The EDNS Key Tag Option
draft-wessels-edns-key-tag-00

Document Type Replaced Internet-Draft (dnsop WG)
Last updated 2015-12-05 (latest revision 2015-07-29)
Replaced by draft-ietf-dnsop-edns-key-tag
Stream IETF
Intended RFC status Proposed Standard
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state Adopted by a WG
Document shepherd Tim Wicinski
IESG IESG state Replaced by draft-ietf-dnsop-edns-key-tag
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to "Tim Wicinski" <tjw.ietf@gmail.com>

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-wessels-edns-key-tag-00.txt

Abstract

The DNS Security Extensions (DNSSEC) were developed to provide origin authentication and integrity protection for DNS data by using digital signatures. These digital signatures can be verified by building a chain-of-trust starting from a trust anchor and proceeding down to a particular node in the DNS. This document specifies a way for validating end-system resolvers to signal to a server which keys are referenced in their chain-of-trust. The extensions allow zone administrators to monitor the progress of rollovers in a DNSSEC- signed zone.

Authors

Duane Wessels (dwessels@verisign.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)