rfc-editor.org/info/rfc7413">https://www.rfc-editor.org/info/rfc7413</a><br>,<br>,<br>,<br>, December 2014,<br>.<br>[RFC8010]<br>Sweet, M. and I. McDonald “Internet Printing Protocol/1.1: Encoding and Transport” STD 92 RFC 8010 DOI 10.17487/RFC8010<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc8010&gt;">www.rfc-editor.org/info/rfc8010&gt;</a><br>,<br>,<br>,<br>,<br>, January 2017,<br>.<br>[RFC8011]<br>Sweet, M. and I. McDonald “Internet Printing Protocol/1.1: Model and Semantics” STD 92 RFC 8011 DOI 10.17487/RFC8011<br>&lt;https://<br><a href="http://www.rfc-editor.org/info/rfc8011&gt;">www.rfc-editor.org/info/rfc8011&gt;</a><br>,<br>,<br>,<br>,<br>, January 2017,<br>.<br>[RFC8499]<br>,<br>,<br>,<br>,<br>, January 2019,<br>.<br>Hoffman, P., Sullivan, A., and K. Fujiwara “DNS Terminology” BCP 219 RFC 8499 DOI 10.17487/RFC8499<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8499&gt;<br>[RFC8684]<br>,<br>,<br>,<br>, March 2020,<br>.<br>Ford, A., Raiciu, C., Handley, M., Bonaventure, O., and C. Paasch “TCP Extensions<br>for Multipath Operation with Multiple Addresses” RFC 8684 DOI 10.17487/ RFC8684<br><a href="https://www.rfc-editor.org/info/rfc8684">https://www.rfc-editor.org/info/rfc8684</a><br>[RFC8764]<br>,<br>,<br>,<br>, June 2020,<br>.<br>Cheshire, S. and M. Krochmal “Apple’s DNS Long-Lived Queries Protocol” RFC 8764 DOI 10.17487/RFC8764<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8764&gt;<br>[RFC8766]<br>Cheshire, S. “Discovery Proxy for Multicast DNS-Based Service Discovery” RFC 8766 DOI 10.17487/RFC8766<br>&lt;<a href="https://www.rfc-editor.org/info/">https://www.rfc-editor.org/info/</a><br>rfc8766&gt;<br>,<br>,<br>,<br>, June 2020,<br>.<br>[SD-API]<br>Apple Inc. “dns_sd.h” &lt;<a href="https://opensource.apple.com/source/mDNSResponder/">https://opensource.apple.com/source/mDNSResponder/</a> mDNSResponder-878.70.2/mDNSShared/dns_sd.h.auto.html&gt;<br>,<br>,<br>.<br>[SYN]<br>Eddy, W. “Defenses Against TCP SYN Flooding Attacks” The Internet Protocol Journal Cisco Systems Volume 9 Number 4<br>&lt;https://<br><a href="http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-4/ipj_9-4.pdf&gt;">www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-4/ipj_9-4.pdf&gt;</a><br>,<br>,<br>,<br>,<br>,<br>, December 2006,<br>.<br>[TCPRACK]<br>Cheng, Y., Cardwell, N., Dukkipati, N., and P. Jha “RACK: a time-based fast loss detection algorithm for TCP” Work in Progress Internet-Draft, draft-ietf-tcpmrack-08<br><a href="https://tools.ietf.org/html/draft-ietf-tcpm-rack-08">https://tools.ietf.org/html/draft-ietf-tcpm-rack-08</a><br>,<br>,<br>,<br>, 9 March 2020,<br>.<br>[XEP0060]<br>Millard, P., Saint-Andre, P., and R. Meijer “Publish-Subscribe” XSF XEP 0060<br><a href="https://xmpp.org/extensions/xep-0060.html">https://xmpp.org/extensions/xep-0060.html</a><br>,<br>,<br>,<br>October 2019,<br>. </p><h2 id="Acknowledgments"><a href="#Acknowledgments" class="headerlink" title="Acknowledgments"></a>Acknowledgments</h2><p>Kiren Sekar Marc Krochmal The authors would like to thank and for previous work completed in this field. This document has been improved due to comments from<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>,<br>, and<br>. </p><p> provided clarifying text that was greatly appreciated.</p><p>Ran Atkinson Tim Chown Sara Dickinson Mark Delany Ralph Droms Jan Komissar Eric Rescorla Michael Richardson David Schinazi Manju Shankar Rao Robert Sparks Markus Stenberg Andrew Sullivan Michael Sweet Dave Thaler Brian Trammell Bernie Volz Éric Vyncke Christopher Wood Liang Xia Soraia Zlatkovic Ted Lemon</p><h2 id="Authors’-Addresses"><a href="#Authors’-Addresses" class="headerlink" title="Authors’ Addresses"></a>Authors’ Addresses</h2><p>Tom Pusateri Unaffiliated<br>, </p><p>Raleigh NC 27608<br>United States of America Phone: +1 919 867 1330<br> <a href="mailto:&#x70;&#117;&#x73;&#x61;&#x74;&#101;&#x72;&#105;&#x40;&#98;&#x61;&#110;&#103;&#106;&#x2e;&#99;&#x6f;&#109;">&#x70;&#117;&#x73;&#x61;&#x74;&#101;&#x72;&#105;&#x40;&#98;&#x61;&#110;&#103;&#106;&#x2e;&#99;&#x6f;&#109;</a> Email: Stuart Cheshire Apple Inc. One Apple Park Way<br>, </p><p>Cupertino CA 95014<br>United States of America Phone: +1 (408) 996-1010<br> <a href="mailto:&#99;&#x68;&#101;&#x73;&#104;&#105;&#114;&#x65;&#x40;&#x61;&#x70;&#112;&#108;&#101;&#x2e;&#x63;&#111;&#109;">&#99;&#x68;&#101;&#x73;&#104;&#105;&#114;&#x65;&#x40;&#x61;&#x70;&#112;&#108;&#101;&#x2e;&#x63;&#111;&#109;</a> Email:</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/12/11/2023/rfc8765/rfc8765/"/>
      <url>/2023/12/11/2023/rfc8765/rfc8765/</url>
      
