Skip to main content

Survey of Domain Verification Techniques using DNS

Document Type Replaced Internet-Draft (dnsop WG)
Expired & archived
Authors Shivan Kaul Sahib , Shumon Huque , Paul Wouters
Last updated 2022-07-27 (Latest revision 2022-03-07)
Replaced by draft-ietf-dnsop-domain-verification-techniques
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Adopted by a WG
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-dnsop-domain-verification-techniques
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Many services on the Internet need to verify ownership or control of a domain in the Domain Name System (DNS) [RFC1034] [RFC1035]. This verification is often done by requesting a specific DNS record to be visible in the domain. This document surveys various techniques in wide use today, the pros and cons of each, and proposes some practises to avoid known problems.


Shivan Kaul Sahib
Shumon Huque
Paul Wouters

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)