Skip to main content

Algorithm Implementation Requirements and Usage Guidance for DNSSEC

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc:, The IESG <>,,, Tim Wicinski <>,,,
Subject: Protocol Action: 'Algorithm Implementation Requirements and Usage Guidance for DNSSEC' to Proposed Standard (draft-ietf-dnsop-algorithm-update-10.txt)

The IESG has approved the following document:
- 'Algorithm Implementation Requirements and Usage Guidance for DNSSEC'
  (draft-ietf-dnsop-algorithm-update-10.txt) as Proposed Standard

This document is the product of the Domain Name System Operations Working

The IESG contact persons are Warren Kumari and Ignas Bagdonas.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   The DNSSEC protocol makes use of various cryptographic algorithms in
   order to provide authentication of DNS data and proof of non-
   existence.  To ensure interoperability between DNS resolvers and DNS
   authoritative servers, it is necessary to specify a set of algorithm
   implementation requirements and usage guidelines to ensure that there
   is at least one algorithm that all implementations support.  This
   document defines the current algorithm implementation requirements
   and usage guidance for DNSSEC.  This document obsoletes [RFC6944].

Working Group Summary

   The Working Group did not have any controversy on this document. 
  There was discussion around the 2119 Normative terms as this draft
  This did not cause any problems gaining consensus 

Document Quality

  Document is very concise and informative as it updates the 
  list of recommendations for DNSKEY algorithms.

  The document (currently) has a section listing which
  implementations support with algorithms / requirements. 


   Document Shepherd? Tim Wicinski
   Responsible Area Director?  Warren Kumari

RFC Editor Note

RFC Editor Note

Please remove section 4 "Implementation Status" plus all references to 
[RFC7942] prior to publication as an RFC.