        <content type="html"><![CDATA[<p>RFC 8765 DNS Push Notifications June 2020</p><p>Stream: Internet Engineering Task Force (IETF) RFC:<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.001.png"> <a href="https://www.rfc-editor.org/rfc/rfc8765">8765</a></p><p>Category: Standards Track</p><p>Published: June 2020 </p><p>ISSN: 2070-1721</p><p>Authors: T. Pusateri S. Cheshire</p><p><em>Una�liated Apple Inc.</em></p><p><strong>RFC 8765</strong></p><p><strong>DNS Push Notifications</strong></p><p><a href="#_page0_x66.00_y232.00"><strong>Abstract</strong></a></p><p><a name="_page0_x66.00_y232.00"></a>The Domain Name System (DNS) was designed to return matching records efficiently for queries for data that are relatively static. When those records change frequently, DNS is still efficient at returning the updated results when polled, as long as the polling rate is not too high. But, there exists no mechanism for a client to be asynchronously notified when these changes occur. This document defines a mechanism for a client to be notified of such changes to DNS records, called DNS Push Noti<a name="_page0_x66.00_y358.00"></a>fications.</p><p><a href="#_page0_x66.00_y358.00"><strong>Status of This Memo</strong> </a></p><p>This is an Internet Standards Track document.</p><p>This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.</p><p>Information about the current status of this document, any errata, and how to provide feedback on it ma<a name="_page0_x66.00_y517.00"></a>y be obtained at <a href="https://www.rfc-editor.org/info/rfc8765">https://www.rfc-editor.org/info/rfc8765.</a></p><p><a href="#_page0_x66.00_y517.00"><strong>Copyright Notice</strong> </a></p><p>Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.</p><p>This document is subject to BCP 78 and the IETF Trust’s Legal Provisions Relating to IETF Documents (<a href="https://trustee.ietf.org/license-info">https://trustee.ietf.org/license-info) in effect</a> on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.</p><p><a href="#_page1_x66.00_y71.00"><strong>Table of Contents</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><ol><li><a name="_page1_x66.00_y71.00"></a><a href="#_page2_x66.00_y194.00">Introduction</a><ol><li><a href="#_page2_x66.00_y334.00">Requirements Language</a></li><li><a href="#_page2_x66.00_y424.00">Fatal Errors</a></li></ol></li><li><a href="#_page3_x66.00_y70.00">Motivation</a></li><li><a href="#_page4_x66.00_y70.00">Overview</a></li><li><a href="#_page5_x66.00_y267.00">State Considerations</a></li><li><a href="#_page5_x66.00_y420.00">Transport</a></li><li><a href="#_page6_x66.00_y186.00">Protocol Operation</a></li><li><a href="#_page6_x66.00_y565.00">Discovery</a></li><li><a href="#_page9_x66.00_y254.00">DNS Push Notification SUBSCRIBE</a><ol><li><a href="#_page9_x66.00_y524.00">SUBSCRIBE Request</a></li><li><a href="#_page11_x66.00_y379.00">SUBSCRIBE Response</a></li></ol></li><li><a href="#_page14_x66.00_y269.00">DNS Push Notification Updates</a><ol><li><a href="#_page14_x66.00_y424.00">PUSH Message</a></li></ol></li><li><a href="#_page18_x66.00_y363.00">DNS Push Notification UNSUBSCRIBE</a><ol><li><a href="#_page18_x66.00_y504.00">UNSUBSCRIBE Message</a></li></ol></li><li><a href="#_page19_x66.00_y592.00">DNS Push Notification RECONFIRM</a><ol><li><a href="#_page20_x66.00_y379.00">RECONFIRM Message</a></li></ol></li><li><a href="#_page22_x66.00_y70.00">DNS Stateful Operations TLV Context Summary</a></li><li><a href="#_page23_x66.00_y70.00">Client-Initiated Termination</a></li><li><a href="#_page23_x66.00_y500.00">Client Fallback to Polling</a></li><li><a href="#_page24_x66.00_y478.00">Security Considerations</a><ol><li><a href="#_page25_x66.00_y149.00">Security Services</a></li><li><a href="#_page25_x66.00_y446.00">TLS Name Authentication</a></li><li><a href="#_page26_x66.00_y70.00">TLS Early Data</a></li><li><a href="#_page26_x66.00_y351.00">TLS Session Resumption</a></li></ol></li><li><a href="#_page26_x66.00_y455.00">IANA Considerations</a></li><li><a href="#_page27_x66.00_y227.00">References</a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></li><li><a href="#_page27_x66.00_y261.00">Normative References</a></li><li><a href="#_page29_x66.00_y70.00">Informative References</a></li></ol><p><a href="#_page30_x66.00_y422.00">Acknowledgments </a><a href="#_page31_x66.00_y70.00">Authors’ Addresses</a></p><ol><li><a href="#_page2_x66.00_y194.00"><strong>Introduction</strong> </a></li></ol><p><a name="_page2_x66.00_y194.00"></a>Domain Name System (DNS) records may be updated using DNS Update [RFC2136]. Other mechanisms such as a Discovery Proxy [<a href="#_page30_x66.00_y217.00">RFC8766] can also gener</a>ate changes to a DNS zone. This document specifies a protocol for DNS clients to subscribe to receive asynchronous notifications of changes to RRsets of interest. It is immediately relevant in the case of DNS-based Service Discovery [<a href="#_page29_x66.00_y436.00">RFC6763] but</a> is not limited to that use case; it provides a general DNS mechanism for DNS record change notifications. Familiarity with the DNS protocol and DNS packet formats is assumed <a name="_page2_x66.00_y334.00"></a>[<a href="#_page27_x66.00_y445.00">RFC1034] [</a><a href="#_page27_x66.00_y480.00">RFC1035] [</a><a href="#_page28_x66.00_y266.00">RFC6895].</a></p><ol><li><a href="#_page2_x66.00_y334.00"><strong>Requirements Language</strong> </a></li></ol><p>The key words “<strong>MUST</strong>“, “ <strong>MUST NOT</strong>“, “ <strong>REQUIRED</strong>“, “<strong>SHALL</strong>“, “<strong>SHALL NOT</strong>“, “<strong>SHOULD</strong>“, “<strong>SHOULD NOT</strong>“, “<strong>RECOMMENDED</strong>“, “<strong>NOT RECOMMENDED</strong>“, “<strong>MAY</strong>“, and “<strong>OPTIONAL</strong>“ in this document are to be interpreted as described in BCP 14 [<a href="#_page27_x66.00_y578.00">RFC2119</a>] [<a href="#_page27_x66.00_y578.00">RFC8174]</a> <a href="#_page27_x66.00_y578.00">when,</a> <a href="#_page28_x66.00_y461.00">and only when,</a> they appear in</p><p>all capitals, as shown here.</p><ol start="2"><li><a name="_page2_x66.00_y424.00"></a><a href="#_page2_x66.00_y424.00"><strong>Fatal Errors</strong> </a></li></ol><p>Certain invalid situations are described in this specification, such as a server sending a Push Notification subscription request to a client, or a client sending a Push Notification response to a server. These should never occur with a correctly implemented client and server, and if they do occur, then they indicate a serious implementation error. In these extreme cases, there is no reasonable expectation of a graceful recovery, and the recipient detecting the error should respond by unilaterally aborting the session without regard for data loss. Such cases are addressed by having an engineer investigate the cause of the failure and fixing the problem in the software.</p><p>Where this specification says “forcibly abort”, it means sending a TCP RST to terminate the TCP connection and the TLS session running over that TCP connection. In the BSD Sockets API, this is achieved by setting the SO_LINGER option to zero before closing the socket.</p><ol start="2"><li><a href="#_page3_x66.00_y70.00"><strong>Motivation</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></li></ol><p><a name="_page3_x66.00_y70.00"></a>As the domain name system continues to adapt to new uses and changes in deployment, polling has the potential to burden DNS servers at many levels throughout the network. Other network protocols have successfully deployed a publish/subscribe model following the Observer design pattern [<a href="#_page29_x66.00_y163.00">OBS]. Extensible</a> Messaging and Presence Protocol (XMPP) Publish-Subscribe  [<a href="#_page30_x66.00_y398.00">XEP0060] </a>and Atom [<a href="#_page29_x66.00_y268.00">RFC4287] are</a> examples. While DNS servers are generally highly tuned and capable of a high rate of query/response traffic, adding a publish/subscribe model for tracking changes to DNS records can deliver more timely notifications of changes with reduced CPU usage and lower network traffic.</p><p>The guiding design principle of DNS Push Notifications is that clients that choose to use DNS Push Notifications, instead of repeated polling with DNS queries, will receive the same results as they could via sufficiently rapid polling, except more efficiently. This means that the rules for which records match a given DNS Push Notification subscription are the same as the already established rules used to determine which records match a given DNS query  [<a href="#_page27_x66.00_y445.00">RFC1034]</a>. F<a href="#_page27_x66.00_y445.00">or </a>example, name comparisons are done in a case-insensitive manner, and a record of type CNAME in a zone matches any DNS TYPE in a query or subscription.</p><p>Multicast DNS [<a href="#_page29_x66.00_y401.00">RFC6762] </a>implementations always listen on a well-known link-local IP multicast group address, and changes are sent to that multicast group address for all group members to receive. Therefore, Multicast DNS already has asynchronous change notification capability. When DNS-based Service Discovery [<a href="#_page29_x66.00_y436.00">RFC6763] is used across</a> a wide area network using Unicast DNS (possibly facilitated via a Discovery Proxy [<a href="#_page30_x66.00_y217.00">RFC8766]</a>), <a href="#_page30_x66.00_y217.00">it would be</a> beneficial to have an equivalent capability for Unicast DNS in order to allow clients to learn about DNS record changes in a timely manner without polling.</p><p>The DNS Long-Lived Queries (LLQ) mechanism [<a href="#_page30_x66.00_y168.00">RFC8764] is an existing</a> deployed solution to provide asynchronous change notifications; it was used by Apple’s Back to My Mac [RFC6281] service introduced in Mac OS X 10.5 Leopard in 2007. Back to My Mac was designed in an era when the data center operations staff asserted that it was impossible for a server to handle large numbers of TCP connections, even if those connections carried very little traffic and spent most of their time idle. Consequently, LLQ was defined as a UDP-based protocol, effectively replicating much of TCP’s connection state management logic in user space and creating its own imitation of existing TCP features like flow control, reliability, and the three-way handshake.</p><p>This document builds on experience gained with the LLQ protocol, with an improved design. Instead of using UDP, this specification uses DNS Stateful Operations (DSO) [RFC8490] running over TLS over TCP, and therefore doesn’t need to reinvent existing TCP functionality. Using TCP also gives long-lived low-traffic connections better longevity through NAT gateways without depending on the gateway to support NAT Port Mapping Protocol (NAT-PMP) [RFC6886] or Port Control Protocol (PCP) [<a href="#_page29_x66.00_y520.00">RFC6887], or </a>resorting to excessive keepalive traffic.</p><ol start="3"><li><a href="#_page4_x66.00_y70.00"><strong>Overview</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></li></ol><p><a name="_page4_x66.00_y70.00"></a>A DNS Push Notification client subscribes for Push Notifications for a particular RRset by connecting to the appropriate Push Notification server for that RRset and sending DSO message (s) indicating the RRset(s) of interest. When the client loses interest in receiving further updates to these records, it unsubscribes.</p><p>The DNS Push Notification server for a DNS zone is any server capable of generating the correct change notifications for a name. It may be a primary, secondary, or stealth name server [<a href="#_page30_x66.00_y70.00">RFC8499]</a>.</p><p>The _dns‑push‑tls._tcp.<zone> SRV record for a zone <strong>MAY</strong> reference the same target host and port as that zone’s _dns‑update‑tls._tcp.<zone> SRV record. When the same target host and port is offered for both DNS Updates and DNS Push Notifications, a client  <strong>MAY</strong> use a single DSO session to that server for both DNS Updates and DNS Push Notification subscriptions. DNS Updates and DNS Push Notifications may be handled on different ports on the same target host, in which case they are not considered to be the “same server” for the purposes of this specification, and communications with these two ports are handled independently. Supporting DNS Updates and DNS Push Notifications on the same server is <strong>OPTIONAL</strong>. A DNS Push Notification server is not required to support DNS Update.</p><p>Standard DNS Queries <strong>MAY</strong> be sent over a DNS Push Notification (i.e., DSO) session. For any zone for which the server is authoritative, it  <strong>MUST</strong> respond authoritatively for queries for names falling within that zone (e.g., the _dns‑push‑tls._tcp.<zone> SRV record) both for normal DNS queries and for DNS Push Notification subscriptions. For names for which the server is acting as a recursive resolver (e.g., when the server is the local recursive resolver) for any query for which it supports DNS Push Notification subscriptions, it  <strong>MUST</strong> also support standard queries.</p><p>DNS Push Notifications impose less load on the responding server than rapid polling would, but Push Notifications do still have a cost. Therefore, DNS Push Notification clients <strong>MUST NOT</strong> recklessly create an excessive number of Push Notification subscriptions. Specifically:</p><ol><li>A subscription should only be active when there is a valid reason to need live data (for example, an on-screen display is currently showing the results to the user), and the subscription <strong>SHOULD</strong> be canceled as soon as the need for that data ends (for example, when the user dismisses that display). In the case of a device like a smartphone that, after some period of inactivity, goes to sleep or otherwise darkens its screen, it should cancel its subscriptions when darkening the screen (since the user cannot see any changes on the display anyway) and reinstate its subscriptions when reawakening from display sleep. </li><li>A DNS Push Notification client <strong>SHOULD NOT</strong> routinely keep a DNS Push Notification subscription active 24 hours a day, 7 days a week, just to keep a list in memory up to date so that if the user does choose to bring up an on-screen display of that data, it can be displayed really fast. DNS Push Notifications are designed to be fast enough that there is no need to pre-load a “warm” list in memory just in case it might be needed later. </li></ol><p>Generally, as described in the DNS Stateful Operations specification [RFC8490], a client <a href="#_page28_x66.00_y594.00">must not </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1">keep a DSO session to a server open indefinitely if it has no subscriptions (or other operations) active on that session. A client should begin closing a DSO session immediately after it becomes idle, and then, if needed in the future, open a new session when required. Alternatively, a client may speculatively keep an idle DSO session open for some time, subject to the constraint that it must not keep a session open that has been idle for more than the session’s idle timeout (15 seconds by default) [<a href="#_page28_x66.00_y594.00">RFC8490].</a></p><p>Note that a DSO session that has an active DNS Push Notification subscription is not considered idle, even if there is no traffic flowing for an extended period of time. In this case, the DSO inactivity timeout does not apply, because the session is not inactive, but the keepalive interval does still apply, to ensure the generation of sufficient messages to maintain state in middleboxes (such at NAT gateways or firewalls) and for the client and server to periodically verify that they still have connectivity to each other. This is described in Section <a href="https://www.rfc-editor.org/rfc/rfc8490#section-6.2">6.2 of the DSO</a> specification [<a name="_page5_x66.00_y267.00"></a><a href="#_page28_x66.00_y594.00">RFC8490]</a>.</p><ol start="4"><li><a href="#_page5_x66.00_y267.00"><strong>State Considerations</strong> </a></li></ol><p>Each DNS Push Notification server is capable of handling some finite number of Push Notification subscriptions. This number will vary from server to server and is based on physical machine characteristics, network capacity, and operating system resource allocation. After a client establishes a session to a DNS server, each subscription is individually accepted or rejected. Servers may employ various techniques to limit subscriptions to a manageable level. Correspondingly, the client is free to establish simultaneous sessions to alternate DNS servers that support DNS Push Notifications for the zone and distribute subscriptions at the client’s discretion. In this wa<a name="_page5_x66.00_y420.00"></a>y, both clients and servers can react to resource constraints.</p><ol start="5"><li><a href="#_page5_x66.00_y420.00"><strong>Transport</strong> </a></li></ol><p>Other DNS operations like DNS Update [<a href="#_page27_x66.00_y627.00">RFC2136] <strong>MAY</strong></a> <a href="#_page27_x66.00_y627.00">use </a>either DNS over User Datagram Protocol (UDP) [<a href="#_page27_x66.00_y375.00">RFC0768] or</a> DNS over Transmission Control Protocol (TCP) [RFC0793] as the transport protocol, provided they follow the historical precedent that DNS queries must first be sent using DNS over UDP and only switch to DNS over TCP if needed [RFC1123<a href="#_page27_x66.00_y529.00">]</a>. This <a href="#_page27_x66.00_y529.00">requirement </a>to prefer UDP has subsequently been relaxed [RFC7766].</p><p>In keeping with the more recent precedent, DNS Push Notification is defined only for TCP. DNS Push Notification clients <strong>MUST</strong> use DNS Stateful Operations [RFC8490] running <a href="#_page28_x66.00_y594.00">over TLS over</a> TCP [<a href="#_page28_x66.00_y412.00">RFC7858]</a>.</p><p>Connection setup over TCP ensures return reachability and alleviates concerns of state overload at the server, a potential problem with connectionless protocols, which can be more vulnerable to being exploited by attackers using spoofed source addresses. All subscribers are guaranteed to be reachable by the server by virtue of the TCP three-way handshake. Flooding attacks are possible with any protocol, and a benefit of TCP is that there are already established industry best practices to guard against SYN flooding and similar attacks [SYN] [<a href="#_page30_x66.00_y301.00">RFC4953</a>].</p><p>Use of TCP also allows DNS Push Notifications to take advantage of current and future developments in TCP such as Multipath TCP (MPTCP) [![ref1]<a href="#_page30_x66.00_y119.00">RFC8684]</a>, T<a href="#_page30_x66.00_y119.00">CP Fast Open</a> (TFO) [RFC7413], the TCP RACK fast loss detection algorithm [T<a href="#_page30_x66.00_y350.00">CPRACK], and so on.</a></p><p>Transport Layer Security (TLS) [<a href="#_page28_x66.00_y558.00">RFC8446] is well </a>understood and is used by many application- layer protocols running over TCP. TLS is designed to prevent eavesdropping, tampering, and message forgery. TLS is <strong>REQUIRED</strong> for every connection between a client subscriber and server in this protocol specification. Additional security measures such as client authentication during TLS negotiation ma<a name="_page6_x66.00_y186.00"></a>y also be employed to increase the trust relationship between client and server.</p><ol start="6"><li><a href="#_page6_x66.00_y186.00"><strong>Protocol Operation</strong> </a></li></ol><p>The DNS Push Notification protocol is a session-oriented protocol and makes use of DNS Stateful Operations (DSO) [<a href="#_page28_x66.00_y594.00">RFC8490].</a></p><p>For details of the DSO message format, refer to the DNS Stateful Operations specification [<a href="#_page28_x66.00_y594.00">RFC8490]</a>. Those details are not repeated here.</p><p>DNS Push Notification clients and servers  <strong>MUST</strong> support DSO. A single server can support DNS Queries, DNS Updates, and DNS Push Notifications (using DSO) on the same TCP port.</p><p>A DNS Push Notification exchange begins with the client discovering the appropriate server, using the procedure described in Section<a href="#_page6_x66.00_y565.00"> 6.1, and then</a> making a TLS/TCP connection to it.</p><p>After making the TLS/TCP connection to the server, a typical DNS Push Notification client will then immediately issue a DSO Keepalive operation to establish the DSO session and request a session timeout and/or keepalive interval longer than the 15-second default values, but this is not required. A DNS Push Notification client  <strong>MAY</strong> issue other requests on the session first, and only issue a DSO Keepalive operation later if it determines that to be necessary. Sending either a DSO Keepalive operation or a Push Notification subscription request over the TLS/TCP connection to the server signals the client’s support of DSO and serves to establish a DSO session.</p><p>In accordance with the current set of active subscriptions, the server sends relevant asynchronous Push Notifications to the client. Note that a client  <strong>MUST</strong> be prepared to receive (and silently ignore) Push Notifications for subscriptions it has previously removed, since there is no way to prevent the situation where a Push Notification is in flight from server to client while the client’s UNSUBSCRIBE message canceling that subscription is simultaneously in flight from</p><p>client to server.</p><ol><li><a name="_page6_x66.00_y565.00"></a><a href="#_page6_x66.00_y565.00"><strong>Discovery</strong> </a></li></ol><p>The first step in establishing a DNS Push Notification subscription is to discover an appropriate DNS server that supports DNS Push Notifications for the desired zone.</p><p>The client begins by opening a DSO session to its normal configured DNS recursive resolver and requesting a Push Notification subscription. This connection is made to TCP port 853, the default</p><p>port for DNS over TLS [<a href="#_page28_x66.00_y412.00">RFC7858]. If the</a> request for a Push Notification subscription is successful,</p><p>and the recursive resolver doesn’t already have an active subscription for that name, type, and class, then the recursive resolver will make a corresponding Push Notification subscription on the client’s behalf. Results received are relayed to the client. This is closely analogous to how a client sends a normal DNS query to its configured DNS recursive resolver, which, if it doesn’t already have appropriate answer(s) in its cache, issues an upstream query to satisfy the request.<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></p><p>In many contexts, the recursive resolver will be able to handle Push Notifications for all names that the client may need to follow. Use of VPN tunnels and Private DNS [RFC8499] can create some additional complexity in the client software here; the techniques to handle VPN tunnels and Private DNS for DNS Push Notifications are the same as those already used to handle this for normal DNS queries.</p><p>If the recursive resolver does not support DNS over TLS, or supports DNS over TLS but is not listening on TCP port 853, or supports DNS over TLS on TCP port 853 but does not support DSO on that port, then the DSO session establishment will fail [RFC8490].</p><p>If the recursive resolver does support DSO on TCP port 853 but does not support Push Notification subscriptions, then when the client attempts to create a subscription, the server will return the DSO error code DSOTYPENI (11).</p><p>In some cases, the recursive resolver may support DSO and Push Notification subscriptions but may not be able to subscribe for Push Notifications for a particular name. In this case, the recursive resolver should return SERVFAIL to the client. This includes being unable to establish a connection to the zone’s DNS Push Notification server or establishing a connection but receiving a non-success response code. In some cases, where the client has a pre-established trust relationship with the owner of the zone (that is not handled via the usual mechanisms for VPN software), the client may handle these failures by contacting the zone’s DNS Push Notification server directly.</p><p>In any of the cases described above where the client fails to establish a DNS Push Notification subscription via its configured recursive resolver, the client should proceed to discover the appropriate server for direct communication. The client  <strong>MUST</strong> also determine on which TCP port the server is listening for connections, which need not be, and often is not, TCP port 53 (traditionally used for conventional DNS) or TCP port 853 (traditionally used for DNS over TLS).</p><p>The discovery algorithm described here is an iterative algorithm, which starts with the full name of the record to which the client wishes to subscribe. Successive SOA queries are then issued, trimming one label each time, until the closest enclosing authoritative server is discovered. There is also an optimization to enable the client to take a “short cut” directly to the SOA record of the closest enclosing authoritative server in many cases.</p><ol><li><p>The client begins the discovery by sending a DNS query to its local resolver, with record type SOA [<a href="#_page27_x66.00_y480.00">RFC1035]</a> for the record name to which it wishes to subscribe. As an example, suppose the client wishes to subscribe to PTR records with the name _ipp._tcp.headoffice.example.com (to discover Internet Printing Protocol (IPP) printers [<a href="#_page29_x66.00_y604.00">RFC8010]</a> [<a href="#_page29_x66.00_y653.00">RFC8011] </a>being advertised in the head office of Example Company). The client begins by sending an SOA query for _ipp._tcp.headoffice.example.com to the local</p><p>recursive resolver. The goal is to determine the server that is authoritative for the name <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></p></li></ol><p>_ipp._tcp.headoffice.example.com. The closest enclosing DNS zone containing the name _ipp._tcp.headoffice.example.com could be example.com, or headoffice.example.com, or _tcp.headoffice.example.com, or even _ipp._tcp.headoffice.example.com. The client does not know in advance where the closest enclosing zone cut occurs, which is why it uses the iterative procedure described here to discover this information. </p><ol start="2"><li><p>If the requested SOA record exists, it will be returned in the Answer Section with a NOERROR response code, and the client has succeeded in discovering the information it needs.</p><p>(This language is not placing any new requirements on DNS recursive resolvers. This text merely describes the existing operation of the DNS protocol [RFC1034] [RFC1035].)</p></li><li><p>If the requested SOA record does not exist, the client will get back a NOERROR/NODATA response or an NXDOMAIN/Name Error response. In either case, the local resolver would normally include the SOA record for the closest enclosing zone of the requested name in the Authority Section. If the SOA record is received in the Authority Section, then the client has succeeded in discovering the information it needs.</p><p>(This language is not placing any new requirements on DNS recursive resolvers. This text merely describes the existing operation of the DNS protocol regarding negative responses [<a href="#_page29_x66.00_y198.00">RFC2308]</a>.)</p></li><li><p>If the client receives a response containing no SOA record, then it proceeds with the iterative approach. The client strips the leading label from the current query name, and if the resulting name has at least two labels in it, then the client sends an SOA query for that new name and processing continues at step 2 above, repeating the iterative search until either an SOA is received or the query name consists of a single label, i.e., a Top-Level Domain (TLD). In the case of a single-label name (TLD), this is a network configuration error, which should not happen, and the client gives up. The client may retry the operation at a later time of the client’s choosing, such as after a change in network attachment. </p></li><li><p>Once the SOA is known (by virtue of being seen either in the Answer Section or in the Authority Section), the client sends a DNS query with type SRV [RFC2782<a href="#_page28_x66.00_y106.00">] </a>for the <a href="#_page28_x66.00_y106.00">record </a>name _dns‑push‑tls._tcp.<zone>, where <zone> is the owner name of the discovered SOA record. </p></li><li><p>If the zone in question is set up to offer DNS Push Notifications, then this SRV record <strong>MUST</strong> exist. (If this SRV record does not exist, then the zone is not correctly configured for DNS Push Notifications as specified in this document.) The SRV target contains the name of the server providing DNS Push Notifications for the zone. The port number on which to contact the server is in the SRV record port field. The address(es) of the target host  <strong>MAY</strong> be included in the Additional Section, however, the address records  <strong>SHOULD</strong> be authenticated before use as described in <a href="#_page25_x66.00_y446.00">Section 7.2 and </a>in the specification for using DNS-Based Authentication of Named Entities (DANE) TLSA Records with SRV Records [<a href="#_page28_x66.00_y314.00">RFC7673]</a>, <a href="#_page28_x66.00_y314.00">if applicable.</a> </p></li><li><p>More than one SR<a name="_page8_x86.00_y637.00"></a>V record may be returned. In this case, the priority and weight values in the returned SRV records are used to determine the order in which to contact the servers for subscription requests. As described in the SRV specification [RFC2782<a href="#_page28_x66.00_y106.00">]</a>, the <a href="#_page28_x66.00_y106.00">server with the </a>lowest priority is first contacted. If more than one server has the same priority, the </p><p>weight indicates the weighted probability that the client should contact that server. Higher weights have higher probabilities of being selected. If a server is not willing to accept a subscription request, or is not reachable within a reasonable time, as determined by the client, then a subsequent server is to be contacted. <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></p></li></ol><p>Each time a client makes a new DNS Push Notification subscription, it  <strong>SHOULD</strong> repeat the discovery process in order to determine the preferred DNS server for that subscription at that time. If a client already has a DSO session with that DNS server, the client  <strong>SHOULD</strong> reuse that existing DSO session for the new subscription; otherwise, a new DSO session is established. The client <strong>MUST</strong> respect the DNS TTL values on records it receives while performing the discovery process and store them in its local cache with this lifetime (as it will generally do anyway for all DNS queries it performs). This means that, as long as the DNS TTL values on the authoritative records are set to reasonable values, repeated application of the discovery process can be completed pr<a name="_page9_x66.00_y254.00"></a>actically instantaneously by the client, using only locally stored cached data.</p><ol start="2"><li><a href="#_page9_x66.00_y254.00"><strong>DNS Push Notification SUBSCRIBE</strong> </a></li></ol><p>After connecting, and requesting a longer idle timeout and/or keepalive interval if necessary, a DNS Push Notification client then indicates its desire to receive DNS Push Notifications for a given domain name by sending a SUBSCRIBE request to the server. A SUBSCRIBE request is encoded in a DSO message [<a href="#_page28_x66.00_y594.00">RFC8490]. This speci</a>fication defines a DSO Primary TLV for DNS Push Notification SUBSCRIBE Requests (DSO Type Code 0x0040).</p><p>DSO messages with the SUBSCRIBE TLV as the Primary TLV are permitted in TLS early data, provided that the precautions described in Section <a href="#_page26_x66.00_y70.00">7.3 are followed.</a></p><p>The entity that initiates a SUBSCRIBE request is by definition the client. A server  <strong>MUST NOT</strong> send a SUBSCRIBE request over an existing session from a client. If a server does send a SUBSCRIBE request over a DSO session initiated by a client, this is a fatal error and the client  <strong>MUST</strong> forcibly abort the connection immediately.</p><p>Each SUBSCRIBE request generates exactly one SUBSCRIBE response from the server. The entity that initiates a SUBSCRIBE response is by definition the server. A client <strong>MUST NOT</strong> send a SUBSCRIBE response. If a client does send a SUBSCRIBE response, this is a fatal error and the server <a name="_page9_x66.00_y524.00"></a><strong>MUST</strong> forcibly abort the connection immediately.</p><ol><li><a href="#_page9_x66.00_y524.00"><strong>SUBSCRIBE Request</strong> </a></li></ol><p>A SUBSCRIBE request begins with the standard DSO 12-byte header [RFC8490<a href="#_page28_x66.00_y594.00">]</a>, followed<a href="#_page28_x66.00_y594.00"> by the </a>SUBSCRIBE Primary TLV. A SUBSCRIBE request is illustrated in Figure<a href="#_page10_x66.00_y182.00"> 1.</a></p><p>The MESSAGE ID field <strong>MUST</strong> be set to a unique value that the client is not using for any other active operation on this DSO session. For the purposes here, a MESSAGE ID is in use on this session if either the client has used it in a request for which it has not yet received a response, or if the client has used it for a subscription that it has not yet canceled using UNSUBSCRIBE. In the SUBSCRIBE response, the server <strong>MUST</strong> echo back the MESSAGE ID value unchanged.</p><p>The other header fields <strong>MUST</strong> be set as described in the  DSO<a href="#_page28_x66.00_y594.00"> specification [RFC8490]. The DNS </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2">OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>The DSO-TYPE is SUBSCRIBE (0x0040).</p><p>The DSO-LENGTH is the length of the DSO-DATA that follows, which specifies the name, type, and class of the record(s) being sought.</p><p><a name="_page10_x66.00_y182.00"></a>                                   1  1  1  1  1  1</p><p><code>     </code>0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|                  MESSAGE ID                   |   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|QR| OPCODE(6) |         Z          |   RCODE   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             QDCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER</p><p><code>   </code>|             ANCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             NSCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             ARCOUNT (MUST BE ZERO)            |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><code>   </code>|         DSO-TYPE = SUBSCRIBE (0x0040)         |    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+</p><p><code>   </code>|   DSO-LENGTH (number of octets in DSO-DATA)   |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>\                     NAME                      \   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                     TYPE                      |     &gt; DSO-DATA    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                     CLASS                     |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><a href="#_page10_x66.00_y182.00">*Figure 1:</a> <em><a href="#_page10_x66.00_y182.00">SUBSCRIBE Request* </a></em></p><p>The DSO-DATA for a SUBSCRIBE request <strong>MUST</strong> contain exactly one NAME, TYPE, and CLASS. Since SUBSCRIBE requests are sent over TCP, multiple SUBSCRIBE DSO request messages can be concatenated in a single TCP stream and packed efficiently into TCP segments.</p><p>If accepted, the subscription will stay in effect until the client cancels the subscription using UNSUBSCRIBE or until the DSO session between the client and the server is closed.</p><p>SUBSCRIBE requests on a given session <strong>MUST</strong> be unique. A client  <strong>MUST NOT</strong> send a SUBSCRIBE message that duplicates the name, type and class of an existing active subscription on that DSO session. For the purpose of this matching, the established DNS case insensitivity for US-ASCII letters [<a href="#_page27_x66.00_y340.00">RFC0020] </a>applies (e.g., “example.com” and “Example.com” are the same). If a server receives such a duplicate SUBSCRIBE message, this is a fatal error and the server  <strong>MUST</strong> forcibly abort the connection immediately.</p><p>DNS wildcarding is not supported. That is, an asterisk character (“*“) in a SUBSCRIBE message matches only a literal asterisk character (“*“) in a name and nothing else. Similarly, a CNAME in a SUBSCRIBE message matches only a CNAME record with that name in the zone and no other records with that name.<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>A client may SUBSCRIBE to records that are unknown to the server at the time of the request (providing that the name falls within one of the zone(s) the server is responsible for), and this is not an error. The server <strong>MUST NOT</strong> return NXDOMAIN in this case. The server  <strong>MUST</strong> accept these requests and send Push Notifications if and when matching records are found in the future.</p><p>If neither TYPE nor CLASS are ANY (255), then this is a specific subscription to changes for the given name, type, and class. If one or both of TYPE or CLASS are ANY (255), then this subscription matches all types and/or all classes as appropriate.</p><p>NOTE: A little-known quirk of DNS is that in DNS QUERY requests, QTYPE and QCLASS 255 mean “ANY”, not “ALL”. They indicate that the server should respond with ANY matching records of its choosing, not necessarily ALL matching records. This can lead to some surprising and unexpected results, where a query returns some valid answers, but not all of them, and makes QTYPE = 255 (ANY) queries less useful than people sometimes imagine.</p><p>When used in conjunction with SUBSCRIBE, TYPE 255 and CLASS 255 should be interpreted to mean “ALL”, not “ANY”. After accepting a subscription where one or both of TYPE or CLASS are 255, the server <strong>MUST</strong> send Push Notification Updates for ALL record changes that match the subscription, not just some of them.</p><ol start="2"><li><a name="_page11_x66.00_y379.00"></a><a href="#_page11_x66.00_y379.00"><strong>SUBSCRIBE Response</strong> </a></li></ol><p>A SUBSCRIBE response begins with the standard DSO 12-byte header [RFC8490<a href="#_page28_x66.00_y594.00">]</a>. The QR<a href="#_page28_x66.00_y594.00"> bit in the </a>header is set indicating it is a response. The header  <strong>MAY</strong> be followed by one or more optional Additional TLVs such as a Retry Delay Additional TLV. A SUBSCRIBE response is illustrated in </p><p><a href="#_page12_x66.00_y70.00">Figure 2.</a></p><p>The MESSAGE ID field <strong>MUST</strong> echo the value given in the MESSAGE ID field of the SUBSCRIBE request. This is how the client knows which request is being responded to.</p><p>The other header fields <strong>MUST</strong> be set as described in the  DSO<a href="#_page28_x66.00_y594.00"> specification [RFC8490]. The DNS </a>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>A SUBSCRIBE response message <strong>MUST NOT</strong> include a SUBSCRIBE TLV. If a client receives a SUBSCRIBE response message containing a SUBSCRIBE TLV, then the response message is processed but the SUBSCRIBE TLV <strong>MUST</strong> be silently ignored.</p><p><a name="_page12_x66.00_y70.00"></a>                                   1  1  1  1  1  1<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.004.png" alt="ref3"></p><p><code>     </code>0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|                  MESSAGE ID                   |   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|QR| OPCODE(6) |         Z          |   RCODE   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             QDCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER    |             ANCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             NSCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             ARCOUNT (MUST BE ZERO)            |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><a href="#_page12_x66.00_y70.00">*Figure 2:</a> <em><a href="#_page12_x66.00_y70.00">SUBSCRIBE Response* </a></em></p><p>In the SUBSCRIBE response, the RCODE indicates whether or not the subscription was accepted. Supported RCODEs are as follows:</p><table><thead><tr><th><a name="_page12_x66.00_y332.00"></a><a name="_page12_x77.00_y332.00"></a><strong>Mnemonic</strong></th><th><strong>Value</strong></th><th><strong>Description</strong></th></tr></thead><tbody><tr><td>NOERROR</td><td>0</td><td>SUBSCRIBE successful.</td></tr><tr><td>FORMERR</td><td>1</td><td>Server failed to process request due to a malformed request.</td></tr><tr><td>SERVFAIL</td><td>2</td><td>Server failed to process request due to a problem with the server.</td></tr><tr><td>NOTIMP</td><td>4</td><td>Server does not implement DSO.</td></tr><tr><td>REFUSED</td><td>5</td><td>Server refuses to process request for policy or security reasons.</td></tr><tr><td>NOTAUTH</td><td>9</td><td>Server is not authoritative for the requested name.</td></tr><tr><td>DSOTYPENI</td><td>11</td><td>SUBSCRIBE operation not supported.</td></tr></tbody></table><p><a href="#_page12_x77.00_y332.00">*Table 1:</a> <em><a href="#_page12_x66.00_y332.00">SUBSCRIBE Response Codes* </a></em></p><p>This document specifies only these RCODE values for SUBSCRIBE Responses. Servers sending SUBSCRIBE Responses <strong>SHOULD</strong> use one of these values. Note that NXDOMAIN is not a valid RCODE in response to a SUBSCRIBE Request. However, future circumstances may create situations where other RCODE values are appropriate in SUBSCRIBE Responses, so clients <strong>MUST</strong> be prepared to accept and handle SUBSCRIBE Responses with any other nonzero RCODE error values.</p><p>If the server sends a nonzero RCODE in the SUBSCRIBE response, that means:</p><ol><li>the client is (at least partially) misconfigured, or </li><li>the server resources are exhausted, or </li><li>there is some other unknown failure on the server. <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></li></ol><p>In any case, the client shouldn’t retry the subscription to this server right away. If multiple SRV records were returned as described in Section <a href="#_page8_x86.00_y637.00">6.1, Paragraph 9, Item 7, a subsequent</a> server <strong>MAY</strong> be tried immediately.</p><p>If the client has other successful subscriptions to this server, these subscriptions remain even though additional subscriptions may be refused. Neither the client nor the server is required to close the connection, although either end may choose to do so.</p><p>If the server sends a nonzero RCODE, then it <strong>SHOULD</strong> append a Retry Delay Additional TLV [<a href="#_page28_x66.00_y594.00">RFC8490]</a> to the response specifying a delay before the client attempts this operation again. Recommended values for the delay for different RCODE values are given below. These recommended values apply both to the default values a server should place in the Retry Delay Additional TLV and the default values a client should assume if the server provides no Retry Delay Additional TLV.</p><p>For RCODE = 1 (FORMERR), the delay may be any value selected by the implementer. A value of five minutes is <strong>RECOMMENDED</strong> to reduce the risk of high load from defective clients. </p><p>For RCODE = 2 (SERVFAIL), the delay should be chosen according to the level of server overload and the anticipated duration of that overload. By default, a value of one minute is <strong>RECOMMENDED</strong>. If a more serious server failure occurs, the delay may be longer in accordance with the specific problem encountered. </p><p>For RCODE = 4 (NOTIMP), which occurs on a server that doesn’t implement DNS Stateful Operations [<a href="#_page28_x66.00_y594.00">RFC8490], it is</a> unlikely that the server will begin supporting DSO in the next few minutes, so the retry delay <strong>SHOULD</strong> be one hour. Note that in such a case, a server that doesn’t implement DSO is unlikely to place a Retry Delay Additional TLV in its response, so this recommended value in particular applies to what a client should assume by default. </p><p>For RCODE = 5 (REFUSED), which occurs on a server that implements DNS Push Notifications but is currently configured to disallow DNS Push Notifications, the retry delay may be any value selected by the implementer and/or configured by the operator. </p><p>If the server being queried is listed in a _dns‑push‑tls._tcp.<zone> SRV record for the zone, then this is a misconfiguration, since this server is being advertised as supporting DNS Push Notifications for this zone, but the server itself is not currently configured to perform that task. Since it is possible that the misconfiguration may be repaired at any time, the retry delay should not be set too high. By default, a value of 5 minutes is <strong>RECOMMENDED</strong>. </p><p>For RCODE = 9 (NOTAUTH), which occurs on a server that implements DNS Push Notifications but is not configured to be authoritative for the requested name, the retry delay may be any value selected by the implementer and/or configured by the operator. </p><p>If the server being queried is listed in a _dns‑push‑tls._tcp.<zone> SRV record for the zone, then this is a misconfiguration, since this server is being advertised as supporting DNS Push Notifications for this zone, but the server itself is not currently configured to perform that task. Since it is possible that the misconfiguration may be repaired at any time, the retry delay should not be set too high. By default, a value of 5 minutes is <strong>RECOMMENDED</strong>. </p><p>For RCODE = 11 (DSOTYPENI), which occurs on a server that implements DSO but doesn’t implement DNS Push Notifications, it is unlikely that the server will begin supporting DNS Push Notifications in the next few minutes, so the retry delay <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"> <strong>SHOULD</strong> be one hour. </p><p>For other RCODE values, the retry delay should be set by the server as appropriate for that error condition. By default, a value of 5 minutes is <strong>RECOMMENDED</strong>. </p><p>For RCODE = 9 (NOTAUTH), the time delay applies to requests for other names falling within the same zone. Requests for names falling within other zones are not subject to the delay. For all other RCODEs, the time delay applies to all subsequent requests to this server.</p><p>After sending an error response, the server  <strong>MAY</strong> allow the session to remain open, or <strong>MAY</strong> follow it with a DSO Retry Delay operation (using the Retry Delay Primary TLV) instructing the client to close the session as described in the DSO <a href="#_page28_x66.00_y594.00">specification [RFC8490]. Clients </a><strong>MUST</strong> correctly handle both cases. Note that the DSO Retry Delay operation (using the Retry Delay Primary TLV) is di<a name="_page14_x66.00_y269.00"></a>fferent to the Retry Delay Additional TLV mentioned above.</p><ol start="3"><li><a href="#_page14_x66.00_y269.00"><strong>DNS Push Notification Updates</strong> </a></li></ol><p>Once a subscription has been successfully established, the server generates PUSH messages to send to the client as appropriate. In the case that the answer set was already non-empty at the moment the subscription was established, an initial PUSH message will be sent immediately following the SUBSCRIBE Response. Subsequent changes to the answer set are then communicated to the client in subsequent PUSH messages.</p><p>A client <strong>MUST NOT</strong> send a PUSH message. If a client does send a PUSH message, or a PUSH message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver <a name="_page14_x66.00_y424.00"></a><strong>MUST</strong> forcibly abort the connection immediately.</p><p><a href="#_page14_x66.00_y424.00"><strong>6.3.1.  PUSH Message</strong> </a></p><p>A PUSH unidirectional message begins with the standard DSO 12-byte header [RFC8490] , followed by the PUSH Primary TLV. A PUSH message is illustrated in Figure 3.</p><p>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field <strong>MUST</strong> be zero. There is no client response to a PUSH message.</p><p>The other header fields <strong>MUST</strong> be set as described in the DSO specification  [<a href="#_page28_x66.00_y594.00">RFC8490]</a>. The <a href="#_page28_x66.00_y594.00">DNS </a>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>The DSO-TYPE is PUSH (0x0041).</p><p>The DSO-LENGTH is the length of the DSO-DATA that follows, which specifies the changes being communicated.</p><p>The DSO-DATA contains one or more change notifications. A PUSH Message  <strong>MUST</strong> contain at least one change notification. If a PUSH Message is received that contains no change notifications, this is a fatal error and the client <strong>MUST</strong> forcibly abort the connection immediately.</p><p>The change notification records are formatted similarly to how DNS Resource Records are conventionally expressed in DNS messages, as illustrated in <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1">Figure 3, <a href="#_page17_x66.00_y250.00">and are interpreted</a> as described below.</p><p>The TTL field holds an unsigned 32-bit integer [<a href="#_page28_x66.00_y70.00">RFC2181]</a>. If <a href="#_page28_x66.00_y70.00">the TTL is </a>in the range 0 to 2,147,483,647 seconds (0 to 231 - 1, or 0x7FFFFFFF), then a new DNS Resource Record with the</p><p>given name, type, class, and RDATA is added. Type and class <strong>MUST NOT</strong> be 255 (ANY). If either type or class are 255 (ANY), this is a fatal error and the client  <strong>MUST</strong> forcibly abort the connection immediately. A TTL of 0 means that this record should be retained for as long as the subscription is active and should be discarded immediately the moment the subscription is canceled.</p><p>If the TTL has the value 0xFFFFFFFF, then the DNS Resource Record with the given name, type, class, and RDATA is removed. Type and class <strong>MUST NOT</strong> be 255 (ANY). If either type or class are 255 (ANY), this is a fatal error and the client  <strong>MUST</strong> forcibly abort the connection immediately.</p><p>If the TTL has the value 0xFFFFFFFE, then this is a ‘collective’ remove notification. For collective remove notifications, RDLEN <strong>MUST</strong> be zero, and consequently, the RDATA  <strong>MUST</strong> be empty. If a change notification is received where TTL = 0xFFFFFFFE and RDLEN is not zero, this is a fatal error and the client <strong>MUST</strong> forcibly abort the connection immediately.</p><p>There are three types of collective remove notification. For collective remove notifications:</p><ul><li>If CLASS is not 255 (ANY) and TYPE is not 255 (ANY), then for the given name, this removes all records of the specified type in the specified class. </li><li>If CLASS is not 255 (ANY) and TYPE is 255 (ANY), then for the given name, this removes all records of all types in the specified class. </li><li>If CLASS is 255 (ANY), then for the given name, this removes all records of all types in all classes. In this case, TYPE <strong>MUST</strong> be set to zero on transmission and  <strong>MUST</strong> be silently ignored on reception. </li></ul><p>Summary of change notification types:</p><ul><li><p>Remove all RRsets from a name in all classes: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS = 255 (ANY).</p></li><li><p>Remove all RRsets from a name in given class: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS gives class, TYPE = 255 (ANY).</p></li><li><p>Remove specified RRset from a name in given class: TTL = 0xFFFFFFFE, RDLEN = 0, CLASS and TYPE specify the RRset being removed.</p></li><li><p>Remove an individual RR from a name:</p><p>TTL = 0xFFFFFFFF,</p></li></ul><p>CLASS, TYPE, RDLEN, and RDATA specify the RR being removed.</p><ul><li><p>Add individual RR to a name:<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>TTL &gt;= 0 and TTL &lt;= 0x7FFFFFFF,</p></li></ul><p>CLASS, TYPE, RDLEN, RDATA, and TTL specify the RR being added.</p><p>Note that it is valid for the RDATA of an added or removed DNS Resource Record to be empty (zero length). For example, an Address Prefix List Resource Record [RFC3123]<a href="#_page29_x66.00_y233.00"> </a>may have <a href="#_page29_x66.00_y233.00">empty </a>RDATA. Therefore, a change notification with RDLEN = 0 does not automatically indicate a remove notification. If RDLEN = 0 and TTL is in the range 0 to 0x7FFFFFFF, this change notification signals the addition of a record with the given name, type, class, and empty RDATA. If RDLEN = 0 and TTL = 0xFFFFFFFF, this change notification signals the removal specifically of that single record with the given name, type, class, and empty RDATA.</p><p>If the TTL is any value other than 0xFFFFFFFF, 0xFFFFFFFE, or a value in the range 0 to 0x7FFFFFFF, then the receiver <strong>SHOULD</strong> silently ignore this particular change notification record. The connection is not terminated and other valid change notification records within this PUSH message are processed as usual.</p><p>In the case where a single change affects more than one active subscription, only one PUSH message is sent. For example, a PUSH message adding a given record may match both a SUBSCRIBE request with the same TYPE and a different SUBSCRIBE request with TYPE = 255 (ANY). It is not the case that two PUSH messages are sent because the new record matches two active subscriptions.</p><p>The server <strong>SHOULD</strong> encode change notifications in the most efficient manner possible. For example, when three AAAA records are removed from a given name, and no other AAAA records exist for that name, the server <strong>SHOULD</strong> send a “Remove specified RRset from a name in given class” PUSH message, not three separate “Remove an individual RR from a name” PUSH messages. Similarly, when both an SRV and a TXT record are removed from a given name, and no other records of any kind exist for that name in that class, the server  <strong>SHOULD</strong> send a “Remove all RRsets from a name in given class” PUSH message, not two separate “Remove specified RRset from a name in given class” PUSH messages.</p><p>For efficiency, when generating a PUSH message, rather than sending each change notification as a separate DSO message, a server <strong>SHOULD</strong> include as many change notifications as it has immediately available to send to that client, even if those change notifications apply to different subscriptions from that client. Conceptually, a PUSH message is a session-level mechanism, not a subscription-level mechanism. Once it has exhausted the list of change notifications immediately available to send to that client, a server <strong>SHOULD</strong> then send the PUSH message immediately rather than waiting speculatively to see if additional change notifications become available.</p><p>For efficiency, when generating a PUSH message a server  <strong>SHOULD</strong> use standard DNS name compression, with offsets relative to the beginning of the DNS message  [<a href="#_page27_x66.00_y480.00">RFC1035]</a>. <a href="#_page27_x66.00_y480.00">When multiple </a>change notifications in a single PUSH message have the same owner name, this name compression can yield significant savings. Name compression should be performed as specified in <a href="https://www.rfc-editor.org/rfc/rfc6762#section-18.14">Section 18.14 of</a> the Multicast DNS specification [<a href="#_page29_x66.00_y401.00">RFC6762]; namely</a>, owner names should always be compressed, and names appearing within RDATA should be compressed for only the RR types listed below:</p><p>NS, CNAME, PTR, DNAME, SOA, MX, AFSDB, RT, KX, RP, PX, SRV, NSEC <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></p><p>Servers may generate PUSH messages up to a maximum DNS message length of 16,382 bytes, counting from the start of the DSO 12-byte header. Including the two-byte length prefix that is used to frame DNS over a byte stream like TLS, this makes a total of 16,384 bytes. Servers <strong>MUST NOT</strong> generate PUSH messages larger than this. Where the immediately available change notifications are sufficient to exceed a DNS message length of 16,382 bytes, the change notifications <strong>MUST</strong> be communicated in separate PUSH messages of up to 16,382 bytes each. DNS name compression becomes less effective for messages larger than 16,384 bytes, so little efficiency benefit is gained by sending messages larger than this.</p><p>If a client receives a PUSH message with a DNS message length larger than 16,382 bytes, this is a fatal error and the client <strong>MUST</strong> forcibly abort the connection immediately.</p><p><a name="_page17_x66.00_y250.00"></a>                                   1  1  1  1  1  1</p><p><code>     </code>0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|           MESSAGE ID (MUST BE ZERO)           |   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|QR| OPCODE(6) |         Z          |   RCODE   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             QDCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER</p><p><code>   </code>|             ANCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             NSCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             ARCOUNT (MUST BE ZERO)            |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><code>   </code>|            DSO-TYPE = PUSH (0x0041)           |    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+</p><p><code>   </code>|   DSO-LENGTH (number of octets in DSO-DATA)   |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>\                     NAME                      \   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                     TYPE                      |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                     CLASS                     |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                      TTL                      |    |</p><p><code>   </code>|     (32-bit unsigned big-endian integer)      |     &gt; DSO-DATA    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|  RDLEN (16-bit unsigned big-endian integer)   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>\           RDATA (sized as necessary)          \    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><ul><li>NAME, TYPE, CLASS, TTL, RDLEN, RDATA      :    |</li><li>Repeated As Necessary             :   /</li></ul><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><a href="#_page17_x66.00_y250.00">*Figure 3:</a> <em><a href="#_page17_x66.00_y250.00">PUSH Message* </a></em></p><p>When processing the records received in a PUSH Message, the receiving client  <strong>MUST</strong> validate that<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>the records being added or removed correspond with at least one currently active subscription on that session. Specifically, the record name  <strong>MUST</strong> match the name given in the SUBSCRIBE request, subject to the usual established DNS case-insensitivity for US-ASCII letters. For</p><p>individual additions and removals, if the TYPE in the SUBSCRIBE request was not ANY (255), then the TYPE of the record must either be CNAME or match the TYPE given in the SUBSCRIBE</p><p>request, and if the CLASS in the SUBSCRIBE request was not ANY (255), then the CLASS of the record must match the CLASS given in the SUBSCRIBE request. For collective removals, at least one of the records being removed must match an active subscription. If a matching active subscription on that session is not found, then that particular addition/removal record is silently ignored. The processing of other additions and removal records in this message is not affected. The DSO session is not closed. This is to allow for the unavoidable race condition where a client sends an outbound UNSUBSCRIBE while inbound PUSH messages for that subscription from the</p><p>server are still in flight.</p><p>The TTL of an added record is stored by the client. While the subscription is active the TTL is not decremented, because a change to the TTL would produce a new update. For as long as a relevant subscription remains active, the client <strong>SHOULD</strong> assume that when a record goes away, the server will notify it of that fact. Consequently, a client does not have to poll to verify that the record is still there. Once a subscription is canceled (individually, or as a result of the DSO session being closed), record aging for records covered by the subscription resumes and records are removed from the local cache when their TTL reaches zero.</p><ol start="4"><li><a name="_page18_x66.00_y363.00"></a><a href="#_page18_x66.00_y363.00"><strong>DNS Push Notification UNSUBSCRIBE</strong> </a></li></ol><p>To cancel an individual subscription without closing the entire DSO session, the client sends an UNSUBSCRIBE message over the established DSO session to the server.</p><p>The entity that initiates an UNSUBSCRIBE message is by definition the client. A server <strong>MUST NOT</strong> send an UNSUBSCRIBE message over an existing session from a client. If a server does send an UNSUBSCRIBE message over a DSO session initiated by a client, or an UNSUBSCRIBE message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver <strong>MUST</strong> forcibly abort the connection immediately<a name="_page18_x66.00_y504.00"></a>.</p><p><a href="#_page18_x66.00_y504.00"><strong>6.4.1.  UNSUBSCRIBE Message</strong> </a></p><p>An UNSUBSCRIBE unidirectional message begins with the standard DSO 12-byte header [<a href="#_page28_x66.00_y594.00">RFC8490]</a>, followed by the UNSUBSCRIBE Primary TLV. An UNSUBSCRIBE message is illustrated in <a href="#_page19_x66.00_y328.00">Figure 4.</a></p><p>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field <strong>MUST</strong> be zero. There is no server response to an UNSUBSCRIBE message.</p><p>The other header fields <strong>MUST</strong> be set as described in the  DSO<a href="#_page28_x66.00_y594.00"> specification [RFC8490]. The DNS </a>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>The DSO-TYPE is UNSUBSCRIBE (0x0042).</p><p>The DSO-LENGTH field contains the value 2, the length of the 2-octet MESSAGE ID contained in the DSO-DATA.<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.005.png"></p><p>The DSO-DATA contains the value previously given in the MESSAGE ID field of an active SUBSCRIBE request. This is how the server knows which SUBSCRIBE request is being canceled. After receipt of the UNSUBSCRIBE message, the SUBSCRIBE request is no longer active.</p><p>It is allowable for the client to issue an UNSUBSCRIBE message for a previous SUBSCRIBE request for which the client has not yet received a SUBSCRIBE response. This is to allow for the case where a client starts and stops a subscription in less than the round-trip time to the server. The client is NOT required to wait for the SUBSCRIBE response before issuing the UNSUBSCRIBE message.</p><p>Consequently, it is possible for a server to receive an UNSUBSCRIBE message that does not match any currently active subscription. This can occur when a client sends a SUBSCRIBE request, which subsequently fails and returns an error code, but the client sent an UNSUBSCRIBE</p><p>message before it became aware that the SUBSCRIBE request had failed. Because of this, servers <strong>MUST</strong> silently ignore UNSUBSCRIBE messages that do not match any currently active subscription.</p><p><a name="_page19_x66.00_y328.00"></a>                                   1  1  1  1  1  1</p><p><code>     </code>0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|           MESSAGE ID (MUST BE ZERO)           |   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|QR| OPCODE(6) |         Z          |   RCODE   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             QDCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER    |             ANCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             NSCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             ARCOUNT (MUST BE ZERO)            |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><code>   </code>|         DSO-TYPE = UNSUBSCRIBE (0x0042)       |    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+</p><p><code>   </code>|                DSO-LENGTH (2)                 |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|              SUBSCRIBE MESSAGE ID             |   &gt; DSO-DATA    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><a href="#_page19_x66.00_y328.00">*Figure 4:</a><a name="_page19_x66.00_y592.00"></a> <em><a href="#_page19_x66.00_y328.00">UNSUBSCRIBE Message* </a></em></p><ol start="5"><li><a href="#_page19_x66.00_y592.00"><strong>DNS Push Notification RECONFIRM</strong> </a></li></ol><p>Sometimes, particularly when used with a Discovery Proxy [RFC8766<a href="#_page30_x66.00_y217.00">]</a>, a DNS <a href="#_page30_x66.00_y217.00">Zone may contain </a>stale data. When a client encounters data that it believes may be stale (e.g., an SRV record referencing a target host+port that is not responding to connection requests), the client can send a RECONFIRM message to ask the server to re-verify that the data is still valid. For a Discovery Proxy, this causes it to issue new Multicast DNS queries to ascertain whether the target device is still present. How the Discovery Proxy causes these new Multicast DNS queries to be issued depends on the details of the underlying Multicast DNS implementation being used. For example, a Discovery Proxy built on Apple’s dns_sd.h API <img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1">[SD-API<a href="#_page30_x66.00_y266.00">] responds to a</a> DNS Push Notification RECONFIRM message by calling the underlying API’s DNSServiceReconfirmRecord() routine.</p><p>For other types of DNS server, the RECONFIRM operation is currently undefined and <strong>SHOULD</strong> result in a NOERROR response, but it need not cause any other action to occur.</p><p>Frequent use of RECONFIRM operations may be a sign of network unreliability, or some kind of misconfiguration, so RECONFIRM operations  <strong>MAY</strong> be logged or otherwise communicated to a human administrator to assist in detecting and remedying such network problems.</p><p>If, after receiving a valid RECONFIRM message, the server determines that the disputed records are in fact no longer valid, then subsequent DNS PUSH Messages will be generated to inform interested clients. Thus, one client discovering that a previously advertised device (like a network printer) is no longer present has the side effect of informing all other interested clients that the device in question is now gone.</p><p>The entity that initiates a RECONFIRM message is by definition the client. A server <strong>MUST NOT</strong> send a RECONFIRM message over an existing session from a client. If a server does send a RECONFIRM message over a DSO session initiated by a client, or a RECONFIRM message is sent with the QR bit set indicating that it is a response, this is a fatal error and the receiver <strong>MUST</strong> forcibly abort the connection immediately<a name="_page20_x66.00_y379.00"></a>.</p><p><a href="#_page20_x66.00_y379.00"><strong>6.5.1.  RECONFIRM Message</strong> </a></p><p>A RECONFIRM unidirectional message begins with the standard DSO 12-byte header [RFC8490] , followed by the RECONFIRM Primary TLV. A RECONFIRM message is illustrated in Figure 5.</p><p>In accordance with the definition of DSO unidirectional messages, the MESSAGE ID field <strong>MUST</strong> be zero. There is no server response to a RECONFIRM message.</p><p>The other header fields <strong>MUST</strong> be set as described in the  DSO<a href="#_page28_x66.00_y594.00"> specification [RFC8490]. The DNS </a>OPCODE field contains the OPCODE value for DNS Stateful Operations (6). The four count fields must be zero, and the corresponding four sections must be empty (i.e., absent).</p><p>The DSO-TYPE is RECONFIRM (0x0043).</p><p>The DSO-LENGTH is the length of the data that follows, which specifies the name, type, class, and content of the record being disputed.</p><p>A DNS Push Notifications RECONFIRM message contains exactly one RECONFIRM Primary TLV. The DSO-DATA in a RECONFIRM Primary TLV <strong>MUST</strong> contain exactly one record. The DSO-DATA in a RECONFIRM Primary TLV has no count field to specify more than one record. Since RECONFIRM messages are sent over TCP, multiple RECONFIRM messages can be concatenated in a single TCP stream and packed efficiently into TCP segments. Note that this means that DNS name compression cannot be used between different RECONFIRM messages. However, when a</p><p>client is sending multiple RECONFIRM messages this indicates a situation with serious network problems, and this is not expected to occur frequently enough that optimizing efficiency in this case is important.<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></p><p>TYPE <strong>MUST NOT</strong> be the value ANY (255) and CLASS <strong>MUST NOT</strong> be the value ANY (255).</p><p>DNS wildcarding is not supported. That is, an asterisk character (“*“) in a RECONFIRM message matches only a literal asterisk character (“*“) in a name and nothing else. Similarly, a CNAME in a RECONFIRM message matches only a CNAME record with that name in the zone and no other records with that name.</p><p>Note that there is no RDLEN field, since the length of the RDATA can be inferred from DSO- LENGTH, so an additional RDLEN field would be redundant.</p><p>Following the same rules as for PUSH messages, DNS name compression SHOULD be used within the RDATA of the RECONFIRM message, with offsets relative to the beginning of the DNS message [<a href="#_page27_x66.00_y480.00">RFC1035]</a>.</p><p><a name="_page21_x66.00_y297.00"></a>                                   1  1  1  1  1  1</p><p><code>     </code>0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>|           MESSAGE ID (MUST BE ZERO)           |   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|QR| OPCODE(6) |         Z          |   RCODE   |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             QDCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; HEADER</p><p><code>   </code>|             ANCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             NSCOUNT (MUST BE ZERO)            |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|             ARCOUNT (MUST BE ZERO)            |   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><code>   </code>|         DSO-TYPE = RECONFIRM (0x0043)         |    +–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+</p><p><code>   </code>|   DSO-LENGTH (number of octets in DSO-DATA)   |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  \</p><p><code>   </code>\                     NAME                      \   \</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>|                     TYPE                      |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+     &gt; DSO-DATA    |                     CLASS                     |    |</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+    |</p><p><code>   </code>\                     RDATA                     \   /</p><p><code>   </code>+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+–+  /</p><p><a href="#_page21_x66.00_y297.00">*Figure 5:</a> <em><a href="#_page21_x66.00_y297.00">RECONFIRM Message* </a></em></p><ol start="6"><li><a href="#_page22_x66.00_y70.00"><strong>DNS Stateful Operations TLV Context Summary</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.004.png" alt="ref3"></li></ol><p><a name="_page22_x66.00_y70.00"></a>This document defines four new DSO TLVs. As recommended in Section <a href="https://www.rfc-editor.org/rfc/rfc8490#section-8.2">8.2 of the DNS</a> Stateful Operations specification [<a href="#_page28_x66.00_y594.00">RFC8490], the</a> valid contexts of these new TLV types are summarized below.</p><p>The client TLV contexts are:</p><p>C-P: Client request message, Primary TLV </p><p>C-U: Client Unidirectional message, primary TLV </p><p>C-A: Client request or unidirectional message, Additional TLV CRP: Response back to client, Primary TLV </p><p>CRA: Response back to client, Additional TLV </p><table><thead><tr><th><a name="_page22_x66.00_y262.00"></a><a name="_page22_x172.00_y262.00"></a><strong>TLV Type C-P C-U C-A CRP CRA</strong></th></tr></thead><tbody><tr><td>SUBSCRIBE X</td></tr><tr><td>PUSH</td></tr><tr><td>UNSUBSCRIBE X</td></tr><tr><td>RECONFIRM X</td></tr></tbody></table><p><a href="#_page22_x172.00_y262.00">*Table 2:</a> <em><a href="#_page22_x66.00_y262.00">DSO TLV Client Context Summary* </a></em></p><p>The server TLV contexts are:</p><p>S-P: Server request message, Primary TLV </p><p>S-U: Server Unidirectional message, primary TLV </p><p>S-A: Server request or unidirectional message, Additional TLV SRP: Response back to server, Primary TLV </p><p>SRA: Response back to server, Additional TLV </p><table><thead><tr><th><a name="_page22_x66.00_y510.00"></a><a name="_page22_x174.00_y510.00"></a><strong>TLV Type S-P S-U S-A SRP SRA</strong></th></tr></thead><tbody><tr><td>SUBSCRIBE</td></tr><tr><td>PUSH X</td></tr><tr><td>UNSUBSCRIBE</td></tr><tr><td>RECONFIRM</td></tr></tbody></table><p><a href="#_page22_x174.00_y510.00">*Table 3:</a> <em><a href="#_page22_x66.00_y510.00">DSO TLV Server Context Summary* </a></em></p><ol start="7"><li><a href="#_page23_x66.00_y70.00"><strong>Client-Initiated Termination</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></li></ol><p><a name="_page23_x66.00_y70.00"></a>An individual subscription is terminated by sending an UNSUBSCRIBE TLV for that specific subscription, or all subscriptions can be canceled at once by the client closing the DSO session. When a client terminates an individual subscription (via UNSUBSCRIBE) or all subscriptions on that DSO session (by ending the session), it is signaling to the server that it is no longer interested in receiving those particular updates. It is informing the server that the server may release any state information it has been keeping with regards to these particular subscriptions.</p><p>After terminating its last subscription on a session via UNSUBSCRIBE, a client  <strong>MAY</strong> close the session immediately or it may keep it open if it anticipates performing further operations on that session in the future. If a client wishes to keep an idle session open, it  <strong>MUST</strong> respect the maximum idle time required by the server [RFC8490].</p><p>If a client plans to terminate one or more subscriptions on a session and doesn’t intend to keep that session open, then as an efficiency optimization, it  <strong>MAY</strong> instead choose to simply close the session, which implicitly terminates all subscriptions on that session. This may occur because the client computer is being shut down, is going to sleep, the application requiring the subscriptions has terminated, or simply because the last active subscription on that session has been canceled.</p><p>When closing a session, a client should perform an orderly close of the TLS session. Typical APIs will provide a session close method that will send a TLS close_notify alert as described in Section <a href="https://www.rfc-editor.org/rfc/rfc8446#section-6.1">6.1 </a>of the TLS 1.3 specification [<a href="#_page28_x66.00_y558.00">RFC8446]. This</a> instructs the recipient that the sender will not send any more data over the session. After sending the TLS close_notify alert, the client <strong>MUST</strong> gracefully close the underlying connection using a TCP FIN so that the TLS close_notify is reliably delivered. The mechanisms for gracefully closing a TCP connection with a TCP FIN vary depending on the networking API. For example, in the BSD Sockets API, sending a TCP FIN is achieved by calling “shutdown(s,SHUT_WR)” and keeping the socket open until all remaining data has been read from it.</p><p>If the session is forcibly closed at the TCP level by sending a RST from either end of the connection, data ma<a name="_page23_x66.00_y500.00"></a>y be lost.</p><ol start="8"><li><a href="#_page23_x66.00_y500.00"><strong>Client Fallback to Polling</strong> </a></li></ol><p>There are cases where a client may exhaust all avenues for establishing a DNS Push Notification subscription without success. This can happen if the client’s configured recursive resolver does not support DNS over TLS, or supports DNS over TLS but is not listening on TCP port 853, or supports DNS over TLS on TCP port 853 but does not support DSO on that port, or for some other reason is unable to provide a DNS Push Notification subscription. In this case, the client will attempt to communicate directly with an appropriate server, and it may be that the zone apex discovery fails, or there is no _dns‑push‑tls._tcp.<zone> SRV record, or the server indicated in the SRV record is misconfigured, overloaded, or is unresponsive for some other reason.</p><p>Regardless of the reason for the failure, after being unable to establish the desired DNS Push Notification subscription, it is likely that the client will still wish to know the answer it seeks, even if that answer cannot be obtained with the timely change notifications provided by DNS Push Notifications. In such cases, it is likely that the client will obtain the answer it seeks via a conventional DNS query instead, repeated at some interval to detect when the answer RRset changes.<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>In the case where a client responds to its failure to establish a DNS Push Notification subscription by falling back to polling with conventional DNS queries instead, the polling rate should be controlled to avoid placing excessive burden on the server. The interval between successive DNS queries for the same name, type, and class <strong>SHOULD</strong> be at least the minimum of 900 seconds (15 minutes) or two seconds more than the TTL of the answer RRset.</p><p>The reason that for TTLs up to 898 seconds the query should not be reissued until two seconds <em>after</em> the answer RRset has expired, is to ensure that the answer RRset has also expired from the cache on the client’s configured recursive resolver. Otherwise (particularly if the clocks on the client and the recursive resolver do not run at precisely the same rate), there’s a risk of a race condition where the client queries its configured recursive resolver just as the answer RRset has one second remaining in the recursive resolver’s cache. The client would receive a reply telling it that the answer RRset has one second remaining; the client would then requery the recursive resolver again one second later. If by this time the answer RRset has actually expired from the recursive resolver’s cache, the recursive resolver would then issue a new query to fetch fresh data from the authoritative server. Waiting until the answer RRset has definitely expired from the cache on the client’s configured recursive resolver avoids this race condition and any unnecessary additional queries it causes.</p><p>Each time a client is about to reissue its query to discover changes to the answer RRset, it should first make a new attempt to establish a DNS Push Notification subscription using previously cached DNS answers as appropriate. After a temporary misconfiguration has been remedied, this allows a client that is polling to return to using DNS Push Notifications for asynchronous noti<a name="_page24_x66.00_y478.00"></a>fication of changes.</p><ol start="7"><li><a href="#_page24_x66.00_y478.00"><strong>Security Considerations</strong> </a></li></ol><p>The Strict Privacy profile for DNS over TLS is <strong>REQUIRED</strong> for DNS Push Notifications [RFC8310]. Cleartext connections for DNS Push Notifications are not permissible. Since this is a new protocol, transition mechanisms from the Opportunistic Privacy profile are unnecessary.</p><p>Also, see <a href="https://www.rfc-editor.org/rfc/rfc8310#section-9">Section 9 of</a> the document Usage Profiles for DNS over (D)TLS [RFC8310<a href="#_page28_x66.00_y510.00">] for additional </a>recommendations for various versions of TLS usage.</p><p>As a consequence of requiring TLS, client certificate authentication and verification may also be enforced by the server for stronger client-server security or end-to-end security. However, recommendations for security in particular deployment scenarios are outside the scope of this document.</p><p>DNSSEC is <strong>RECOMMENDED</strong> for the authentication of DNS Push Notification servers. TLS alone does not provide complete security. TLS certificate verification can provide reasonable assurance that the client is really talking to the server associated with the desired host name, but since the desired host name is learned via a DNS SRV query, if the SRV query is subverted, then the client may have a secure connection to a rogue server. DNSSEC can provide added confidence that the SR<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"><a name="_page25_x66.00_y149.00"></a>V query has not been subverted.</p><ol><li><a href="#_page25_x66.00_y149.00"><strong>Security Services</strong> </a></li></ol><p>It is the goal of using TLS to provide the following security services:</p><p>Confidentiality: All application-layer communication is encrypted with the goal that no party</p><p>should be able to decrypt it except the intended receiver. </p><p>Data integrity protection: Any changes made to the communication in transit are detectable by</p><p>the receiver. </p><p>Authentication: An endpoint of the TLS communication is authenticated as the intended entity</p><p>to communicate with. </p><p>Anti-replay protection: TLS provides for the detection of and prevention against messages sent</p><p>previously over a TLS connection (such as DNS Push Notifications). If prior messages are re-sent at a later time as a form of a man-in-the-middle attack, then the receiver will detect this and reject the replayed messages. </p><p>Deployment recommendations on the appropriate key lengths and cipher suites are beyond the scope of this document. Please refer to the current TLS Recommendations  [<a href="#_page29_x66.00_y114.00">BCP195]</a> for<a href="#_page29_x66.00_y114.00"> the best </a>current practices. Keep in mind that best practices only exist for a snapshot in time, and recommendations will continue to change. Updated versions or errata may exist for these recommendations.</p><ol start="2"><li><a name="_page25_x66.00_y446.00"></a><a href="#_page25_x66.00_y446.00"><strong>TLS Name Authentication</strong> </a></li></ol><p>As described in <a href="#_page6_x66.00_y565.00">Section 6.1, the</a> client discovers the DNS Push Notification server using an SRV lookup for the record name _dns‑push‑tls._tcp.<zone>. The server connection endpoint <strong>SHOULD</strong> then be authenticated using DANE TLSA records for the associated SRV record. This associates the target’s name and port number with a trusted TLS certificate  [<a href="#_page28_x66.00_y314.00">RFC7673]</a>. <a href="#_page28_x66.00_y314.00">This </a>procedure uses the TLS Server Name Indication (SNI) extension [RFC6066<a href="#_page28_x66.00_y154.00">] </a>to inform <a href="#_page28_x66.00_y154.00">the server </a>of the name the client has authenticated through the use of TLSA records. Therefore, if the SRV record passes DNSSEC validation and a TLSA record matching the target name is usable, an SNI extension must be used for the target name to ensure the client is connecting to the server it has authenticated. If the target name does not have a usable TLSA record, then the use of the SNI extension is optional. See Usage Profiles for DNS over TLS and DNS over DTLS [RFC8310] for more information on authenticating domain names.</p><ol start="3"><li><a href="#_page26_x66.00_y70.00"><strong>TLS Early Data</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.003.png" alt="ref2"></li></ol><p><a name="_page26_x66.00_y70.00"></a>DSO messages with the SUBSCRIBE TLV as the Primary TLV are permitted in TLS early data. Using TLS early data can save one network round trip and can result in the client obtaining results faster.</p><p>However, there are some factors to consider before using TLS early data.</p><p>TLS early data is not forward secret. In cases where forward secrecy of DNS Push Notification subscriptions is required, the client should not use TLS early data.</p><p>With TLS early data, there are no guarantees of non-replay between connections. If packets are duplicated and delayed in the network, the later arrivals could be mistaken for new subscription requests. Generally, this is not a major concern since the amount of state generated on the server for these spurious subscriptions is small and short lived since the TCP connection will not complete the three-way handshake. Servers  <strong>MAY</strong> choose to implement rate-limiting measures that are activated when the server detects an excessive number of spurious subscription requests.</p><p>For further guidance on use of TLS early data, please see discussion of zero round-trip data in Sections <a name="_page26_x66.00_y351.00"></a><a href="https://www.rfc-editor.org/rfc/rfc8446#section-2.3">2.3 and</a> 8, <a href="https://www.rfc-editor.org/rfc/rfc8446#section-8">and</a> Appendix E.5, <a href="https://www.rfc-editor.org/rfc/rfc8446#appendix-E.5">of the</a> <a href="#_page28_x66.00_y558.00">TLS 1.3 specification [RFC8446].</a></p><ol start="4"><li><a href="#_page26_x66.00_y351.00"><strong>TLS Session Resumption</strong> </a></li></ol><p>TLS session resumption [<a href="#_page28_x66.00_y558.00">RFC8446] is permissible</a> on DNS Push Notification servers. However, closing the TLS connection terminates the DSO session. When the TLS session is resumed, the DNS Push Notification server will not have any subscription state and will proceed as with any other new DSO session. Use of TLS session resumption may allow a TLS connection to be set up more quickly<a name="_page26_x66.00_y455.00"></a>, but the client will still have to recreate any desired subscriptions.</p><ol start="8"><li><a href="#_page26_x66.00_y455.00"><strong>IANA Considerations</strong> </a></li></ol><p>This document defines a new service name, only applicable for the TCP protocol, which has been recorded in the IANA “Service Name and Transport Protocol Port Number Registry” [RFC6335] [<a href="#_page28_x66.00_y642.00">SRVTYPE</a>].</p><p><a name="_page26_x66.00_y553.00"></a><a name="_page26_x100.00_y553.00"></a><strong>Name Port Value Section</strong></p><p>DNS Push Notification Service Type None _dns‑push‑tls._tcp <a href="#_page6_x66.00_y565.00">6.1 </a><a href="#_page26_x100.00_y553.00">*Table 4:</a> <em><a href="#_page26_x66.00_y553.00">IANA Service Type Assignments* </a></em></p><p>This document defines four new DNS Stateful Operation TLV types, which have been recorded in the IANA “DSO Type Codes” registry [<a href="#_page28_x66.00_y594.00">RFC8490] [DSO</a><a href="#_page27_x66.00_y304.00">TYPE</a>]<a href="#_page27_x66.00_y304.00">.</a></p><table><thead><tr><th><a name="_page27_x66.00_y70.00"></a><a name="_page27_x124.00_y70.00"></a><strong>Name Value Early Data Status Section</strong></th></tr></thead><tbody><tr><td>SUBSCRIBE 0x0040 OK Standards Track <a href="#_page9_x66.00_y254.00">6.2 </a></td></tr><tr><td>PUSH 0x0041 NO Standards Track <a href="#_page14_x66.00_y269.00">6.3 </a></td></tr><tr><td>UNSUBSCRIBE 0x0042 NO Standards Track <a href="#_page18_x66.00_y363.00">6.4 </a></td></tr><tr><td>RECONFIRM 0x0043 NO Standards Track <a href="#_page19_x66.00_y592.00">6.5 </a></td></tr></tbody></table><p><a href="#_page27_x124.00_y70.00">*Table 5:</a> *<a href="#_page27_x66.00_y70.00">IANA DSO TLV Type Code Assignments* </a>*This document de<a name="_page27_x66.00_y227.00"></a>fines no new DNS OPCODEs or RCODEs.</p><ol start="9"><li><a href="#_page27_x66.00_y227.00"><strong>References</strong> </a></li><li><a name="_page27_x66.00_y261.00"></a><a href="#_page27_x66.00_y261.00"><strong>Normative References</strong> </a></li></ol><p><a name="_page27_x66.00_y304.00"></a><strong>[DSOTYPE]</strong> IANA, “Domain Name System (DNS) Parameters”, &lt;<a href="https://www.iana.org/assignments/dns-parameters/">https://www.iana.org/</a></p><p><a href="https://www.iana.org/assignments/dns-parameters/">assignments/dns-parameters/&gt;. </a></p><p><a name="_page27_x66.00_y340.00"></a><strong>[RFC0020]</strong> Cerf, V., “ASCII format for network interchange” , STD 80 , RFC 20 , DOI 10.17487/</p><p>RFC0020, October 1969, &lt;<a href="https://www.rfc-editor.org/info/rfc20">https://www.rfc-editor.org/info/rfc20&gt;. </a></p><p><a name="_page27_x66.00_y375.00"></a><strong>[RFC0768]</strong> Postel, J., “User Datagram Protocol” , STD 6 , RFC 768 , DOI 10.17487/RFC0768 , </p><p>August 1980, &lt;<a href="https://www.rfc-editor.org/info/rfc768">https://www.rfc-editor.org/info/rfc768&gt;. </a></p><p><a name="_page27_x66.00_y410.00"></a><strong>[RFC0793]</strong> Postel, J., “Transmission Control Protocol” , STD 7 , RFC 793 , DOI 10.17487/</p><p>RFC0793, September 1981, &lt;<a href="https://www.rfc-editor.org/info/rfc793">https://www.rfc-editor.org/info/rfc793&gt;. </a></p><p><a name="_page27_x66.00_y445.00"></a><strong>[RFC1034]</strong> Mockapetris, P. , “Domain names - concepts and facilities”, STD 13, RFC 1034, DOI</p><p>10.17487/RFC1034, November 1987, &lt;<a href="https://www.rfc-editor.org/info/rfc1034">https://www.rfc-editor.org/info/rfc1034&gt;. </a><a name="_page27_x66.00_y480.00"></a><strong>[RFC1035]</strong> Mockapetris, P. , “Domain names - implementation and specification”, STD 13, </p><p>RFC 1035, DOI 10.17487/RFC1035, November 1987, &lt;<a href="https://www.rfc-editor.org/info/rfc1035">https://www.rfc-editor.org/</a></p><p><a href="https://www.rfc-editor.org/info/rfc1035">info/rfc1035&gt;.</a> </p><p><a name="_page27_x66.00_y529.00"></a><strong>[RFC1123]</strong> Braden, R., Ed. , “Requirements for Internet Hosts - Application and Support” , </p><p>STD 3, RFC 1123, DOI 10.17487/RFC1123, October 1989, &lt;<a href="https://www.rfc-editor.org/info/rfc1123">https://www.rfc- editor.org/info/rfc1123&gt;. </a></p><p><a name="_page27_x66.00_y578.00"></a><strong>[RFC2119]</strong> Bradner, S. , “Key words for use in RFCs to Indicate Requirement Levels”, BCP 14, </p><p>RFC 2119, DOI 10.17487/RFC2119, March 1997, &lt;<a href="https://www.rfc-editor.org/info/rfc2119">https://www.rfc-editor.org/info/ rfc2119&gt;</a>. </p><p><a name="_page27_x66.00_y627.00"></a><strong>[RFC2136]</strong> Vixie, P., Ed., Thomson, S., Rekhter, Y., and J. Bound , “Dynamic Updates in the</p><p>Domain Name System (DNS UPDATE)” , RFC 2136 , DOI 10.17487/RFC2136 , April 1997, &lt;<a href="https://www.rfc-editor.org/info/rfc2136">https://www.rfc-editor.org/info/rfc2136&gt;. </a></p><p><a name="_page28_x66.00_y70.00"></a><strong>[RFC2181]</strong> Elz, R. and R. Bush , “Clarifications to the DNS Specification” , RFC 2181, DOI<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>10.17487/RFC2181, July 1997, &lt;<a href="https://www.rfc-editor.org/info/rfc2181">https://www.rfc-editor.org/info/rfc2181&gt;. </a>               <a name="_page28_x66.00_y106.00"></a><strong>[RFC2782]</strong> Gulbrandsen, A., Vixie, P., and L. Esibov , “A DNS RR for specifying the location of</p><p>services (DNS SRV)” , RFC 2782 , DOI 10.17487/RFC2782 , February 2000, &lt;<a href="https://www.rfc-editor.org/info/rfc2782">https://</a></p><p><a href="https://www.rfc-editor.org/info/rfc2782">www.rfc-editor.org/info/rfc2782&gt;. </a></p><p><a name="_page28_x66.00_y154.00"></a><strong>[RFC6066]</strong> Eastlake 3rd, D. , “Transport Layer Security (TLS) Extensions: Extension</p><p>Definitions” , RFC 6066 , DOI 10.17487/RFC6066 , January 2011, &lt;<a href="https://www.rfc-editor.org/info/rfc6066">https://www.rfc- editor.org/info/rfc6066&gt;. </a></p><p><a name="_page28_x66.00_y203.00"></a><strong>[RFC6335]</strong> Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire , “Internet</p><p>Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry”, BCP 165, RFC 6335 , DOI 10.17487/RFC6335, August 2011, &lt;<a href="https://www.rfc-editor.org/info/rfc6335">https://www.rfc-editor.org/info/rfc6335&gt;. </a></p><p><a name="_page28_x66.00_y266.00"></a><strong>[RFC6895]</strong> Eastlake 3rd, D. , “Domain Name System (DNS) IANA Considerations” , BCP 42 , </p><p>RFC 6895, DOI 10.17487/RFC6895, April 2013, &lt;<a href="https://www.rfc-editor.org/info/rfc6895">https://www.rfc-editor.org/info/ rfc6895&gt;</a>. </p><p><a name="_page28_x66.00_y314.00"></a><strong>[RFC7673]</strong> Finch, T., Miller, M., and P. Saint-Andre , “Using DNS-Based Authentication of</p><p>Named Entities (DANE) TLSA Records with SRV Records” , RFC 7673, DOI</p><p>10.17487/RFC7673, October 2015, &lt;<a href="https://www.rfc-editor.org/info/rfc7673">https://www.rfc-editor.org/info/rfc7673&gt;. </a><a name="_page28_x66.00_y363.00"></a><strong>[RFC7766]</strong> Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and D. Wessels , “DNS Transport</p><p>over TCP - Implementation Requirements” , RFC 7766 , DOI 10.17487/RFC7766 , </p><p>March 2016, &lt;<a href="https://www.rfc-editor.org/info/rfc7766">https://www.rfc-editor.org/info/rfc7766&gt;. </a></p><p><a name="_page28_x66.00_y412.00"></a><strong>[RFC7858]</strong> Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., and P. Hoffman, </p><p>“Specification for DNS over Transport Layer Security (TLS)” , RFC 7858, DOI</p><p>10.17487/RFC7858, May 2016, &lt;<a href="https://www.rfc-editor.org/info/rfc7858">https://www.rfc-editor.org/info/rfc7858&gt;. </a><a name="_page28_x66.00_y461.00"></a><strong>[RFC8174]</strong> Leiba, B., “Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words”, BCP</p><p>14, RFC 8174, DOI 10.17487/RFC8174, May 2017, &lt;<a href="https://www.rfc-editor.org/info/rfc8174">https://www.rfc-editor.org/info/</a></p><p><a href="https://www.rfc-editor.org/info/rfc8174">rfc8174&gt;</a>. </p><p><a name="_page28_x66.00_y510.00"></a><strong>[RFC8310]</strong> Dickinson, S., Gillmor, D., and T. Reddy , “Usage Profiles for DNS over TLS and</p><p>DNS over DTLS”, RFC 8310 , DOI 10.17487/RFC8310 , March 2018, &lt;<a href="https://www.rfc-editor.org/info/rfc8310">https:// www.rfc-editor.org/info/rfc8310&gt;. </a></p><p><a name="_page28_x66.00_y558.00"></a><strong>[RFC8446]</strong> Rescorla, E. , “The Transport Layer Security (TLS) Protocol Version 1.3” , RFC 8446 ,</p><p>DOI 10.17487/RFC8446, August 2018, &lt;<a href="https://www.rfc-editor.org/info/rfc8446">https://www.rfc-editor.org/info/rfc8446&gt;. </a><a name="_page28_x66.00_y594.00"></a><strong>[RFC8490]</strong> Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S., Lemon, T., and T. Pusateri, </p><p>“DNS Stateful Operations” , RFC 8490 , DOI 10.17487/RFC8490 , March 2019, </p><p>&lt;<a href="https://www.rfc-editor.org/info/rfc8490">https://www.rfc-editor.org/info/rfc8490&gt;. </a></p><p><a name="_page28_x66.00_y642.00"></a><strong>[SRVTYPE]</strong> IANA, “Service Name and Transport Protocol Port Number Registry”, &lt;https://</p><p><a href="https://www.iana.org/assignments/service-names-port-numbers/">www.iana.org/assignments/service-names-port-numbers/&gt;. </a></p><ol start="2"><li><a href="#_page29_x66.00_y70.00"><strong>Informative References</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></li></ol><p><a name="_page29_x66.00_y70.00"></a><a name="_page29_x66.00_y114.00"></a><strong>[BCP195]</strong> Sheffer, Y., Holz, R., and P. Saint-Andre , “Recommendations for Secure Use of</p><p>Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)”, BCP 195, RFC 7525, May 2015, &lt;<a href="https://www.rfc-editor.org/info/bcp195">https://www.rfc-editor.org/info/bcp195&gt;. </a></p><p><a name="_page29_x66.00_y163.00"></a><strong>[OBS]</strong> Wikipedia , “Observer pattern”, February 2020, &lt;<a href="https://en.[wikipedia.org/w/](https://en.wikipedia.org/w/index.php?title=Observer_pattern&amp;oldid=939702131)">https://en.[wikipedia.org/w/](https://en.wikipedia.org/w/index.php?title=Observer_pattern&amp;oldid=939702131)</a></p><p><a href="https://en.wikipedia.org/w/index.php?title=Observer_pattern&oldid=939702131">index.php?title=Observer_pattern&amp;oldid=939702131&gt;. </a></p><p><a name="_page29_x66.00_y198.00"></a><strong>[RFC2308]</strong> Andrews, M. , “Negative Caching of DNS Queries (DNS NCACHE)” , RFC 2308, DOI</p><p>10.17487/RFC2308, March 1998, &lt;<a href="https://www.rfc-editor.org/info/rfc2308">https://www.rfc-editor.org/info/rfc2308&gt;. </a><a name="_page29_x66.00_y233.00"></a><strong>[RFC3123]</strong> Koch, P., “A DNS RR Type for Lists of Address Prefixes (APL RR)” , RFC 3123, DOI</p><p>10.17487/RFC3123, June 2001, &lt;<a href="https://www.rfc-editor.org/info/rfc3123">https://www.rfc-editor.org/info/rfc3123&gt;. </a>                               <a name="_page29_x66.00_y268.00"></a><strong>[RFC4287]</strong> Nottingham, M., Ed. and R. Sayre, Ed. , “The Atom Syndication Format” , RFC 4287 ,</p><p>DOI 10.17487/RFC4287, December 2005, &lt;<a href="https://www.rfc-editor.org/info/rfc4287">https://www.rfc-editor.org/info/</a></p><p><a href="https://www.rfc-editor.org/info/rfc4287">rfc4287&gt;</a>. </p><p><a name="_page29_x66.00_y317.00"></a><strong>[RFC4953]</strong> Touch, J., “Defending TCP Against Spoofing Attacks” , RFC 4953 , DOI 10.17487/ RFC4953, July 2007, &lt;<a href="https://www.rfc-editor.org/info/rfc4953">https://www.rfc-editor.org/info/rfc4953&gt;. </a></p><p><a name="_page29_x66.00_y352.00"></a><strong>[RFC6281]</strong> Cheshire, S., Zhu, Z., Wakikawa, R., and L. Zhang , “Understanding Apple’s Back to</p><p>My Mac (BTMM) Service” , RFC 6281 , DOI 10.17487/RFC6281 , June 2011, &lt;<a href="https://www.rfc-editor.org/info/rfc6281">https:// www.rfc-editor.org/info/rfc6281&gt;. </a></p><p><a name="_page29_x66.00_y401.00"></a><strong>[RFC6762]</strong> Cheshire, S. and M. Krochmal , “Multicast DNS” , RFC 6762 , DOI 10.17487/RFC6762 ,</p><p>February 2013, &lt;<a href="https://www.rfc-editor.org/info/rfc6762">https://www.rfc-editor.org/info/rfc6762&gt;. </a></p><p><a name="_page29_x66.00_y436.00"></a><strong>[RFC6763]</strong> Cheshire, S. and M. Krochmal , “DNS-Based Service Discovery” , RFC 6763, DOI</p><p>10.17487/RFC6763, February 2013, &lt;<a href="https://www.rfc-editor.org/info/rfc6763">https://www.rfc-editor.org/info/rfc6763&gt;. </a><a name="_page29_x66.00_y472.00"></a><strong>[RFC6886]</strong> Cheshire, S. and M. Krochmal , “NAT Port Mapping Protocol (NAT-PMP)”, RFC</p><p>6886, DOI 10.17487/RFC6886, April 2013, &lt;<a href="https://www.rfc-editor.org/info/rfc6886">https://www.rfc-editor.org/info/</a></p><p><a href="https://www.rfc-editor.org/info/rfc6886">rfc6886&gt;</a>. </p><p><a name="_page29_x66.00_y520.00"></a><strong>[RFC6887]</strong> Wing, D., Ed., Cheshire, S., Boucadair, M., Penno, R., and P. Selkirk , “Port Control</p><p>Protocol (PCP)” , RFC 6887 , DOI 10.17487/RFC6887 , April 2013, &lt;<a href="https://www.rfc-editor.org/info/rfc6887">https://www.rfc- editor.org/info/rfc6887&gt;. </a></p><p><a name="_page29_x66.00_y569.00"></a><strong>[RFC7413]</strong> Cheng, Y., Chu, J., Radhakrishnan, S., and A. Jain , “TCP Fast Open” , RFC 7413, DOI</p><p>10.17487/RFC7413, December 2014, &lt;<a href="https://www.rfc-editor.org/info/rfc7413">https://www.rfc-editor.org/info/rfc7413&gt;. </a><a name="_page29_x66.00_y604.00"></a><strong>[RFC8010]</strong> Sweet, M. and I. McDonald , “Internet Printing Protocol/1.1: Encoding and</p><p>Transport” , STD 92 , RFC 8010 , DOI 10.17487/RFC8010 , January 2017, &lt;<a href="https://www.rfc-editor.org/info/rfc8010">https://</a></p><p><a href="https://www.rfc-editor.org/info/rfc8010">www.rfc-editor.org/info/rfc8010&gt;. </a></p><p><a name="_page29_x66.00_y653.00"></a><strong>[RFC8011]</strong> Sweet, M. and I. McDonald , “Internet Printing Protocol/1.1: Model and</p><p>Semantics” , STD 92 , RFC 8011 , DOI 10.17487/RFC8011 , January 2017, &lt;<a href="https://www.rfc-editor.org/info/rfc8011">https:// www.rfc-editor.org/info/rfc8011&gt;. </a></p><p><a name="_page30_x66.00_y70.00"></a><strong>[RFC8499]</strong> Hoffman, P., Sullivan, A., and K. Fujiwara , “DNS Terminology” , BCP 219, RFC<img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p>8499, DOI 10.17487/RFC8499, January 2019, &lt;<a href="https://www.rfc-editor.org/info/rfc8499">https://www.rfc-editor.org/info/ rfc8499&gt;</a>. </p><p><a name="_page30_x66.00_y119.00"></a><strong>[RFC8684]</strong> Ford, A., Raiciu, C., Handley, M., Bonaventure, O., and C. Paasch , “TCP Extensions</p><p>for Multipath Operation with Multiple Addresses” , RFC 8684 , DOI 10.17487/ RFC8684, March 2020, &lt;<a href="https://www.rfc-editor.org/info/rfc8684">https://www.rfc-editor.org/info/rfc8684&gt;. </a></p><p><a name="_page30_x66.00_y168.00"></a><strong>[RFC8764]</strong> Cheshire, S. and M. Krochmal , “Apple’s DNS Long-Lived Queries Protocol”, RFC</p><p>8764, DOI 10.17487/RFC8764, June 2020, &lt;<a href="https://www.rfc-editor.org/info/rfc8764">https://www.rfc-editor.org/info/ rfc8764&gt;</a>. </p><p><a name="_page30_x66.00_y217.00"></a><strong>[RFC8766]</strong> Cheshire, S. , “Discovery Proxy for Multicast DNS-Based Service Discovery”, RFC</p><p>8766, DOI 10.17487/RFC8766, June 2020, &lt;<a href="https://www.rfc-editor.org/info/rfc8766">https://www.rfc-editor.org/info/ rfc8766&gt;</a>. </p><p><a name="_page30_x66.00_y266.00"></a><strong>[SD-API]</strong> Apple Inc. , “dns_sd.h” , &lt; <a href="https://opensource.apple.com/source/mDNSResponder/mDNSResponder-878.70.2/mDNSShared/dns_sd.h.auto.html">https://opensource.apple.com/source/mDNSResponder/</a></p><p><a href="https://opensource.apple.com/source/mDNSResponder/mDNSResponder-878.70.2/mDNSShared/dns_sd.h.auto.html">mDNSResponder-878.70.2/mDNSShared/dns_sd.h.auto.html&gt;. </a></p><p><a name="_page30_x66.00_y301.00"></a><strong>[SYN]</strong> Eddy, W., “Defenses Against TCP SYN Flooding Attacks” , The Internet Protocol</p><p>Journal , Cisco Systems , Volume 9 , Number 4 , December 2006, &lt;https:// <a href="https://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-4/ipj_9-4.pdf">www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_9-4/ipj_9-4.pdf&gt;. </a></p><p><a name="_page30_x66.00_y350.00"></a><strong>[TCPRACK]</strong> Cheng, Y., Cardwell, N., Dukkipati, N., and P. Jha , “RACK: a time-based fast loss detection algorithm for TCP” , Work in Progress , Internet-Draft, draft-ietf-tcpm- rack-08, 9 March 2020, &lt;<a href="https://tools.ietf.org/html/draft-ietf-tcpm-rack-08">https://tools.ietf.org/html/draft-ietf-tcpm-rack-08&gt;. </a></p><p><a name="_page30_x66.00_y398.00"></a><strong>[XEP0060]</strong> Millard, P., Saint-Andre, P., and R. Meijer , “Publish-Subscribe” , XSF XEP 0060  , <a name="_page30_x66.00_y422.00"></a>October 2019, &lt;<a href="https://xmpp.org/extensions/xep-0060.html">https://xmpp.org/extensions/xep-0060.html&gt;. </a></p><p><a href="#_page30_x66.00_y422.00"><strong>Acknowledgments</strong> </a></p><p>The authors would like to thank Kiren Sekar and Marc Krochmal for previous work completed in this field.</p><p>This document has been improved due to comments from Ran Atkinson, Tim Chown , Sara Dickinson , Mark Delany , Ralph Droms , Jan Komissar , Eric Rescorla , Michael Richardson,  David Schinazi , Manju Shankar Rao , Robert Sparks , Markus Stenberg , Andrew Sullivan , Michael Sweet , Dave Thaler , Brian Trammell , Bernie Volz , Éric Vyncke , Christopher Wood , Liang Xia , and Soraia Zlatkovic . Ted Lemon provided clarifying text that was greatly appreciated.</p><p><a href="#_page31_x66.00_y70.00"><strong>Authors’ Addresses</strong> </a><img src="/img/Aspose.Words.41fc3583-4159-41ac-84e2-c9eb55e2ff99.002.png" alt="ref1"></p><p><a name="_page31_x66.00_y70.00"></a><strong>Tom Pusateri</strong></p><p>Unaffiliated</p><p>Raleigh, NC 27608</p><p>United States of America Phone: <a href="tel:+1%20919%20867%201330">+1 919 867 1330 </a>Email: <a href="mailto:&#x70;&#117;&#115;&#97;&#x74;&#x65;&#114;&#105;&#64;&#98;&#x61;&#x6e;&#x67;&#x6a;&#46;&#99;&#x6f;&#109;">&#x70;&#117;&#115;&#97;&#x74;&#x65;&#114;&#105;&#64;&#98;&#x61;&#x6e;&#x67;&#x6a;&#46;&#99;&#x6f;&#109;</a></p><p><strong>Stuart Cheshire</strong></p><p>Apple Inc.</p><p>One Apple Park Way Cupertino , CA 95014 United States of America Phone: <a href="tel:+1%20(408)%20996-1010">+1 (408) 996-1010 </a>Email: <a href="mailto:&#99;&#x68;&#101;&#x73;&#104;&#105;&#114;&#101;&#x40;&#97;&#x70;&#x70;&#108;&#x65;&#46;&#99;&#x6f;&#109;">&#99;&#x68;&#101;&#x73;&#104;&#105;&#114;&#101;&#x40;&#97;&#x70;&#x70;&#108;&#x65;&#46;&#99;&#x6f;&#109;</a><br>Pusateri &amp; Cheshire Standards Track Page 34</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/11/02/2023/%E5%A5%BD%E7%9A%84,%E4%BD%BF%E7%94%A8%20CouchDB%20%E7%8A%B6%E6%80%81%E6%95%B0%E6%8D%AE%E5%BA%93%E8%BF%9B%E8%A1%8C%E5%88%86%E9%A1%B5%E6%9F%A5%E8%AF%A2%E7%9A%84%E6%96%B9%E6%B3%95%E5%A6%82%E4%B8%8B1/"/>
      <url>/2023/11/02/2023/%E5%A5%BD%E7%9A%84,%E4%BD%BF%E7%94%A8%20CouchDB%20%E7%8A%B6%E6%80%81%E6%95%B0%E6%8D%AE%E5%BA%93%E8%BF%9B%E8%A1%8C%E5%88%86%E9%A1%B5%E6%9F%A5%E8%AF%A2%E7%9A%84%E6%96%B9%E6%B3%95%E5%A6%82%E4%B8%8B1/</url>
      
