The Trust Anchor Key Renewal Method Applied to DNS Security (TAKREM-DNSSEC)

Document Type Expired Internet-Draft (individual)
Last updated 2006-04-26
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document provides an authentication scheme based on the generic SDDA-RR mechanism (SEP DNSKEY Direct Authenticator DNS Resource Record). The result is an automated key rollover mechanism for trust anchor keys. This represents additional security protocol elements to the DNS Security Extensions (DNSSEC) in the area of key management support functions for the DNS root zone and islands of trust.


Thierry Moreau (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)