Skip to main content

Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC

Document Type Expired Internet-Draft (dnsop WG)
Authors Dmitry Belyavsky , Vasily Dolmatov
Last updated 2022-05-16 (Latest revision 2021-11-12)
Replaces draft-belyavskiy-rfc5933-bis, draft-dnsop-rfc5933-bis
Stream Internet Engineering Task Force (IETF)
Intended RFC status Informational
Expired & archived
plain text html xml htmlized pdfized bibtex
Stream WG state In WG Last Call
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:


This document describes how to produce digital signatures and hash functions using the GOST R 34.10-2012 and GOST R 34.11-2012 algorithms for DNSKEY, RRSIG, and DS resource records, for use in the Domain Name System Security Extensions (DNSSEC). This document obsoletes RFC 5933 and updates RFC 8624.


Dmitry Belyavsky
Vasily Dolmatov

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)