        <content type="html"><![CDATA[<p>好的,使用 CouchDB 状态数据库进行分页查询的方法如下:1. 在部署链码时,指定使用 CouchDB 作为状态数据库。2. 在链码中,查询数据时不需要指定分页条件,只定义查询逻辑和排序条件。例如:</p><figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">queryString := fmt.Sprintf(&quot;&#123;\&quot;selector\&quot;:&#123;\&quot;docType\&quot;:\&quot;data\&quot;&#125;, \&quot;sort\&quot;: [%v]&#125;&quot;, sortField)</span><br><span class="line"></span><br><span class="line">resultsIterator, err := ctx.GetStub().GetQueryResult(queryString)</span><br></pre></td></tr></table></figure><ol start="3"><li>客户端在调用链码查询函数时,需要指定分页参数,例如页面大小 pageSize 和页面编号 pageNo。</li><li><ol start="4"><li>链码把这些分页参数通过 Context 传递给 CouchDB。</li><li><ol start="5"><li>CouchDB 根据这些分页参数,从排序后的查询结果集中取出指定一页的数据返回。</li><li><ol start="6"><li>客户端得到一页数据结果后,可以通过更改 pageNo 获得不同页面的数据。使用 CouchDB 的好处是可以将分页逻辑下推到数据库,链码只需要处理查询条件,从而简化链码。并可以利用 CouchDB 的性能优势处理大数据集。缺点是需要 CouchDB 作为状态数据库,增加了部署和运维的复杂性。此外,链码也需要处理分页参数的传递。所以这种方式更适合有大数据处理需求,并能接受 CouchDB 状态数据库的情况。 （</li></ol></li></ol></li></ol></li></ol>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/10/08/2023/%E4%B8%80%E7%A7%8D%E5%9F%BA%E4%BA%8E%E8%81%94%E7%9B%9F%E9%93%BE%E7%9A%84%E5%9F%9F%E5%90%8D%E6%BB%A5%E7%94%A8%E7%9B%91%E7%AE%A1%E6%96%B9%E6%B3%95%E5%8F%8A%E7%B3%BB%E7%BB%9F/"/>
      <url>/2023/10/08/2023/%E4%B8%80%E7%A7%8D%E5%9F%BA%E4%BA%8E%E8%81%94%E7%9B%9F%E9%93%BE%E7%9A%84%E5%9F%9F%E5%90%8D%E6%BB%A5%E7%94%A8%E7%9B%91%E7%AE%A1%E6%96%B9%E6%B3%95%E5%8F%8A%E7%B3%BB%E7%BB%9F/</url>
      
