The EDNS Key Tag Option
draft-wessels-edns-key-tag-00
| Document | Type | Replaced Internet-Draft (dnsop WG) | |
|---|---|---|---|
| Author | Duane Wessels | ||
| Last updated | 2015-12-05 (Latest revision 2015-07-29) | ||
| Replaced by | RFC 8145 | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Proposed Standard | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Stream | WG state | Adopted by a WG | |
| Document shepherd | Tim Wicinski | ||
| IESG | IESG state | Replaced by draft-ietf-dnsop-edns-key-tag | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | "Tim Wicinski" <tjw.ietf@gmail.com> |
https://www.ietf.org/archive/id/draft-wessels-edns-key-tag-00.txt
Abstract
The DNS Security Extensions (DNSSEC) were developed to provide origin authentication and integrity protection for DNS data by using digital signatures. These digital signatures can be verified by building a chain-of-trust starting from a trust anchor and proceeding down to a particular node in the DNS. This document specifies a way for validating end-system resolvers to signal to a server which keys are referenced in their chain-of-trust. The extensions allow zone administrators to monitor the progress of rollovers in a DNSSEC- signed zone.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)