Skip to main content

DNS Security (DNSSEC) DNSKEY Algorithm IANA Registry Updates

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Roy Arends , Jakob Schlyter , Matt Larson
Last updated 2017-09-14 (Latest revision 2017-03-13)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The DNS Security Extensions (DNSSEC) require the use of cryptographic algorithm suites for generating digital signatures and cryptographic hashes over DNS data. The algorithms specified for use with DNSSEC are reflected in IANA registries. This document updates some entries in these registries. The main reason for these updates is to retire the use of SHA1.


Roy Arends
Jakob Schlyter
Matt Larson

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)