        <content type="html"><![CDATA[<h1 id="一种基于联盟链的域名滥用监管方法及系统"><a href="#一种基于联盟链的域名滥用监管方法及系统" class="headerlink" title="一种基于联盟链的域名滥用监管方法及系统"></a>一种基于联盟链的域名滥用监管方法及系统</h1><h3 id="一、描述"><a href="#一、描述" class="headerlink" title="一、描述"></a>一、描述</h3><p>本实施例提供的基于联盟链的域名滥用监管方法采用联盟链作为域名滥用 监管过程中的数据存储和传输载体，利用区块链去中心化的特性通过智能合约规 范对域名滥用的审核处置，实现域名滥用监管过程中举报认定标准的统一，同时 实现监管数据及审核结果的安全可靠的开放和共享。</p><h3 id="二、实例"><a href="#二、实例" class="headerlink" title="二、实例"></a>二、实例</h3><img src="https://p.ipic.vip/0gtfn6.png" alt="image-20231008110007575" style="zoom:70%;" /><h3 id="三、模型"><a href="#三、模型" class="headerlink" title="三、模型"></a>三、模型</h3><ol><li><p>组织</p><p><img src="https://p.ipic.vip/fwc6bp.png" alt="image-20231008110220157"></p></li><li><p>举报内容</p><p><img src="https://p.ipic.vip/46yo3o.png" alt="image-20231008110238911"></p><h3 id="四、规则"><a href="#四、规则" class="headerlink" title="四、规则"></a>四、规则</h3><ol><li>每个审核人都有一个初始信用值Ci,比如100分。</li><li>当一个数据需要审核时,如果在规定时间内,有超过半数的审核人进行了评定,则进行最终认定。</li><li>最终认定意见的值V计算如下:<br>V = (C1<em>P1 + C2</em>P2 + … + Cn*Pn) / (C1 + C2 + … + Cn)<br>其中Pn为每个审核人的认定意见,1表示同意,0表示不同意。</li><li>根据最终认定意见V,如果V&gt;=0.5,则认为最终结果为“同意”,如果V&lt;0.5,则认为最终结果为“不同意”。</li><li>对每个审核人进行信用奖励/惩罚:<br>如果审核人的认定意见与最终认定意见一致,则增加该审核人的信用值1分。<br>如果不一致,则减少信用值1分。</li><li>审核人的信用值不能低于0,也不能超过100。</li></ol></li></ol><p>在一生中，哪个人最重要？是父母、兄弟、子女，还是爱人？</p><p>父母养育了我们，对我们的爱是无私的，但我们对父母更多的感激，更多的想报答。</p><p>兄弟是我们很重要的人，陪我们走过一段或困难或快乐，总之是一段难忘的时光。但是兄弟，终要成家，要去陪伴自己的爱人，照顾自己的孩子。</p><p>子女，我们把他带到了这个世界，养育他、教育他，陪他长大，然后看他离开我们，创建自己的世界。</p><p>爱人呢，她一直陪我到老，陪伴比父母更久。《小王子》中狐狸和小男孩的对话：“你还没有驯养我，对我来说，你只是一个小男孩，就像其他成千上万个小男孩一样没有什么两样。我不需要你。你也不需要我。对你来说，我也只是一只狐狸，和其他成千上万的狐狸没有什么不同。但是，如果你驯养了我，我们就会彼此需要。对我来说，你就是我的世界里独一无二的了；我对你来说，也是你的世界里的唯一了。”</p><p>现代社会的我们，需要面对着职业、家庭、财务、健康等各方面的压力和责任，在这一连串的风雨中，是谁在陪伴我们，给我慰藉、给我动力，无疑是爱人。一个事情又一个事情，一场风雨又一场风雨，一年又一年，不断『驯养』我，给我羁绊，这个世界有谁这么持久的「驯养」我呢。</p><p>可以说，我生命中的重要时刻，她都在，如果说过去的种种汇集成了我，那我的每个碎片里都有她的痕迹。所以我想说，我的生命中，最重要的人是我的爱人。</p><p>这次因大腿后不慎受伤，老婆决定把我带回老家，说是让我妈好好照顾我几天。到家后，我马上就感受到了母爱的细致与温暖。特别是晚上，老妈专门为我热了一盆水。她慢慢地把热水倒在我的脚上，动作轻柔，就像小时候一样。</p><p>生命中的三个女人：母亲、女儿和妻子</p><p>那天在足球场上，我不慎摔倒，膝盖受了重伤。十一回家，老妈说你腿不方便，我给你洗洗脚。</p><p>老妈的双手轻柔把热水往我的脚上撩，每一滴水都似乎融入了她多年的关心与照料。然后她开始给我搓脚底，甚至连脚后跟也不放过，仿佛每一次的触碰都能带走一些疼痛。</p><p>在这个家庭和热水的温暖中，我感觉伤势都缓和了许多。回头看看，老妈始终是那个在生命里细致入微地关心我的人。</p><p>闺女呢，也比较乖，没事的时候就问候一下：爹地,我家这个小残废最近过得咋样呀?膝盖不要又加重伤了啊,还给我好好注意着点儿。上班辛苦不辛苦哇?记得好好休息,别老认为自己还年轻。虽然有些没正经，但还是感觉到了一丝儿甜蜜，有一些欣慰，觉得孩子没白养。</p><p>媳妇呢，见我受伤的第一句话就是「我告诉过你不要总玩那些大力的运动,看你现在把膝盖给弄伤了。算了,先别说这个,你坐下,我给你拿冰袋敷一下。这里,我帮你把腿垫高一点,是不是好一些了?对了,我做点肉吧,别担心长肉了，你这个时候最需要营养。行了,你刚伤着还是别到处瞎动了,在家好好歇几天吧。”</p><p>在这个短暂的生命旅程中，我逐渐明白：伤痛和恢复，会在人生中不断交替出现。我的腿受伤，也许是一种生命的提醒，一次无声的选择题，让我暂停脚步，重新审视我所拥有的。在这个特殊时刻，家人的关心成了那副符号中温暖的一面，让我又有了再观察家庭的机会和能力。</p><p>每一滴热水，每一个关切的问候，都像是暗夜里的星辰，为我的人生道路照亮了方向。我仿佛听见了自己内心深处的声音，告诉我：珍惜当下，感恩所得。这不仅是一次肉体上的康复，更是一次心灵上的觉醒。</p><p>所以，当你在人生的路上遭遇挫折或困惑，不妨停下来，看看身边那些一直支持你的人和事，也许你会发现，答案早已经在那里，只是你一直没有察觉。这些看似微不足道的瞬间，正是构成我们完整人生的必不可少的一部分。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/08/24/2023/%E4%B8%AD%E5%8C%BB%E7%B2%BE%E7%A5%9E%E5%81%A5%E5%BA%B7%E8%AE%B2%E4%B9%892/"/>
      <url>/2023/08/24/2023/%E4%B8%AD%E5%8C%BB%E7%B2%BE%E7%A5%9E%E5%81%A5%E5%BA%B7%E8%AE%B2%E4%B9%892/</url>
      
