CGA-TSIG/e: Algorithms for Secure DNS Authentication and Optional DNS Confidentiality

Document Type Expired Internet-Draft (individual)
Authors Hosnieh Rafiee  , Christoph Meinel 
Last updated 2015-11-09 (latest revision 2015-05-08)
Replaces draft-rafiee-cga-tsig
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes a new mechanism for secure DNS authentication and a possible mechanism for DNS data confidentiality in various scenarios especially DNS resolvers. It also focuses on reducing human interaction during secure authentication and DNS message encryption. This document supports both IPv4 and IPv6 enabled networks.


Hosnieh Rafiee (
Christoph Meinel (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)