Deprecated HMAC MD5 in TSIG

Document Type Replaced Internet-Draft (individual)
Author Francis Dupont 
Last updated 2008-10-27 (latest revision 2008-05-11)
Replaced by draft-ietf-dnsext-tsig-md5-deprecated
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-dnsext-tsig-md5-deprecated
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The goal of this document is to deprecate the usage of HMAC MD5 as an algorithm for the TSIG (secret key transaction authentication) resource record in the DNS (domain name system).


Francis Dupont (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)