        <content type="html"><![CDATA[<p>上篇介绍了物质体（形）、能量体（气）、意识体（神）的概念。今天主要说一下神对我们的影响。</p><p>中医认为一切病先是神病，然后是气病，再到血病，最后才到形病。</p><p>即疾病先从生命无形的部分，即从精神、信息的层面开始出问题；第二个阶段，到气的部分，能量格局和运行规律发生紊乱；第三个阶段，到有形的疾病层面。</p><p>而神病当中最应该引起我们重视的是神不定。</p><p>为什么神不定?或者说为什么现代人容易神不定？</p><p>两个原因。一是现代社会信息量太多，各种信息冲刷我们的心灵，今天一个消息报道某省某市一个骇人听闻的凶杀案，明天又告诉你你再不学AI就要被社会淘汰。我们每天都被这样的信息所牵动，大喜大悲，焦虑心慌，很容易造成神不定。二是太急，现代社会太注重效率，任务一个接着一个，账单也是一批接着一批，就是学个东西，如果标题都是《7条搞定xx，无效退款》。你可以问问自己是不是陷入了一种太快、太急了的精神生活状态？</p><p>怎么办？</p><p>作者每次出诊或者和学生上课，都带着学生一起做15分钟的冥想，中医称为打坐：闭上眼睛，观察、觉察自己的身心，不做其他。还有，作者还建议多去户外，接触大自然，离开喧闹的城市一段时间。</p><p>而我在钱穆先生的《八十忆双亲师友杂忆》也看到一个类似的方法，书中是这样描写的：</p><p>“十八世祖年三十左右，婴衰虚之疾。远近名医，百药罔效，病情日见沉重。一日，十八世祖母告其夫：”胸中久蓄一言，未敢启口，恐不听从，又滋责怪。”十八世祖言：”病已至此，苟可从者当无不从。纵或实不能从，亦断无责怪可言。”十八世祖母谓：”君病殆非药石可疗。久服药，反滋他病。计惟有长年静养一途。但我两人既不能入深山，长居僧寺道院中。我已将宅西别院修治。若君能一人居别院，家中事由我处理，君可勿操心。我已在院门上辟一小门，一日三餐，当送小门内，君可闻铃往取。初住自感寂寞，旬日半月后，应可习惯。万一有事，仍可开门接出。如此以三年为期。我曾以此意告之两医，谓可一试。”十八世祖慨允。越三年，接出，病态全消，健复如常。”</p><p>这些都是让人心情或者神定的方式。</p><p>附作者提供了保持精神稳定的建议和方法几个小tip：</p><p>1.放松与觉察的练习(打坐或站桩)。<br>2.尽量避免看恐怖片或恐怖小说。<br>3.如果身形比较单薄，肌肉不足，需要适度的体能练习，强壮身体会帮助我们的保护层厚一些。<br>每天下蹲30~ 60个，俯卧撑10~ 30个，或平板支撑一分钟。</p><p>4.减少不必要的社会交往和闲聊、熬夜。<br>5.增加独处、休息和睡眠的时间，接触大自然。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/08/17/2023/%E4%B8%AD%E5%8C%BB%E7%B2%BE%E7%A5%9E%E5%81%A5%E5%BA%B7%E8%AE%B2%E4%B9%89/"/>
      <url>/2023/08/17/2023/%E4%B8%AD%E5%8C%BB%E7%B2%BE%E7%A5%9E%E5%81%A5%E5%BA%B7%E8%AE%B2%E4%B9%89/</url>
      
