Skip to main content

Measures to prevent DNS spoofing

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Bert Hubert , Remco van Mook
Last updated 2006-08-15
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


The current internet climate poses serious threats to the Domain Name System. In the interim period before the DNS protocol can be secured more fully, measures can be taken to make 'spoofing' a recursing nameserver can be made many orders of magnitude harder. This document sets out how to achieve this improved security.


Bert Hubert
Remco van Mook

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)