Skip to main content

Revised IANA Considerations for DNSSEC

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: The IESG <>,,,,,,
Subject: Protocol Action: 'Revised IANA Considerations for DNSSEC' to Proposed Standard (draft-ietf-dnsop-dnssec-iana-cons-05.txt)

The IESG has approved the following document:
- 'Revised IANA Considerations for DNSSEC'
  (draft-ietf-dnsop-dnssec-iana-cons-05.txt) as Proposed Standard

This document is the product of the Domain Name System Operations Working

The IESG contact persons are Warren Kumari and Robert Wilton.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   This document changes the review requirements needed to get DNSSEC
   algorithms and resource records added to IANA registries.  It updates
   RFC 6014 to include hash algorithms for DS records and NSEC3
   parameters.  It also updates RFC 5155 and RFC 6014, which have
   requirements for DNSSEC algorithms, and updates RFC 8624 to say that
   algorithms that are described in RFCs that are not on standards track
   are only at the "MAY" level of implementation recommendation.  The
   rationale for these changes is to bring the requirements for DS
   records and for the hash algorithms used in NSEC3 in line with the
   requirements for all other DNSSEC algorithms.

Working Group Summary

 There was a lot of debate and discussion when it was first introduced. There was a feeling that loosening the requirements on adding new DNSSEC algorithms would lead to algorithms not getting implemented, algorithms designed around national/"vanity" crypto, etc.
This was resolved with some discussion.

Document Quality

   The document changes the registration policy for an IANA registry, to better align with other registries.
   It is a process document and so there are no implementations, it is written appropriately for the intended audience, etc. 


 Tim Wicinski is the DS
 Warren Kumari is RAD! (nope, still not old...)

RFC Editor Note