        <content type="html"><![CDATA[<p>作者是一名中医，书的内容围绕着“精神健康”话题展开，娓娓道来，读之宛如一股清流流过心间，也理清了我关于中医的一些名词的理解。</p><p>书中说，人的生命结构可以理解为三个层面：物质体（形）、能量体（气）、意识体（神）。其中疾病、痛苦和烦恼可能涉及这三个层面。</p><h5 id="定义"><a href="#定义" class="headerlink" title="定义"></a>定义</h5><ol><li><p><strong>物质体（形）</strong>: 包括人体的骨骼、器官和血液等肉体结构。</p></li><li><p><strong>能量体（气）</strong>: 这是中医中的生命能量，它在人体经络中流动。</p><ul><li><strong>生理与健康</strong>: 气涉及呼吸、消化等生理活动，不足可能虚弱，滞阻可能引发疼痛。</li><li><strong>情感与精神</strong>: 气与情感和思考联系，例如愤怒可能让气上涌。</li><li><strong>环境与习惯</strong>: 气受外界和生活习惯影响，如气候、食物等。</li><li><strong>阴阳与经络</strong>: 气与阴阳平衡和经络系统关系密切。</li></ul><p>可以将气想象为河流中的水，流畅则健康，受阻则可能生病。或者比作风，看不见却在推动血液流动和营养输送。</p></li><li><p><strong>意识体（神）</strong>: 这一层面涉及人的精神、意识和情感，影响着身体健康。</p></li></ol><p>这里面的气（能量体）在中医中扮演了复杂的角色，它是人体各方面的联系纽带，连接了物质体和意识体。虽然概念深奥，但它是中医理论和实践的核心。这种能量体（气）的理解，可能对于现代读者来说有些难度，但它极其重要，正如河流对大地一样，维持着生命的流动和平衡。</p><p>对于能量体，或者说气，感觉更像是我们的体内的循环系统，如血液、消化、排泄等。那么能量体有和什么有关？又引出了三焦的概念：</p><p>三焦是中医理论中一个重要的概念，与”气”的流动和功能密切相关。上焦、中焦、下焦各有特定的职责，共同确保”气”在人体内的平衡流动。正如电力系统中的输入、转换和输出环节，三焦协同工作，维持人体的正常运行。</p><h5 id="三焦的定义"><a href="#三焦的定义" class="headerlink" title="三焦的定义"></a>三焦的定义</h5><ol><li><strong>上焦</strong>: 部位在人体的上半部分，包括胸腔内的心和肺。心主血脉，可以流通全身的血液，是血液运行的动力和基础。肺则主呼吸，负责气的吸入和排出。</li><li><strong>中焦</strong>: 部位在人体的中部，主要包括胃、脾等消化器官。负责食物的消化和营养物质的吸收，将食物转化为能量，输送到身体各部分。</li><li><strong>下焦</strong>: 部位在人体的下部，包括肾、膀胱、大肠等排泄和生殖器官。负责废弃物质的排出和生殖系统的功能。</li></ol><p>明白了这些，就会对我们平常所说的“气虚”、“体内湿气”，有了一个很好的认识，好了今天就到这，下次说说关于“神”到底和我们有什么关系</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/08/15/2023/%E5%9B%9B%E5%B7%9D%E9%87%8D%E5%BA%86%E4%B9%8B%E8%A1%8C%E4%BA%8C%E4%B8%89%E4%BA%8B/"/>
      <url>/2023/08/15/2023/%E5%9B%9B%E5%B7%9D%E9%87%8D%E5%BA%86%E4%B9%8B%E8%A1%8C%E4%BA%8C%E4%B8%89%E4%BA%8B/</url>
      
        <content type="html"><![CDATA[<p>四川重庆之行二三事</p><p>金沙遗址</p><p>本来要求更加让人熟知的三星堆，但是三星堆已经预约到了8月17日，所以最后选择了成都市区的金沙遗址。</p><p>金沙遗址和三星堆是什么关系呢？一脉相承。</p><p>虽然还有争论，但是主流的说法是金沙遗址是对三星堆文化的继承与发扬，在三星堆区域衰落之后，部分移民到金沙遗址区域，继续生存繁衍。</p><p>祭祀区被认为是金沙遗址最神秘的区域，古蜀人曾在这里进行了长达数百年的祭祀活动，他们点燃薪柴，升起袅袅香烟，将大量象牙、玉器等贵重物品敬献给神灵。祭祀的方式主要有浮沉、瘗埋、燎祭等，我用通俗的说法就是，扔水里、埋土里和用火烧，而且都是珍贵的东西如：石器、玉器、象牙、金器、铜器等。</p><p>峨眉山</p><p>峨眉山与五台山、普陀山、九华山四山，并称为中国佛教四大名山。峨眉山又是普贤菩萨的应化之地，想必佛教众人都知道什么叫“应化”吧。应化就是指凡夫俗子在修行上获得的一定成就，从凡人，修行至菩萨化身的过程。同时，普贤菩萨，和释迦牟尼、文殊菩萨合称为“华严三圣”。普贤菩萨通常供奉于大雄宝殿释迦牟尼佛右边，是娑婆世界释迦牟尼佛的右胁待，文殊菩萨是娑婆世界释迦牟尼佛的左胁侍。普贤菩萨辅助释迦佛弘扬佛道，且遍身十方，故普贤行愿品言:’普贤行愿威神力，普现一切如来前。’故普贤菩萨以智导行，以行证智，解行并进，完成求佛者的志愿，所以又称”大行普贤菩萨”。</p><p>而最重要的是，普贤菩萨是属龙和属蛇人的本命佛。这也是我来峨眉的重要原因。度化一下心中的执念，放一下心中的暴躁，求一方法物，回家。如果你也是属龙和属蛇人，强烈建议来躺峨眉，与普贤菩萨建立链接，让心里有个去处。</p><p>重庆</p><p>来重庆，我们入住在解放碑。解放碑作为西部第一条商业步行街，也是重庆最老牌最成熟的商圈，可以说是重庆的城市名片和文化符号了。并且因为挨着洪崖洞，长江索道等一系列网红景点，解放碑可以说拥有得天独厚的地理优势。而让我最震撼的是，或者说对一个北方人，一个北京人最震撼的是，夜里10点11点了，解放碑还是人山人海，吃着各种小吃，让人感叹，这是夜里吗。后来了解，因为重庆白天比较湿热，人们只有晚上才出来玩，而商家一般都要营业到夜里凌晨2点左右。</p><p>看着人来人往，摩肩擦踵，这难得的烟火气，这正是北京所缺乏的。</p><p>成都和重庆的出租车</p><p>在成都打车，和司机闲聊，我说，成都人开车都比较猛啊，特别是并线，可以称胃闪电并线，能吓人一跳的感觉。司机笑了，说如果你觉得我们成都人开车猛，那你要求重庆看一看。</p><p>果然到了重庆，我才发现什么叫猛：急开急停，加塞强行变道，各种转弯时弯道超车，还有很多强行借道超车的，但是有人行道行人过马路，车子还是会停的。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/07/28/2023/%E4%BD%A0%E4%B8%8D%E6%87%82%EF%BC%8C%E8%BF%99%E4%BA%9B%E8%AE%BE%E6%96%BD%E5%AF%B9%E4%BA%8E%E4%B8%80%E4%B8%AA%E5%88%9A%E6%88%90%E5%B9%B4%E7%9A%84%E4%BA%BA%E6%9C%89%E5%A4%9A%E5%A4%A7%E7%9A%84%E8%AF%B1%E6%83%91/"/>
      <url>/2023/07/28/2023/%E4%BD%A0%E4%B8%8D%E6%87%82%EF%BC%8C%E8%BF%99%E4%BA%9B%E8%AE%BE%E6%96%BD%E5%AF%B9%E4%BA%8E%E4%B8%80%E4%B8%AA%E5%88%9A%E6%88%90%E5%B9%B4%E7%9A%84%E4%BA%BA%E6%9C%89%E5%A4%9A%E5%A4%A7%E7%9A%84%E8%AF%B1%E6%83%91/</url>
      
        <content type="html"><![CDATA[<p>你不懂，这些设施对于一个刚成年的人有多大的诱惑</p><p>阿那亚，一个久负盛名的地方，悠悠地躺在距离北京不远的北戴河边。我长久以来总听闻它独特的海滩，坐落孤独的图书馆，以及设计优美的教堂。终于，我决定与孩子们一起亲近这片海，亲近阿那亚，亲近这个传说中美妙的地方。</p><p>阿那亚，不仅仅是海滩，不仅仅是图书馆，不仅仅是教堂。它是孩子们的乐园，一个充满欢笑和活力的社区。</p><p>炎炎夏日，孩子们的乐园里充满了什么？水的清凉，沙的柔软，泳池的欢快，还有那无数的玩具，而阿那亚应有尽有。不仅如此，阿那亚还有各色美食，包括各类网红餐厅和三家家庭式餐馆。在那里，孩子们可以自由地选择他们喜欢的食物，尝试新鲜的味道，体验独特的美食文化。</p><p>阿那亚，有很多孩子的游乐设施，在这里，闺女对我说：“你不懂，这些设施对于一个刚成年的人有多大的诱惑”。我女儿看到阿那亚的游乐设施时激动的表情，让我有些理解这些设施对于她的吸引力。在许多设施中，她找到了一个没有年龄限制的地方——章鱼滑梯。虽然因为没有穿长袖没能马上尝试，但在我午休时，她仍然无法抵挡那份诱惑，独自去尝试了这个滑梯。</p><p>这恐怕是阿那亚对她的诱惑，无法抗拒。</p><p>阿那亚就像一个大型度假村，你能在这里找到一切所需：美食、游乐设施、休闲娱乐……所有的一切都在这里等待你来发现。如果你不知道该去哪里，不妨来阿那亚，感受一下这里的独特魅力吧。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/06/29/2023/shenxing/"/>
      <url>/2023/06/29/2023/shenxing/</url>
      
        <content type="html"><![CDATA[<p>人所能及的神性</p><p>自古以来人们都追求超凡脱俗，成为圣人，因为圣人是最解决神的人。在这个过程中肉体始终是个麻烦，它总是有各种欲望，比如吃、比如放纵，人总是受这些欲望的折磨。</p><p>而神就没有这种痛苦，因为他没有肉身，所以就不会受这些欲望的折磨。肉体似乎是人的动物性的根源，它似乎决定了人不能拜托动物性到底神的境界。为了达到神的境界，人必须要战胜这个肉体，在某种意义上要把它消灭掉。</p><p>于是就有了个各种禁欲，实行苦行主义。我们认知中达到或者解决的，就是宗教中的圣徒和佛教的高僧。而我是凡俗之人，体会不到其中的奥秘，但是我知道，消灭肉体的欲望，无异议于扼杀生命的乐趣，代价未免过大。我一直认为动物性或者说这种欲望，是大自然创造的礼物，我们只需要加以引导、限制，它就能升华，而不是消灭它。</p><p>譬如说，凡人皆有欲望，那种纯粹的动物本能。比如对美食的热爱，如果对它不加以限制，纵欲海吃，人便于动物无异。但是人欲望又是情感、包括爱情、美感、创造力的原动力。而为了使它升华为这种美好的情感，对它加以限制是必须的。我只要制定规则，在规则内进行限制。</p><p>我想人性就是动物性到神性之间的某个位置，负责引导动物性进行升华。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/06/19/2023/18years/"/>
      <url>/2023/06/19/2023/18years/</url>
      
        <content type="html"><![CDATA[<p>十八年前，我们的女儿降生于这个世界，提早三周的她只有五斤二两。因为她出生时的脐带绕颈，造成了脑部缺氧，那时候的她仿若一只风中颤抖的小鸟，那么无助又脆弱。</p><p>于是，这个新生儿住院了，住院的时候是我去办理的手续，医生跟我说了各种可能，数和质上我都无法消化：什么可能造成智力的损伤、也可能会影响运动能力、还有可能造成脑瘫。数和质上我都无法消化，哪个造成的后果，对于一个刚由青年晋升为父亲的我来说，都有些沉重。</p><p>但是我知道，这些回家都不能跟一个刚生完孩子的母亲说，只能说只需要住几天院，慢慢会好起来的。</p><p>一转眼，18年过去了。</p><p>这个母亲问这个孩子:「你跟我交个底，你高考到底考的咋样」</p><p>这个孩子说「求求你，别跟我说考试的事儿，先让我高兴玩几天」</p><p>我能怎么说？</p><p>我对孩子说「你应该感谢这三年的你，感谢这三年努力的自己」</p><p>我对这个母亲说「考的怎么样，她也不能说个所以然，一切等高考分吧」</p><p>仿佛我再一次回到那个在医院里等待的瞬间，那个充满未知、充满担忧、充满希望的瞬间。但这一次，我们期待的是她高考的成绩，我们期待的是她的未来。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/05/23/2023/pessimism/"/>
      <url>/2023/05/23/2023/pessimism/</url>
      
        <content type="html"><![CDATA[<p>title: Recording_is_a_life<br>tags:</p><ul><li>家庭<br>date: 2023-04-20 10:10:10<br>categories:</li><li>daily</li></ul><p>我一直自认为是一个乐观主义者，但最近，我意识到可能并非如此。因为是女儿马上就要高考了，我作为父亲，感到了莫名的焦虑。</p><p>她的成绩一直起伏比较大。在模拟考试中，最好和最差的成绩相差近100分。这让我时刻担心会出现最差的情况，担心他考砸了，十年寒窗苦毁于一旦。这种忧虑已经影响到了我的睡眠，许多天的早晨，我会在五点多钟就惊醒，然后再也无法入睡，脑海中总是充斥着各种各样的事情。</p><p>我开始意识到，我的想法、情绪和行为之间存在着紧密的联系，一种微妙的相互影响。有时候，我的负面想法会引发过度反应，从而带来不必要的压力。比如，我可能会过于夸大考虑最坏的情况，从而产生过度的焦虑。现在，我正试图通过更理性、更平衡的思考方式来改变这一情况。</p><p>例如，我可以这样思考：”虽然女儿的成绩起伏较大，但她确实也有过出色的表现。我应该更多地信任她，相信她有能力取得好成绩。” 这样的思考方式可以让我看到事情的另一面，并减轻我因担忧最坏结果而产生的压力。</p><p>有点作用，但是还不够，作为一个父亲不能每天自己忧虑，患得患失，而应该是孩子的依靠，为孩子的稳定剂。所以，我应该安慰、舒缓她的情绪。</p><p>于是，我在吃饭的时候问她紧不紧张，告诉她爸爸当年高考的时候也紧张：“你知道，你妈妈是爸爸的同桌，而她已经报送上大学了，所以我当时很紧张，怕考不好上不了大学。但是我怎么想的呢？我总是想我为高考付出了很多努力，我一定行，老天一定不会辜负我的，否则ta就是一个瞎老天”姑娘听完噗嗤一下，乐了。</p><p>通过这样的方式，我不仅可以通过具体的行动帮助她，也可以将自己从无休止的忧虑中解脱出来。我明白，我能做的最好的事情就是成为她的稳定器，为她提供支持和安慰。</p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title>Recording_is_a_life</title>
      <link href="/2023/04/20/2023/Recording-is-a-life/"/>
      <url>/2023/04/20/2023/Recording-is-a-life/</url>
      
        <content type="html"><![CDATA[<p>马尔克斯说：生活不是我们活过的日子，而是我们记住的日子。</p><p>我的人生已经几十年，14600多个日夜，我记住多少日子。</p><p>为什么工作后，日子好像加快了，一转眼就一年。是时间的巨轮突然加快转动他那巨大的手臂？还是我习惯了每天的日常，没有了记录的欲望。</p><p>德国有句谚语“<strong>只发生过一次的事就像没有发生过”</strong>，那么怎么让发生不止一次呢？</p><p>4月19日，和平常的日子没什么区别，说没什么区别吧，也有点区别，因为今天我要去医院做胃镜检查。起的比往常要早一些。出门前跑到闺女的屋里，闺女高三虽然起的比较早，但是洗漱后还有在床上赖上两分钟。</p><p>“闺女，我要去做胃镜了，你不安慰安慰我吗”</p><p>“~~~~~~，爱你”，闺女做了个手势</p><p>“就这样糊弄我啊，我伤心啦。”说我要走。</p><p>“等、等”，她怕起来，抱了我，然后香了我一下。</p><p>有什么吗？没有什么。</p><p>想记住它吗，想。</p><p>那么怎么让他不是只发生一次？</p><p>我会把它复述我的妻子，她的妈妈，也可以讲给我的妈妈，她的奶奶。</p><p>我还要一边回忆，一边把它变成文字：这是生活中的美好瞬间 ，像碎片一样在我周围翻飞 。女儿香在我的脸上时, 我想努力抓住她的呼吸触碰在我身上的感觉 。 当我逗得我女儿发笑时 , 我想努力抓住他的笑声 记住她放声大笑的样子，傻傻的样子，一点也不淑女。</p><p>记忆地碎片，消失的很快，快得我难以抓住 . 我能感觉到 它们正在从我指尖溜走 ，存在我记忆中 孙女的呼吸 和女儿的笑声，很快会将消失了，变成nothing。</p><p>但是不会，我把它变成了文字，它会存的比我还久远。。。</p>]]></content>
      
      
      <categories>
          
          <category> daily </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 家庭 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>post</title>
      <link href="/2023/04/20/post/"/>
      <url>/2023/04/20/post/</url>
      
        <content type="html"><![CDATA[]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title>一封家书--献给女儿的成年礼</title>
      <link href="/2023/04/20/2023/A_letter_from_home/"/>
      <url>/2023/04/20/2023/A_letter_from_home/</url>
      
        <content type="html"><![CDATA[<p>亲爱的女儿，</p><p>你终于长大了，闺女，你终于长大了。</p><p>   在你满月的时候我曾对你奶奶说：孩子什么时候才能长大啊，这得啥时候是个头。可没想到，这一晃你就18了。</p><p>你真长大了，长大了，爸爸又有些舍不得啊。</p><p>今天，是你的成人礼，我想写一封信给你。此刻，我无法用言语表达我内心的激动和感慨，因为这封信里融入了我对你的深深爱意，以及我们共同走过的成长历程。</p><p>从你出生的那一刻起，我就深知上天赐予了我一个无比珍贵的礼物。我清晰地记得，当你第一次紧握住我的手指时，我是如何被一股强烈的父爱所感动。那一刻，我发誓要竭尽全力保护你，陪伴你成长。</p><p>在你的童年里，有很多美好的瞬间令我难以忘怀。记得学会走路的那一刻，你摇摇晃晃地站稳双脚，我为你鼓掌欢呼，而你总喜欢喊：爸爸抱、爸爸抱。还有我们一起读绘本《猜猜我有多爱你》，我至今都记得书中的那句：我爱你，远到跨过小河，再翻过山丘；我爱你，一直到月亮那里。</p><p>我要感谢你为这个家庭带来的欢乐时光。你总是乐观、积极地面对生活，你的笑声让我们的日子充满阳光。你的成长让我坚信，我们已经为你打下了一个坚实的基础，你将能够勇敢地面对未来的挑战。</p><p>无论童年多么幸福与快乐，但每一个孩子都想长大，因为长大可以肆意的奔跑，享受那自由的感觉，因为长大可以鹰击长空，享受那努力后获得的成就感。所以在今天，在你以一个成年人的身份走上征程的时候，我想对你说：</p><p>在未来的道路上，我希望你永远保持对生活的热爱和好奇心。勇敢地追求自己的梦想，不断学习，不断进步。</p><p>我更想对你说，无论何时何地，爸爸永远爱你，爸爸妈妈永远是你的后盾。如果你奔跑时摔伤了大腿，在你翱翔长空时遇到了雷电，你可以回家里养伤，回家里来蓄能，因为真正的勇士不止是战胜困难，更是能够不断的跌倒后又一次次地爬起来，再次去追逐自己的梦想。</p><p>亲爱的女儿，谢谢你陪伴我走过这段美好的岁月。你的每一个笑声、每一个泪滴，都是我人生最珍贵的财富。在这个特殊的日子里，我想对你说，我为能成为你的父亲感到无比荣幸，你永远是我的骄傲。</p><p>最后，我要对你说一句：“女儿，爸爸永远爱你！”愿这份爱如同阳光般温暖你的心灵，照亮你未来的道路。愿你成为一个幸福、快乐、有意义的人，照耀着你周围的世界，让生活充满希望与美好。</p><p>永远爱你的，</p><p>爸爸 妈妈</p>]]></content>
      
      
      <categories>
          
          <category> Diary </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title></title>
      <link href="/2023/04/14/2023/begood/"/>
      <url>/2023/04/14/2023/begood/</url>
      
        <content type="html"><![CDATA[<p>《最后生还者》的启示：一丝善意，一丝宽容，可能改变人生</p><p>《最后生还者》–讲述了在现代文明被摧毁的二十年后，人类因现代传染病而面临绝种危机，幸存的人类为了生存自相残杀。</p><p>剧中有这样一段剧情，女主角-14岁少女艾莉在反抗反派大卫的过程中，用刀杀死了大卫后，在恐惧和愤怒的情绪下，麻木和莽然，这个时候男主角乔尔及时出现并抱住艾莉，不停的说“是我是我”。艾莉杀戮之后的极度的恐慌与癫狂后，乔尔的出现，乔尔的拥抱，抚慰了恐慌中的艾莉他们彼此用情感融化了暴力的坚冰，让对彼此的爱能流动起来两人相拥离开了这个可怕之地。</p><p>心理学家告诉我们，人会在恐惧与愤怒当中迷失自己，如果没有及时而恰好的温情的抚慰人会在这样杀戮与恐惧的冲击之下，变得迷恋或者崇拜暴力或者人格解体被击垮。</p><p>所以说，人是一种很奇妙的动物，有时候一个关键的时间点，别人的一个动作、一句言语就能改变一个人的一生。虽然大多少人不会遇到极端的暴力和恐慌，但是谁没有一个自己的至暗时刻呢，如果有人给于拥抱，给与微笑和鼓励，自己是不是能更好的走出来。</p><p>那些没走过来的，几乎都觉得整个世界一片黑暗，自己没钱没前途，周围全是负面的人，心里的苦闷没地方说，说出来周围的人也觉得矫情，慢慢越积越多，最后走向了不归路。</p><p>现代社会，很多人年纪轻轻就抑郁，甚至走向轻生的路，对于这些年轻人，很多人甚至父母都会说“你有啥抑郁的，有吃有喝，比我年轻时候，幸福多了”</p><p>这种声音固然可以理解，但话不能这么说。有时候人陷在困境中是出不来的。但是理是这个理，话不能这么说。有时候人陷在里面是出不来的。</p><p>我大学时代加入了一个社团，大家都非常投入。有一次，我负责策划一场重要的活动，但因为各种原因，活动进行得并不顺利，最后收场略显尴尬。当时，我觉得自己遭受了巨大的羞辱，觉得整个世界都在嘲笑我的失败。我当时痛苦地度过了一段时间，担心自己的声誉受损，甚至想过退出社团。</p><p>然而多年以后，那场尴尬的活动早已被时间冲淡。我再回想起那段经历时，甚至可能会笑出声，觉得自己当时过于敏感。但是如果我 身边有坏逼说这样讽刺的话，如果这样的坏逼有多个，真不知道自己能不能走出来，会不会干傻事。</p><p>所以，我不断地提醒自己，在日常生活中，一个简单的微笑、一句鼓励的话或一个温暖的拥抱可能会对他人产生深远的影响，如果自己提供的是讽刺和谩骂，很可能摧毁一个年轻人的生命。</p><p><img src="https://p.ipic.vip/8f73pi.png" alt="image-20230413094224687"></p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title>jiaoliu.md</title>
      <link href="/2023/03/15/2023/jiaoliu/"/>
      <url>/2023/03/15/2023/jiaoliu/</url>
      
        <content type="html"><![CDATA[]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title>Hello World</title>
      <link href="/2023/03/14/hello-world/"/>
      <url>/2023/03/14/hello-world/</url>
      
        <content type="html"><![CDATA[<p>Welcome to <a href="https://hexo.io/">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues">GitHub</a>.</p><h2 id="Quick-Start"><a href="#Quick-Start" class="headerlink" title="Quick Start"></a>Quick Start</h2><h3 id="Create-a-new-post"><a href="#Create-a-new-post" class="headerlink" title="Create a new post"></a>Create a new post</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo new <span class="string">&quot;My New Post&quot;</span></span><br></pre></td></tr></table></figure><p>More info: <a href="https://hexo.io/docs/writing.html">Writing</a></p><h3 id="Run-server"><a href="#Run-server" class="headerlink" title="Run server"></a>Run server</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo server</span><br></pre></td></tr></table></figure><p>More info: <a href="https://hexo.io/docs/server.html">Server</a></p><h3 id="Generate-static-files"><a href="#Generate-static-files" class="headerlink" title="Generate static files"></a>Generate static files</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo generate</span><br></pre></td></tr></table></figure><p>More info: <a href="https://hexo.io/docs/generating.html">Generating</a></p><h3 id="Deploy-to-remote-sites"><a href="#Deploy-to-remote-sites" class="headerlink" title="Deploy to remote sites"></a>Deploy to remote sites</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">$ hexo deploy</span><br></pre></td></tr></table></figure><p>More info: <a href="https://hexo.io/docs/one-command-deployment.html">Deployment</a></p>]]></content>
      
      
      
    </entry>
    
    
    
    <entry>
      <title>关于个人成长和职业发展，《创造》怎么谈这个问题</title>
      <link href="/2023/03/09/2023/chuangxin_book/"/>
      <url>/2023/03/09/2023/chuangxin_book/</url>
      
        <content type="html"><![CDATA[<p>《创造》是一本非常好的关于个人成长和职业发展的书。</p><p>好书的标准有很多，但追根揭底无非两个方面，作者和书的内容。而《创造》这两方面都是非常出色。</p><p>首先，介绍一下本书作者：托尼·法德尔。听起来好像不太有名，但是说起iPod 和iPhone 大家就该知道这个人的厉害之处了。</p><p>法德尔是iPod 之父，曾带领团队在苹果公司内部设计和制造了iPod,在苹果一片颓势之际力挽狂澜,扶大厦于将倾,iPod 是15年来苹果唯一成功的非 Mac 系列产品。一度苹果50%以上的收人都来自它的贡献。它极度受欢迎，并且仍在快速增长。它在教以百万汁的非 Mee 客户心中树立起苹果公司的形象，从次苹果才起身开始奔向自己的复兴之路。</p><p>在 iPod 之后，托尼·法德尔还深度参与了 iPhone 的研发。离开苹果之后创业成立了非常著名的智能家居品牌 Nest，后来把公司卖给了谷歌。</p><p>如此成就的业界大佬，在书中跟你谈论怎么对待公司里面的烂人，书中叫混蛋，怎么谈加薪，如何离职这些职场“低俗”的问题。因为人一旦功成名就，更多的是从宏观地阐述工作，</p><p>所以大佬+接地气=本书特点。</p><h5 id="个人发展与职业规划"><a href="#个人发展与职业规划" class="headerlink" title="个人发展与职业规划"></a>个人发展与职业规划</h5><p>法德尔在苹果的成功，仿佛一飞冲天，但是更应该看看他的职业生涯。他先后在通用魔术、飞利浦工作，工作之间有什么共同点，都做电子产品，都是硬件相关，都是便携式、移动手持办公方向。所以，iPod iPhone可以说是通用魔术、飞利浦工作的延续，或者改进改良版本。</p><p>所以，职业是一个连续的发展，虽然在不同的公司进行了工作。</p><p>如何做到不被其他行业优惠，那么必须有一个目标，有一个理想。有一个目标，去追逐一些看起来遥不可及，但对你又特别重要的东西。然后一步步向这个目标前进，即便步履蹒跚，你也要特续向前。</p><p>我记得在一本书还看到类似的一个观点，书的名字已经不记得了，但不重要。书中的主人目标要成为一个公司的CEO，那么这个目标不是一步而成的，那么CEO的需要几种能力，比如演讲能力、资源整合的能力，建立关系网的能力，那么我目前的工作，或者我要去工作的公司在这几方面能不能给我提供平台，这就是他后面选择工作的重要考量的地方。</p><p>此外，法德尔还建议年轻人应该去创业公司，有明星的朝阳公司。理由?何为朝阳公司？首先，公司有几位有分量的明星创业者。与这些人共事，近距离观察他们思考利做事的方式，本身就是一笔无彩的财富。其次，朝阳公司尚处于发展早期，这对年轻人也很有价值。你今天去腾讯能与马化腾一起兵事交流吗？很难，你连见他一面都不容易。</p><h5 id="职场"><a href="#职场" class="headerlink" title="职场"></a>职场</h5><p>作为一名工程师，法德尔说的我是深有体会。工程师只信任其他工程师，就像干财务的只信任财务人员一样,人们喜欢和自己思考方式相同的人。也正是因此,工程师们通常会与销售、营销、创意等这些软性职能部门的人保持距离。</p><p>这是不对的，个体作为职场中的个体要用 20%的时间向上看。他们也需要向周围看 看。他们这么做得越早，就会在取业生滙中进步得越快，上升得越高。</p><p>同时，你不同部门的有趣的交流可能变成一场面试，也可能不会，但至少它很有趣,至少你会感受到这是一个潜在的机遇。这可能让你踏上另外一条道路，展开另外一场有趣的对话。如此延展开来，直到你在另外一端看到新的光亮：一家让你燃起工作热情的新公司、一份新工作或者一个新团队。这能帮你重新找回自我。</p><p>而对于职场混蛋，在漫长的职业生涯中综合碰到，如何处理？法德尔是这样给的建议：</p><ol><li><p>善意出击。—谈话，是不是可能存在误会？</p></li><li><p>直接无视。—做认为正确的事</p></li><li><p>尝试绕过。—换个team</p></li><li><p>辞职走人。—没有改善的话，那么辞职就不可避免。</p></li></ol><h5 id="加薪"><a href="#加薪" class="headerlink" title="加薪"></a>加薪</h5><p>书中有一个非常有意思的实例，发生在苹果公司，人物是乔布斯。</p><blockquote><p>我记得在苹果公司时，有一次我们在开大型全体员工会议，就是每年只召开两三次的那种,其中一个人在会议的问答环节站起来问乔布斯，为什么他没有得到加薪或好评。乔布斯无比震惊地看着他说：“我可以告诉你为什么，因为你在一万人面前问这种问题。”</p><p>此后不久他就被解雇了。</p><p>所以不要成为这种人。</p></blockquote><p>如何做呢？</p><p>如果你想要吸引每个人的注意，要确保你的目的是做好自己的工作，而不是追求个人利益。你应仔细思考困扰你项目的问题，写下经过深思熟虑、有见地的解决方案，并把它呈交给领导。解决方案可能不起作用，但这个过程至少是有意义的。不要絮絮叨叨，但要坚持不懈,明智地选择时机,要表现得专业,即使你没有成功,也不要对结果遮遮掩掩。告诉他们你对这份工作充满热情,但是如果你不能解决这些问题，那么你可能不得不辞职。</p><h5 id="管理"><a href="#管理" class="headerlink" title="管理"></a>管理</h5><p>记住，一旦你成了管理者，就不要再做那些让你在最初获得成功的事情。你不能继续去做你擅长的事情，相反，你要深入研究如何让别人去做以及如何帮他们提升。你的工作是沟通，沟通，沟通，招聘，聘用和解雇，制定预算，项目审查，一对一会议，团队内部会议，和其他团队及上司的会议，在这些会议上展现你的团队，设定目标并保持前进方向，化解冲突，帮忙为棘手问题找到创造性解决方案,阻止和处理各种办公室政治,指导你的团队，并且要一直问他们：“我应如何帮你？”</p><p>好了，就写这么多吧。</p><p>至于这本书，内容非常丰富，托尼·法德尔按主题分了章节,包括个人成长、职业发展、产品设计、创业之路等等,但同时,这些内容仿佛又像是按照时间先后串起来的：从一个人初入职场，到后期承担重要工作职责、成为管理者、打造自己的产品、创办自己的公司，像是一条渐次发生的时间轨迹。推荐，大家去读一读。</p>]]></content>
      
