datatracker.ietf.org
Sign In
Version 4.50, 2013-05-15
Report a bug

Threat Analysis of the Domain Name System (DNS)
draft-ietf-dnsext-dns-threats-07

RFC
Document Stream: IETF
Last updated: 2004-04-05
Intended RFC status: Informational
Other versions: (expired, archived): plain text, pdf, html
Document shepherd:(None)
Shepherd writeup
Consensus:Unknown
IESG State: RFC 3833
Responsible AD: Thomas Narten
Send notices to: <sra@hactrn.net>,<derek@ihtfp.com>,<ogud@ogud.com>,<okolkman@ripe.net>

This Internet-Draft is no longer active. Unofficial copies of old Internet-Drafts can be found here:
http://tools.ietf.org/id/draft-ietf-dnsext-dns-threats.

Abstract:
Although the DNS Security Extensions (DNSSEC) have been under development for most of the last decade, the IETF has never written down the specific set of threats against which DNSSEC is designed to protect. Among other drawbacks, this cart-before-the-horse situation has made it difficult to determine whether DNSSEC meets its design goals, since its design goals are not well specified. This note attempts to document some of the known threats to the DNS, and, in doing so, attempts to measure to what extent (if any) DNSSEC is a useful tool in defending against these threats. This memo provides information for the Internet community.

Authors:
Derek Atkins <derek@ihtfp.com>
Rob Austein <sra@isc.org>

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid)