DNS Extensions (dnsext) Concluded WG

Document Date Status IPR AD / Shepherd
RFCs
RFC 2782 (was draft-ietf-dnsind-rfc2052bis)
A DNS RR for specifying the location of services (DNS SRV) Errata
2000-02
12 pages
Proposed Standard RFC
Updated by RFC6335
IETF RFC stream
RFC 2845 (was draft-ietf-dnsext-tsig)
Secret Key Transaction Authentication for DNS (TSIG)
2000-05
15 pages
Proposed Standard RFC
Updated by RFC3645, RFC4635, RFC6895
IETF RFC stream
RFC 2929 (was draft-ietf-dnsext-iana-dns)
Domain Name System (DNS) IANA Considerations
2000-09
12 pages
Best Current Practice RFC
Obsoleted by RFC5395
IETF RFC stream
RFC 2930 (was draft-ietf-dnsext-tkey)
Secret Key Establishment for DNS (TKEY RR)
2000-09
16 pages
Proposed Standard RFC
Updated by RFC6895
IETF RFC stream
RFC 2931 (was draft-ietf-dnsext-sig-zero)
DNS Request and Transaction Signatures ( SIG(0)s )
2000-09
10 pages
Proposed Standard RFC
WG Document
RFC 3007 (was draft-ietf-dnsext-simple-secure-update)
Secure Domain Name System (DNS) Dynamic Update
2000-11
9 pages
Proposed Standard RFC
Updated by RFC4033, RFC4034, RFC4035
IETF RFC stream
RFC 3008 (was draft-ietf-dnsext-signing-auth)
Domain Name System Security (DNSSEC) Signing Authority
2000-11
7 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
Updated by RFC3658
IETF RFC stream
RFC 3090 (was draft-ietf-dnsext-zone-status)
DNS Security Extension Clarification on Zone Status
2001-03
11 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
Updated by RFC3658
IETF RFC stream
RFC 3110 (was draft-ietf-dnsext-rsa)
RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS) Errata
2001-05
7 pages
Proposed Standard RFC
Updated by RFC6944
IETF RFC stream
RFC 3123 (was draft-ietf-dnsext-apl-rr)
A DNS RR Type for Lists of Address Prefixes (APL RR)
2001-06
8 pages
Experimental RFC
IETF RFC stream
RFC 3197 (was draft-ietf-dnsext-dnsmib-historical)
Applicability Statement for DNS MIB Extensions
2001-11
5 pages
Informational RFC
IETF RFC stream
RFC 3225 (was draft-ietf-dnsext-dnssec-okbit)
Indicating Resolver Support of DNSSEC
2001-12
6 pages
Proposed Standard RFC
Updated by RFC4033, RFC4034, RFC4035
IETF RFC stream
RFC 3226 (was draft-ietf-dnsext-message-size)
DNSSEC and IPv6 A6 aware server/resolver message size requirements Errata
2001-12
6 pages
Proposed Standard RFC
Updated by RFC4033, RFC4034, RFC4035
IETF RFC stream
RFC 3363 (was draft-ietf-dnsext-ipv6-addresses)
Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS) Errata
2002-08
6 pages
Informational RFC
Updated by RFC6672
IETF RFC stream

Thomas Narten

RFC 3364 (was draft-ietf-dnsext-ipv6-dns-tradeoffs)
Tradeoffs in Domain Name System (DNS) Support for Internet Protocol version 6 (IPv6) Errata
2002-08
11 pages
Informational RFC
IETF RFC stream

Thomas Narten

RFC 3425 (was draft-ietf-dnsext-obsolete-iquery)
Obsoleting IQUERY
2002-11
5 pages
Proposed Standard RFC
IETF RFC stream

Erik Nordmark

RFC 3445 (was draft-ietf-dnsext-restrict-key-for-dnssec)
Limiting the Scope of the KEY Resource Record (RR) Errata
2002-12
10 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
IETF RFC stream

Erik Nordmark

RFC 3596 (was draft-ietf-dnsext-rfc1886bis)
DNS Extensions to Support IP Version 6
2003-10
8 pages
Draft Standard RFC
IETF RFC stream

Erik Nordmark

RFC 3597 (was draft-ietf-dnsext-unknown-rrs)
Handling of Unknown DNS Resource Record (RR) Types Errata
2003-09
8 pages
Proposed Standard RFC
Updated by RFC4033, RFC4034, RFC4035, RFC5395, RFC6195, RFC6895
IETF RFC stream

Ralph Droms

RFC 3645 (was draft-ietf-dnsext-gss-tsig)
Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)
2003-10
26 pages
Proposed Standard RFC
IETF RFC stream

Erik Nordmark

RFC 3655 (was draft-ietf-dnsext-ad-is-secure)
Redefinition of DNS Authenticated Data (AD) bit
2003-11
8 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
IETF RFC stream

Erik Nordmark

RFC 3658 (was draft-ietf-dnsext-delegation-signer)
Delegation Signer (DS) Resource Record (RR)
2003-12
19 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
Updated by RFC3755
IETF RFC stream

Thomas Narten

RFC 3755 (was draft-ietf-dnsext-dnssec-2535typecode-change)
Legacy Resolver Compatibility for Delegation Signer (DS)
2004-05
9 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
Updated by RFC3757, RFC3845
IETF RFC stream

Thomas Narten

RFC 3757 (was draft-ietf-dnsext-keyrr-key-signing-flag)
Domain Name System KEY (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag Errata
2004-05
8 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
IETF RFC stream

Thomas Narten

RFC 3833 (was draft-ietf-dnsext-dns-threats)
Threat Analysis of the Domain Name System (DNS)
2004-08
16 pages
Informational RFC
IETF RFC stream

Thomas Narten

RFC 3845 (was draft-ietf-dnsext-nsec-rdata)
DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
2004-08
7 pages
Proposed Standard RFC
Obsoleted by RFC4033, RFC4034, RFC4035
IETF RFC stream

Thomas Narten

RFC 4033 (was draft-ietf-dnsext-dnssec-intro)
DNS Security Introduction and Requirements Errata
2005-03
21 pages
Proposed Standard RFC
Updated by RFC6014, RFC6840
IETF RFC stream
1

Thomas Narten

RFC 4034 (was draft-ietf-dnsext-dnssec-records)
Resource Records for the DNS Security Extensions Errata
2005-03
29 pages
Proposed Standard RFC
Updated by RFC4470, RFC6014, RFC6840, RFC6944
IETF RFC stream
2

Thomas Narten

RFC 4035 (was draft-ietf-dnsext-dnssec-protocol)
Protocol Modifications for the DNS Security Extensions Errata
2005-03
53 pages
Proposed Standard RFC
Updated by RFC4470, RFC6014, RFC6840
IETF RFC stream
1

Thomas Narten

RFC 4343 (was draft-ietf-dnsext-insensitive)
Domain Name System (DNS) Case Insensitivity Clarification Errata
2006-01
10 pages
Proposed Standard RFC
IETF RFC stream

Margaret Wasserman

RFC 4398 (was draft-ietf-dnsext-rfc2538bis)
Storing Certificates in the Domain Name System (DNS) Errata
2006-03
17 pages
Proposed Standard RFC
Updated by RFC6944
IETF RFC stream
1

Margaret Wasserman

RFC 4470 (was draft-ietf-dnsext-dnssec-online-signing)
Minimally Covering NSEC Records and DNSSEC On-line Signing Errata
2006-04
8 pages
Proposed Standard RFC
IETF RFC stream

Margaret Wasserman

RFC 4471 (was draft-ietf-dnsext-dns-name-p-s)
Derivation of DNS Name Predecessor and Successor
2006-09
23 pages
Experimental RFC
IETF RFC stream

Mark Townsley

RFC 4509 (was draft-ietf-dnsext-ds-sha256)
Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records (RRs) Errata
2006-05
7 pages
Proposed Standard RFC
IETF RFC stream

Margaret Wasserman

RFC 4592 (was draft-ietf-dnsext-wcard-clarify)
The Role of Wildcards in the Domain Name System Errata
2006-07
20 pages
Proposed Standard RFC
IETF RFC stream

Margaret Wasserman

RFC 4635 (was draft-ietf-dnsext-tsig-sha)
HMAC SHA (Hashed Message Authentication Code, Secure Hash Algorithm) TSIG Algorithm Identifiers Errata
2006-08
8 pages
Proposed Standard RFC
IETF RFC stream

Margaret Wasserman

RFC 4701 (was draft-ietf-dnsext-dhcid-rr)
A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol (DHCP) Information (DHCID RR) Errata
2006-10
12 pages
Proposed Standard RFC
Updated by RFC5494
IETF RFC stream

Margaret Wasserman

RFC 4795 (was draft-ietf-dnsext-mdns)
Link-local Multicast Name Resolution (LLMNR) Errata
2007-01
31 pages
Informational RFC
IETF RFC stream

Mark Townsley

RFC 4955 (was draft-ietf-dnsext-dnssec-experiments)
DNS Security (DNSSEC) Experiments
2007-07
7 pages
Proposed Standard RFC
IETF RFC stream

Mark Townsley

RFC 4956 (was draft-ietf-dnsext-dnssec-opt-in)
DNS Security (DNSSEC) Opt-In Errata
2007-07
17 pages
Experimental RFC
IETF RFC stream

Mark Townsley

RFC 4986 (was draft-ietf-dnsext-rollover-requirements)
Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover
2007-08
11 pages
Informational RFC
IETF RFC stream

Mark Townsley

RFC 5001 (was draft-ietf-dnsext-nsid)
DNS Name Server Identifier (NSID) Option
2007-08
11 pages
Proposed Standard RFC
IETF RFC stream

Mark Townsley

RFC 5011 (was draft-ietf-dnsext-trustupdate-timers)
Automated Updates of DNS Security (DNSSEC) Trust Anchors
2007-09
14 pages
Internet Standard RFC
IETF RFC stream
3

Mark Townsley

RFC 5155 (was draft-ietf-dnsext-nsec3)
DNS Security (DNSSEC) Hashed Authenticated Denial of Existence Errata
2008-03
52 pages
Proposed Standard RFC
Updated by RFC6840, RFC6944
IETF RFC stream
1

Mark Townsley

RFC 5395 (was draft-ietf-dnsext-2929bis)
Domain Name System (DNS) IANA Considerations Errata
2008-11
17 pages
Best Current Practice RFC
Obsoleted by RFC6195
IETF RFC stream

Mark Townsley

RFC 5452 (was draft-ietf-dnsext-forgery-resilience)
Measures for Making DNS More Resilient against Forged Answers
2009-01
18 pages
Proposed Standard RFC
IETF RFC stream

Mark Townsley

RFC 5625 (was draft-ietf-dnsext-dnsproxy)
DNS Proxy Implementation Guidelines
2009-08
12 pages
Best Current Practice RFC
IETF RFC stream

Ralph Droms

RFC 5702 (was draft-ietf-dnsext-dnssec-rsasha256)
Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC
2009-10
10 pages
Proposed Standard RFC
Updated by RFC6944
IETF RFC stream

Ralph Droms

RFC 5933 (was draft-ietf-dnsext-dnssec-gost)
Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
2010-07
9 pages
Proposed Standard RFC
Updated by RFC6944
WG Document

Ralph Droms

RFC 5936 (was draft-ietf-dnsext-axfr-clarify)
DNS Zone Transfer Protocol (AXFR)
2010-06
29 pages
Proposed Standard RFC
IETF RFC stream

Ralph Droms

RFC 5966 (was draft-ietf-dnsext-dns-tcp-requirements)
DNS Transport over TCP - Implementation Requirements
2010-08
7 pages
Proposed Standard RFC
IETF RFC stream

Ralph Droms

RFC 6014 (was draft-ietf-dnsext-dnssec-alg-allocation)
Cryptographic Algorithm Identifier Allocation for DNSSEC
2010-11
6 pages
Proposed Standard RFC
IETF RFC stream

Ralph Droms

RFC 6195 (was draft-ietf-dnsext-5395bis)
Domain Name System (DNS) IANA Considerations
2011-03
17 pages
Best Current Practice RFC
Obsoleted by RFC6895
IETF RFC stream

Ralph Droms

RFC 6604 (was draft-ietf-dnsext-xnamercode)
xNAME RCODE and Status Bits Clarification
2012-04
5 pages
Proposed Standard RFC
WG Document

Ralph Droms

RFC 6605 (was draft-ietf-dnsext-ecdsa)
Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC
2012-04
8 pages
Proposed Standard RFC
WG Document
1

Ralph Droms

RFC 6672 (was draft-ietf-dnsext-rfc2672bis-dname)
DNAME Redirection in the DNS
2012-06
22 pages
Proposed Standard RFC
WG Document

Ralph Droms

ajs@crankycanuck.ca
RFC 6725 (was draft-ietf-dnsext-dnssec-registry-update)
DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates
2012-08
5 pages
Proposed Standard RFC
Submitted to IESG for Publication

Ralph Droms

RFC 6840 (was draft-ietf-dnsext-dnssec-bis-updates)
Clarifications and Implementation Notes for DNS Security (DNSSEC) Errata
2013-02
21 pages
Proposed Standard RFC
Submitted to IESG for Publication

Ralph Droms

ajs@crankycanuck.ca
RFC 6891 (was draft-ietf-dnsext-rfc2671bis-edns0)
Extension Mechanisms for DNS (EDNS(0)) Errata
2013-04
16 pages
Internet Standard RFC
Waiting for WG Chair Go-Ahead

Ralph Droms

RFC 6895 (was draft-ietf-dnsext-rfc6195bis)
Domain Name System (DNS) IANA Considerations
2013-04
19 pages
Best Current Practice RFC
WG Document

Ralph Droms

RFC 6944 (was draft-ietf-dnsext-dnssec-algo-imp-status)
Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status Errata
2013-04
7 pages
Proposed Standard RFC
Submitted to IESG for Publication

Ralph Droms

RFC 6975 (was draft-ietf-dnsext-dnssec-algo-signal)
Signaling Cryptographic Algorithm Understanding in DNS Security Extensions (DNSSEC)
2013-07
9 pages
Proposed Standard RFC
WG Document

Ted Lemon

Document Date Status IPR AD / Shepherd