      
      <categories>
          
          <category> Diary </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>都说勿以恶小而为之,真实案例不胜唏嘘</title>
      <link href="/2023/03/09/2023/evil/"/>
      <url>/2023/03/09/2023/evil/</url>
      
        <content type="html"><![CDATA[<p>都说温室的花朵经受不了风雨，我觉得不是这样，是温室的花朵都不知道有风雨，或者早已忘记了风雨是什么样子。</p><p>生活的戏剧性高于艺术，因为艺术总是有主角光环，无论怎样，最后都是美好的结局，主角迎来了幸福的生活。</p><p>直到遇到了深蓝，《深蓝的故事》。这是一个基层民警深蓝写的一部自己亲身经历的故事集，读完才知道那么多可怜更可恨的人和事，一直在发生，人们为了名、利做出各种荒谬、恶心、残酷、冰冷的事情。</p><p>看看这些故事的名字吧：</p><p>《“任性”的母爱》、《吊死在儿子饭店门口的母亲》、《“公务员考试社”社长的歧路》、《再也娶不到好妻子的官二代》、《我的父亲是毒贩》、《凭什么要我管我妈》、《儿子要杀我，这不怪他》《要命的熊孩子》、《被全家人逼着去卖身的女孩》、《父母犯了罪，一切都完了》、《报告阿sir，杀人犯想做刑侦特情》</p><p>《我的朋友是赌徒》《插了两刀的兄弟》《为了利益，断了兄弟手足》</p><p>《生也医闹，死也医闹》《就怕真的把领导告倒》《“碰瓷”者的下场》《谁骗了谁的婚》</p><p>而最让我唏嘘的故事为：为人师表，却躲不过网赌陷阱。</p><p>刘毅，大学学历，他是一所中职学校的班主任老师。刘毅因自己的学生玩“百家乐”——其实就是网络赌博，被人追债与警察也就是作者有了接触。</p><p>在了解案情的过程中，刘老师了解到这两个学生最高赢到过8、9万，而另外一个王小江玩百家乐最高赢到过30万。但俗话说“久赌必输”，他们赢的钱最终还是都还给了网赌的“庄家”，而且是连本带息。但是这个时候刘老师出现一个怪异的念头，觉得他们都是因为太贪，如果见好就收，估计不但赔不了钱，还能大赚一笔。他们输钱，是因为自控力太弱。</p><p>而刘老师自认为是一个自控力超强的人，从小就是家长口中别人家的孩子。所以他打算验证一下自己的自控能力。</p><p>刘老师自控力真是不错，每次就充100元进去，20元一局的投注，赢到300就提现，输光了也不再继续充值，这样小打小闹地玩了几个月，好像算下来真赚了一点。这笔小钱虽然没让刘毅发财，但却让他更加相信自己的“自控力”。</p><p>2015年初，刘老师准备买车，本来想买雪铁龙的C4L，但是他中了奥迪A4，要30来万，又不想贷款，所以到处想办法筹钱……。</p><p>刘拉筹钱的过程不太顺利，但最终还是勉强凑够了数，不过等他来到4S店时，却被告知之前看中的那款车型已经售罄，要买的话需要等3个月，当时店里还有一款配置稍高的，价钱要贵3万多。</p><p>刘老师失望而归，但走出4S店大门时，一个念头闪过他的脑海——自己平时玩的百家乐，100块钱运气好时可以赢200块，那用1万块钱做本，不就可以赢到2万吗？</p><p>不过那天刘毅的运气不好，他充进平台的1万块钱很快就输光了。心里就有些着急了，想赶紧翻本，注也下得大了，一来二去，最终刘老师输掉了100多万。</p><p>「勿以恶小而为之」，不是怕你习惯性去伤害别人，而是一旦开始，一旦恶的小火苗开始燃烧，必然会变成滔天大火，吞噬自己的良知和家庭。</p>]]></content>
      
      
      <categories>
          
          <category> Diary </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>从《遥远的救世主》，理解神和道</title>
      <link href="/2023/01/27/2023/202301/spring-festival/"/>
      <url>/2023/01/27/2023/202301/spring-festival/</url>
      
        <content type="html"><![CDATA[<ol><li><p>拥抱：去年写下的心愿是今年过年，能抱抱舅妈，今年实现了。不过感觉有点别扭，这个还是没有这个习惯，目前除了抱媳妇，抱闺女比较自然，哪怕是爸爸妈妈也不行，应该是缺失练习吧，从小就没有做过，双方都不习惯。</p></li><li><p>吵架：过年老 爸爸提前准备了很多的年货：自己灌的地方肠、蒸肉、炸疙瘩还有鸡蛋肉卷。这晚当村的侄子过来串门，老爸就用袋子给拿了些自己弄的年货。可能是拿多了吧，因为孙子和孙女要三十盒初一分两天来，需要的东西会多些，所以老妈发现东西不多了，就问老爸给那个侄子拿了多少，老爸很委屈，说就拿了一小兜，老妈上来就一顿好骂：「扯你jb蛋，我还不知道你，你不知道你孙子孙女还没来呢」。</p><p>小时候，妈妈娘家穷，妈妈需要帮衬姥姥家，特别是粮食，爸爸觉得自己俩儿子正是拿粮能吃的时候，怕自家孩子吃不饱，但是爸爸从来不说，就会板着脸，用妈妈的话，一板就是半个月，也不搭理人。</p><p>磕磕绊绊一辈子，这老两口也完成了对各自家的照顾，也把自己家的孩子养大，只留下满脸的褶皱，以及已经挺不直的腰板，就像西边无尽的远方的落日，虽然巨大但已经轻盈，在天际尽头飘浮、漂浮，已经不那么炙热，但仍然很红，红的仍然热眼。</p></li><li><p>聚餐：今年姨夫一家和舅妈家的表弟来家串门并一起聚聚。聚餐不免就要喝酒，姨夫和老爸一瓶江苏的地方老酒48度，我、表弟和姨弟一瓶50度的泸州老窖，也是珍藏了10多年。</p><p>男人一喝酒就开始话多，姨夫就开始缅怀过去的时光，对姨夫对爸爸说，咱老哥俩感情是没的说，到他们，说着指着我们，到他们仨这，感情就屁味了，接着就开始回忆过去日子如何互相帮衬，如何度过那段苦日子。</p><p>虽然是酒话，有没有道理呢。</p><p>肯定是对的，在姨夫和爸爸壮年的时候，家家都不好过，能吃上白面就是好日子，特别是姨夫，从山沟里面搬到县城，没有地没有正式工作，又生了二胎，不仅吃饭多了一张嘴还得交罚款，多亏了爸爸妈妈的帮衬，一起度过了那段时光。反观我、表弟和姨弟，除了小时候在一起玩过几年，后面上学、工作一年就见不到几面，感情必然是和老一辈儿的没法比.</p><p>那时候社会虽然分为了一个个家庭，一个个小家庭之间被血缘所链接，被亲情所填充、黏合、再生与变幻。面对生活的坑坑坎坎，哪些大雨和暴雪，它是一个个小家庭，也是一个大家庭，到底是是什么也不必分的清，也实在分不清。</p></li><li><p>改变：老叔家的二头儿，是个好吃懒做的人，喜欢拆东墙补西墙的人。儿子考上了大学，老妈说二头儿这几年可学好了，不仅干活踏实了，也对自己的老婆好了很多。</p><p>过年二头儿过来串门，说起规划，二头儿说「我还得拼五年，房子、车子得给儿子准备转备，我这辈子就这样了，得让我儿子过让好日子」。</p></li></ol><p>孩子是希望，是奔头，话放在什么时代、什么地方都是对的，因为每个家庭都这样过活着。</p>]]></content>
      
      
      <categories>
          
          <category> book </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 生活 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>从《遥远的救世主》，理解神和道</title>
      <link href="/2023/01/16/2023/202301/distant-savior/"/>
      <url>/2023/01/16/2023/202301/distant-savior/</url>
      
        <content type="html"><![CDATA[<p>《遥远的救世主》这是一本外貌与内涵严重不符的一本书，封面土的不行不行的，但它确实是一本好书。</p><p>从何说起呢？</p><p>我们经常看到的一句话：你所赚的每一分钱都是对这个世界认知的变现，人永远也赚不到超出自己认知之外的钱，除非靠运气，而靠运气赚的钱往往也会靠实力亏掉，这是一种必然。《遥远的救世主》就是，通过一个故事，讲述给大家听，当然哲学、人性、文化也是这本书的特点。</p><p>金融鬼才丁元英，用在德国募集的人民币两个亿资金，成立私募基金，用时不到一年就挣了将近两个亿，因内心的原因闭世于古城，与警察芮小丹相爱。因为音乐因唱片与音乐发烧友叶晓明、冯世杰、刘冰相识，不能说相识吧，这三个人用手段结识了高人–丁元英，想通过高人赚钱，改变人生。</p><p>丁元英因为芮小丹的缘故，同意了三个人的请求，成立了音响公司-格律诗，叶晓明、冯世杰、刘冰也成为了小股东。产品、专利、国外专业评测的认定书，一切都向好的时候，公司遇到了音响巨头林雨峰-音响界的传奇人物也是深圳乐盛音响制造有限公司董事长的商业诉讼，叶晓明、冯世杰、刘冰觉得公司没有一丝胜算，连夜撤股，而最终的结果是格律诗最终胜诉。</p><p>反观另外一个人，肖亚文—芮小丹的挚友，不仅在这个时候协助格律诗打官司，而且拿出全部身家入股格律诗。为什么？</p><p>这个书中有描述，肖亚文说：</p><blockquote><p>我的机会就在于败诉的风险，等打完官司，我就不该有机会了。如果可以胜诉以后再入股，以叶晓明他们的资历，他们理当比我有优先权。胜诉以后公司升值，如果按升值后的股价入股，我就得承担更多的负债；如果按现在的股价入股，我得到的就是叶晓明他们理当优先得到而没有得到的东西，我还不如人家来得光明磊落。所以，我的机会就在于败诉的风险，在于应诉之前。我本来就是个打工的，输了接着打工。对我来说，能有个往牌桌上凑的机会就已经很不错了。</p></blockquote><p>如果用一个词来形容这句话，<strong>认赌服输</strong>，我能得到股份，能有凑到牌桌上的机会，是因为我愿意承担败诉的风险。而叶晓明三人觉的请丁元英办公司自己有机会完成人生逆袭，而当危机来近，这个时候觉得会把自己的钱赔光，还得欠下一屁股债，怎么办？跑，于是连夜撤股。</p><p>文中把原因归结于文化属性—-弱势文化。在弱势文化属性下，对未知是充满恐惧的，害怕选择，害怕承担，心里总有一个靠字。所以追求稳定，害怕未知和风险。因为不了解客观规律，这些东西超出他们知识层面，所以很快就会慌，就会拆台，就会各种事情出来。</p><p>强势文化就是遵循事物规律的文化，弱势文化就是依赖强者的道德期望破格获取的文化，也是期望救主的文化。<br>遵循事物的规律是什么？就是让我们依靠自己的努力，凭借自己的智慧、凭借自己的劳动得到自己应该有的，这是我们的尊严所在。有尊严的获得劳动成果这就是强势文化。而弱势文化就是一种依靠别人的怜悯，依靠投机取巧，或者巧取豪夺获得的成果。弱势文化中生存的人，最大的特点就是内心不安定。</p><p>但是，我就是一个普通人，我的认知有限，公司、商业的事情我很多都是不了解的。这个时候怎么办？</p><p>书中的另外一个股东就是这样的人–欧阳雪，芮小丹最好的朋友。因为芮小丹而入股，入股的时候就算清楚了100万，是陪的起的底线。「我没有别的能耐，就会开饭店，这事成不成我都开我的饭店。」</p><p>「坚守饭店就能活命」、「只要芮小丹在，她就有个遇事可以商量的伴」，这是欧阳雪死守的傻理儿，也是她的「道」。</p><p><strong>神就是道，道就是规律，规律如来，容不得你思议，按规律办事的人就是神</strong>。</p><p>用孔子的一句来结尾吧，<strong>贫而乐道， 富而好礼</strong>。</p>]]></content>
      
      
      <categories>
          
          <category> book </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>写给2022年，你有哪些小改变</title>
      <link href="/2023/01/09/2023/202301/2022-summary/"/>
      <url>/2023/01/09/2023/202301/2022-summary/</url>
      
        <content type="html"><![CDATA[<p>1月 《你应该找个人聊聊》、《一句顶一万句》、《约翰克里斯朵夫》(上) </p><p>2月《寻找金福真》、《文城》、《蛤蟆先生看心里医生》、《十三邀3》、《鹿川有很多粪》 </p><p>3月《李诞脱口秀工作手册》《熟经济》《人世间》（1、2、3）、《阅读是一座随身携带的庇护所》 </p><p>4月《绝叫》《张居正》（1、2、3、4） </p><p>5月《论中国》《人间烟火：掩埋在历史里的日常与人生》 《人间词话七讲》 </p><p>6月 《流俗地》 《邓小平时代》《小词大雅》 </p><p>7月 《失落的卫星 : 深入中亚大陆的旅程》《十分钟冥想》 《清辞选讲》《一个冥想者的觉知书》 </p><p>8月 《第三人称单数》《王慧文清华产品课》《支付战争》 </p><p>9月 《有限游戏和无限游戏》《晚明》《小家大变局》 </p><p>10月《读书，带我去山外边的海》 《刘擎西方现代思想讲义》《打开一颗心》《家的模样》《拥抱可能》《长安的荔枝》</p><p> 11月《命运》《幸福之路》《我就是这样的女律师》《小家越住越大3》《拯救计划》 </p><p>12月《宇宙》《心里抚养》《皮囊》</p><p>年初的时候定的目标是2022年争取,对争取，读完36本书，现在2022一整年都过去了，数了一数，49本，超额完成了任务，还是有一点小惊喜。</p><p>这应该是我有生以来读的最多的一年，说明定目标还是有作用的，不是说必须完成，而是有了目标，就有了行动，动起来，总难免会带来惊喜。</p><p>因为数量确实超过了我每年的平均值，所以必然带了一些改变，比如说没事的时候就需要翻翻书，比如说没事就看看别人书的推荐，以便让心灵里不断种下要读书的小火苗。</p><p>又比如，原来最爱的地铁里面读书，也谈不上最爱吧，就是总觉得那个时候能够读进去，而又觉得是废物利用，好像赚到一样，一来二去，对地铁读书莫名就有了更多的好感。</p><p>今年又发现了一个好去处。去河边去林里，在炎热夏天的早晨，在寒冷冬天的下午，捧上一本书，赏花晒日，好不恰意。每次也不多，20-30页而已。</p><p>还有，今年又拾起了微信读书，而且发现了很多微信读书的好。</p><p>不说它可以随时随地的利用碎片时间，也不说他书海浩瀚且又免费，而是说它在读书过程中的交流。当读到动情处，你会看很多人，已经在划线处，已经再说自己的感动，说自己如何破防；当读到不解、不得要领的地方，页面里总有好人留下只言片语，以至于可以使自己能豁然开朗；但我最爱的引起童年记忆的只言片语，让我想起那段最初始的记忆，这时点开划线处，已经有几十人在谈论他们的童年，这感觉，就像什么，对，像十几个不同时空，不同乡音的小孩子，叽叽嚓嚓的说着自己最好玩的事情。</p><blockquote><p>初夏时节，无论是行走在乡间土路上，抑或是坐在月光朦胧的自家小院里，都会听到“算黄算割——算黄算割”的鸟叫声。</p></blockquote><blockquote><p>应该是四声杜鹃了，我们这里说它在叫“光棍儿好苦”，以前读到别的文章里写“割麦割谷”。也有人说“哥哥不苦哥哥不苦”，更有人说我们老家是，“张三拐姑，你在哪住，我在山后，你吃什么，我吃绿豆，香不？不香不臭，面个兜兜”</p></blockquote><p>什么叫四声杜鹃？</p><blockquote><p>杜鹃鸟是杜鹃科鸟类的通称，常见的有大杜鹃、三声杜鹃和四声杜鹃。大杜鹃叫声似“布谷、布谷”，所以又叫布谷鸟；三声杜鹃叫声似“米贵阳”，所以有些地方就叫它米贵阳；四声杜鹃又称子规鸟叫声似“快快割麦”、“割麦割谷”。</p></blockquote><p>是不是很有意思！</p><p>2022的你，有什么收货，快来分享吧。</p>]]></content>
      
      
      <categories>
          
          <category> Diary </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 收货 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>夜晚的脊梁，传神的比喻</title>
      <link href="/2023/01/05/2023/202301/figurative/"/>
      <url>/2023/01/05/2023/202301/figurative/</url>
      
        <content type="html"><![CDATA[<h3 id="夜晚的脊梁，传神的比喻"><a href="#夜晚的脊梁，传神的比喻" class="headerlink" title="夜晚的脊梁，传神的比喻"></a>夜晚的脊梁，传神的比喻</h3><p>生物学中有个原理，虽然算不上完美，但适用于不少场合。它叫「重演」，即胚胎在发育成熟的过程中再现物种的演化史。我相信人类在智力发展过程中也存在重演，会下意识地想古人之想。</p><p>生活在博茨瓦纳的克拉哈里沙漠的布须曼人，把夜晚横陈在头顶的银河叫做「夜空之脊」。布须曼人相信银河支撑起了夜晚，若非如此，黑暗的碎片就会落到地上。</p><p>于是，在一个黑的夜，我仰望星空，想起布须曼人夜空之脊之比喻，写下「夜晚掉下来了，碎了，散落到整个大地，我只好躲进屋里，躺在床上。」</p><p>夜晚的脊梁，这个比喻把感觉，把布须曼人对夜晚的感觉、看法通过一个简单的比喻传导给了读者，让读者在几千年后，面对星空，念着同样的字句，拥有了一样的感觉。</p><p>最近在看《好好告别》（原作名: With the end in mind），故事、文笔一流</p><blockquote><p>他指出她们观察到的情况；引领她们度过整个过程；让她们确信一切都在预料之中，一切都是安全的。领导所扮演的正是经验丰富的助产士的角色：在整个过程中与有关各方交谈，将他们安全送到预期的地方。这是一份赠予，它让女儿们参与整个过程，将来当她们回忆起离别时刻，就会明白，她们平静地待在心爱的妈妈旁边就是送给她的最后礼物。</p></blockquote><p>多么好的比喻，把姑息医生（帮助人面对死亡的医护人士）比喻为助产师。</p><p>如果说助产医师是保证我们生下来能发出那嘹亮的哭声，那么姑息医生是用专业的知识、合适的药物最大程度地让我们获得平静，安静地走完最后一程。</p><p>赞这个比喻！</p><p>有人说6G将能传递人类视觉、嗅觉、触觉、味觉，我想比喻就是文学的6G，传递的是情感和对世界的理解。</p>]]></content>
      
      
      <categories>
          
          <category> Diary </category>
          
      </categories>
      
      
        <tags>
            
            <tag> 阅读 </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>测试2</title>
      <link href="/2022/11/18/test2/"/>
      <url>/2022/11/18/test2/</url>
      
        <content type="html"><![CDATA[<p>javascript是一门充满活力、简单易用的语言，又是一门具有许多复杂微妙技术的语言。即使是经验丰富的javascript开发者，如果没有认真学习的话，也无法真正理解它们，这就是javascript的矛盾之处。由于javascript不必理解就可以使用，因此通常来说很难真正理解语言本身，这就是我们面临的挑战。不满足于只是让代码正常工作，而是想要弄清楚为什么，勇于挑战这条崎岖颠簸的少有人走的路，拥抱整个javascript</p><span id="more"></span><p>后面的内容在首页不显示，只显示到<!--more-->这里</p>]]></content>
      
      
      <categories>
          
          <category> about </category>
          
      </categories>
      
      
        <tags>
            
            <tag> test </tag>
            
        </tags>
      
    </entry>
    
    
    
    <entry>
      <title>测试</title>
      <link href="/2022/11/18/test/"/>
      <url>/2022/11/18/test/</url>
      
        <content type="html"><![CDATA[<p>**测ii试</p><p><img src="/img/test.jpeg" alt="header"></p>]]></content>
      
      
      <categories>
          
          <category> about </category>
          
      </categories>
      
      
        <tags>
            
            <tag> test </tag>
            
        </tags>
      
    </entry>
    
    
  
  
</search>